001: /*
002:
003: This software is OSI Certified Open Source Software.
004: OSI Certified is a certification mark of the Open Source Initiative.
005:
006: The license (Mozilla version 1.0) can be read at the MMBase site.
007: See http://www.MMBase.org/license
008:
009: */
010: package org.mmbase.security.implementation.basic;
011:
012: import java.util.Map;
013: import java.io.File;
014:
015: import org.mmbase.security.Rank;
016:
017: import org.mmbase.util.ExtendedProperties;
018: import org.mmbase.util.logging.Logger;
019: import org.mmbase.util.logging.Logging;
020:
021: /**
022: * Simple implemetation, to provide authentication from files...
023: * @javadoc
024: * @author Eduard Witteveen
025: * @version $Id: FileLoginModule.java,v 1.7 2008/01/10 14:12:24 michiel Exp $
026: */
027: public class FileLoginModule implements LoginModule {
028: private static Logger log = Logging
029: .getLoggerInstance(FileLoginModule.class.getName());
030: private File configFile = null;
031:
032: public void load(Map<String, Object> properties) {
033: String passwordFile = (String) properties.get("file");
034:
035: if (passwordFile == null || passwordFile.equals("")) {
036: configFile = new File(org.mmbase.module.core.MMBaseContext
037: .getConfigPath()
038: + java.io.File.separator + "accounts.properties");
039: log
040: .warn("property file not specified, now using as config file :"
041: + configFile);
042: } else {
043: configFile = new File(passwordFile);
044: }
045:
046: if (!configFile.isAbsolute()) {
047: File parentFile = (File) properties.get("_parentFile");
048: log.debug("" + configFile.getPath() + " is not absolute.");
049: configFile = new File(parentFile.getParent()
050: + File.separator + configFile.getPath());
051: log.debug("Trying " + configFile.getAbsolutePath());
052: }
053:
054: log
055: .debug("trying to load file login modules with password file:"
056: + configFile.getAbsolutePath());
057:
058: if (!configFile.exists()) {
059: log.error("file: '" + configFile + "' did not exist.");
060: throw new org.mmbase.security.SecurityException("file: '"
061: + configFile + "' did not exist.");
062: }
063: if (!configFile.isFile()) {
064: log.error("file: '" + configFile + "' is not a file.");
065: throw new org.mmbase.security.SecurityException("file: '"
066: + configFile + "' is not a file.");
067: }
068: if (!configFile.canRead()) {
069: log.error("file: '" + configFile + "' is not readable.");
070: throw new org.mmbase.security.SecurityException("file: '"
071: + configFile + "' is not readable.");
072: }
073: log.debug("file login loaded");
074: }
075:
076: public boolean login(NameContext user,
077: Map<String, Object> loginInfo, Object[] parameters) {
078: if (!loginInfo.containsKey("username"))
079: throw new org.mmbase.security.SecurityException(
080: "key 'username' not found in login information");
081: if (!loginInfo.containsKey("password"))
082: throw new org.mmbase.security.SecurityException(
083: "key 'password' not found in login information");
084: ExtendedProperties reader = new ExtendedProperties();
085:
086: log.debug("reading accounts from " + configFile);
087: java.util.Hashtable accounts = reader.readProperties(configFile
088: .getAbsolutePath());
089:
090: if (accounts == null) {
091: log.error("Could not find accounts!");
092: }
093:
094: // do a list with usernames and passwords...
095: log.debug("There are " + accounts.size()
096: + " users which can logon to our system");
097: if (!accounts.containsKey(loginInfo.get("username"))) {
098: log.debug("username: '" + loginInfo.get("username")
099: + "' not found");
100: return false;
101: }
102: String neededPass = (String) accounts.get(loginInfo
103: .get("username"));
104: if (!neededPass.equals(loginInfo.get("password"))) {
105: log
106: .debug("username/password combination invalid(in HashTable values user:'"
107: + loginInfo.get("username")
108: + "' password:'"
109: + loginInfo.get("password") + "')");
110: return false;
111: }
112:
113: // set the identifier
114: user.setIdentifier((String) loginInfo.get("username"));
115:
116: // Admins are admins
117: if ("admin".equals(loginInfo.get("username"))) {
118: user.setRank(Rank.getRank("administrator"));
119: }
120:
121: log.info("user: '" + loginInfo.get("username")
122: + "' passed this login module");
123: return true;
124: }
125: }
|