001: /*
002: * JOSSO: Java Open Single Sign-On
003: *
004: * Copyright 2004-2008, Atricore, Inc.
005: *
006: * This is free software; you can redistribute it and/or modify it
007: * under the terms of the GNU Lesser General Public License as
008: * published by the Free Software Foundation; either version 2.1 of
009: * the License, or (at your option) any later version.
010: *
011: * This software is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this software; if not, write to the Free
018: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
019: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
020: */
021: package org.josso.auth;
022:
023: import org.apache.commons.logging.Log;
024: import org.apache.commons.logging.LogFactory;
025: import org.josso.auth.exceptions.AuthenticationFailureException;
026: import org.josso.auth.exceptions.SSOAuthenticationException;
027: import org.josso.auth.scheme.AuthenticationScheme;
028:
029: import javax.security.auth.Subject;
030: import java.security.Principal;
031: import java.util.List;
032: import java.util.ArrayList;
033:
034: /**
035: * This is the default authenticator implementation.
036: *
037: * TODO : Support multiple authentication schemes, using config info.
038: *
039: * @author <a href="mailto:sgonzalez@josso.org">Sebastian Gonzalez Oyuela</a>
040: * @version $Id: AuthenticatorImpl.java 508 2008-02-18 13:32:29Z sgonzalez $
041: */
042:
043: public class AuthenticatorImpl implements Authenticator {
044:
045: private static final Log logger = LogFactory
046: .getLog(AuthenticatorImpl.class);
047:
048: private long _authCount;
049: private long _authFailures;
050:
051: // Prototype instance for authentication scheme.
052: private AuthenticationScheme[] _as;
053:
054: /**
055: * Validates user identity. Populates the Subject with Principal and Credential information.
056: *
057: * @param credentials the credentials to be checked
058: * @param schemeName the authentication scheme to be used to check the supplied credentials.
059: */
060: public Subject check(Credential[] credentials, String schemeName)
061: throws SSOAuthenticationException {
062:
063: // Initialize the AuthenticationScheme
064: Subject s = new Subject();
065: AuthenticationScheme scheme = getScheme(schemeName);
066: scheme.initialize(credentials, s);
067:
068: if (scheme.authenticate()) {
069: scheme.confirm();
070: _authCount++;
071: } else {
072: scheme.cancel();
073: _authFailures++;
074:
075: throw new AuthenticationFailureException(scheme
076: .getPrincipal().getName());
077: }
078:
079: return s;
080: }
081:
082: public Credential newCredential(String schemeName, String name,
083: Object value) throws SSOAuthenticationException {
084: return getScheme(schemeName).newCredential(name, value);
085: }
086:
087: public Principal getPrincipal(String schemeName,
088: Credential[] credentials) {
089: return getScheme(schemeName).getPrincipal(credentials);
090: }
091:
092: /**
093: * A prototype instance of the used authentication scheme is injected.
094: * This isntance will be cloned for each authentication process.
095: */
096: public void setAuthenticationSchemes(AuthenticationScheme[] as) {
097:
098: for (int i = 0; i < as.length; i++) {
099: AuthenticationScheme a = as[i];
100: logger.info("[setAuthenticationScheme()] : " + a.getName()
101: + "," + a.getClass().getName());
102: }
103: _as = as;
104: }
105:
106: public AuthenticationScheme[] getAuthenticationSchemes() {
107: return this ._as;
108: }
109:
110: public long getAuthCount() {
111: return _authCount;
112: }
113:
114: public long getAuthFailures() {
115: return _authFailures;
116: }
117:
118: // --------------------------------------------------------------
119: // Protected utils
120: // --------------------------------------------------------------
121:
122: /**
123: * This method clones the configured authentication scheme because
124: * authentication schemes are not thread safe. It's a "prototype" pattern.
125: *
126: * @param schemeName the name of the authentication scheme to instantiate.
127: * @return the cloned AuthenticationScheme
128: */
129: protected AuthenticationScheme getScheme(String schemeName) {
130: for (int i = 0; i < _as.length; i++) {
131: AuthenticationScheme a = _as[i];
132: if (a.getName().equals(schemeName))
133: return (AuthenticationScheme) a.clone();
134: }
135:
136: return null;
137: }
138:
139: }
|