001: /*
002:
003: This software is OSI Certified Open Source Software.
004: OSI Certified is a certification mark of the Open Source Initiative.
005:
006: The license (Mozilla version 1.0) can be read at the MMBase site.
007: See http://www.MMBase.org/license
008:
009: */
010: package org.mmbase.security.implementation.context;
011:
012: import org.mmbase.security.*;
013: import org.mmbase.security.SecurityException;
014:
015: import java.util.Map;
016:
017: import org.w3c.dom.*;
018:
019: import javax.xml.xpath.*;
020:
021: import org.mmbase.util.logging.Logger;
022: import org.mmbase.util.logging.Logging;
023:
024: /**
025: * Class ContextLoginModule
026: * @javadoc
027: *
028: * @author Eduard Witteveen
029: * @version $Id: ContextLoginModule.java,v 1.22 2008/01/10 14:12:24 michiel Exp $
030: */
031:
032: public abstract class ContextLoginModule {
033: private static final Logger log = Logging
034: .getLoggerInstance(ContextLoginModule.class);
035:
036: private Document document;
037: private long validKey;
038: private String name;
039: private MMBaseCop manager;
040:
041: public void load(Document document, long validKey, String name,
042: MMBaseCop manager) throws SecurityException {
043: this .document = document;
044: this .validKey = validKey;
045: this .name = name;
046: this .manager = manager;
047: }
048:
049: public abstract ContextUserContext login(
050: Map<String, Object> userLoginInfo, Object[] userParameters)
051: throws SecurityException;
052:
053: protected ContextUserContext getValidUserContext(String username,
054: Rank rank) throws SecurityException {
055: return new ContextUserContext(username, rank, validKey,
056: manager, name);
057: }
058:
059: protected Rank getRank(String username) throws SecurityException {
060: return getRank(username, name);
061: }
062:
063: /**
064: * @since MMBase-1.8
065: */
066: protected Rank getRank(final String username,
067: final String identifyType) throws SecurityException {
068: final String xpath;
069: if (identifyType != null) {
070: xpath = "/contextconfig/accounts/user[@name='" + username
071: + "']/identify[@type='" + identifyType + "']";
072: } else {
073: xpath = "/contextconfig/accounts/user[@name='" + username
074: + "']/identify";
075: }
076: if (log.isDebugEnabled()) {
077: log.debug("going to execute the query: " + xpath);
078: }
079: Node found;
080: try {
081: XPath xp = XPathFactory.newInstance().newXPath();
082: found = (Node) xp.evaluate(xpath, document,
083: XPathConstants.NODE);
084: } catch (XPathExpressionException xe) {
085: throw new java.lang.SecurityException(
086: "error executing query: '" + xpath + "' ", xe);
087: }
088: if (found == null) {
089: log.warn("user '" + username
090: + "' was not found for module: " + name);
091: return null;
092: }
093:
094: // retrieve the rank...
095: NamedNodeMap nnm = found.getAttributes();
096: Node rankNode = nnm.getNamedItem("rank");
097: Rank rank = Rank.getRank(rankNode.getNodeValue());
098: if (log.isDebugEnabled())
099: log.debug("retrieved the rank for user:" + username
100: + " in module: " + name + " rank: " + rank);
101: return rank;
102: }
103:
104: /**
105: * Gets accounts for this authentication module
106: * @since MMBase-1.8
107: */
108: protected Element getAccount(String userName)
109: throws SecurityException {
110: return getAccount(userName, name, null);
111: }
112:
113: /**
114: * @deprecated Use {@link #getAccount}
115: */
116: protected String getModuleValue(String userName)
117: throws SecurityException {
118: Element node = getAccount(userName, name, null);
119: if (node == null)
120: return null;
121: // now we have to retrieve the value of the node.
122: return org.mmbase.util.xml.DocumentReader
123: .getNodeTextValue(node);
124: }
125:
126: /**
127: * Search an account for a given user name and identify type (the 'module').
128: * @return The user Element.
129: * @since MMBase-1.8
130: */
131: protected Element getAccount(final String userName,
132: final String identifyType, final String rank)
133: throws SecurityException {
134: String userCons = "";
135: if (userName != null) {
136: userCons = "[@name='" + userName + "']";
137: }
138: final String xpath;
139: if (identifyType != null
140: || (rank != null && !"anonymous".equals(rank))) {
141: StringBuffer identifyCons = new StringBuffer();
142: if (identifyType != null) {
143: identifyCons.append("@type='").append(identifyType)
144: .append("'");
145: }
146: if (rank != null) {
147: if (identifyCons.length() > 0)
148: identifyCons.append(" and ");
149: identifyCons.append("@rank='").append(rank).append("'");
150: }
151: xpath = "/contextconfig/accounts/user" + userCons
152: + "/identify[" + identifyCons + "]";
153: } else {
154: xpath = "/contextconfig/accounts/user" + userCons;
155: }
156:
157: if (log.isDebugEnabled()) {
158: log.debug("going to execute the query: " + xpath);
159: }
160:
161: final Element found;
162: XPath xp = XPathFactory.newInstance().newXPath();
163: try {
164: found = (Element) xp.evaluate(xpath, document,
165: XPathConstants.NODE);
166: } catch (XPathExpressionException xe) {
167: throw new java.lang.SecurityException(
168: "error executing query: '" + xpath + "' ", xe);
169: }
170:
171: if (found == null) {
172: if (rank != null) {
173: log.warn("No user with rank '"
174: + rank
175: + "' "
176: + (userName != null ? "and username '"
177: + userName + "'" : "")
178: + "was not found for identify type: '"
179: + identifyType + "'");
180: } else {
181: log.warn("No user with username '" + userName
182: + "' was not found for identify type: '"
183: + identifyType + "'");
184: }
185: return null;
186: }
187: if (identifyType != null || rank != null) {
188: return (Element) found.getParentNode();
189: } else {
190: return found;
191: }
192: }
193: }
|