001: /*
002: * Copyright (c) 1998-2008 Caucho Technology -- all rights reserved
003: *
004: * This file is part of Resin(R) Open Source
005: *
006: * Each copy or derived work must preserve the copyright notice and this
007: * notice unmodified.
008: *
009: * Resin Open Source is free software; you can redistribute it and/or modify
010: * it under the terms of the GNU General Public License as published by
011: * the Free Software Foundation; either version 2 of the License, or
012: * (at your option) any later version.
013: *
014: * Resin Open Source is distributed in the hope that it will be useful,
015: * but WITHOUT ANY WARRANTY; without even the implied warranty of
016: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
017: * of NON-INFRINGEMENT. See the GNU General Public License for more
018: * details.
019: *
020: * You should have received a copy of the GNU General Public License
021: * along with Resin Open Source; if not, write to the
022: * Free SoftwareFoundation, Inc.
023: * 59 Temple Place, Suite 330
024: * Boston, MA 02111-1307 USA
025: *
026: * @author Scott Ferguson
027: */
028:
029: package com.caucho.server.admin;
030:
031: import com.caucho.config.*;
032: import com.caucho.security.BasicPrincipal;
033: import com.caucho.server.security.*;
034: import com.caucho.util.*;
035:
036: import java.security.Principal;
037: import java.util.*;
038: import java.util.logging.*;
039:
040: /**
041: * Special authenticator for management
042: */
043: public class ManagementAuthenticator extends
044: AbstractPasswordAuthenticator {
045: private static final Logger log = Logger
046: .getLogger(ManagementAuthenticator.class.getName());
047:
048: private TreeMap<String, PasswordUser> _userMap = new TreeMap<String, PasswordUser>();
049:
050: private String _remoteCookie;
051:
052: /**
053: * Adds a password user from the configuration.
054: */
055: public void addUser(String name, PasswordUser user) {
056: _userMap.put(name, user);
057: _remoteCookie = null;
058: }
059:
060: /**
061: * Returns the PasswordUser
062: */
063: @Override
064: protected PasswordUser getUser(String userName) {
065: if (userName == null)
066: return null;
067:
068: // The caller should clear the password in the returned PasswordUser,
069: // so we need to return a copy
070: PasswordUser user = _userMap.get(userName);
071:
072: if (user != null)
073: return user.copy();
074: else
075: return null;
076: }
077:
078: /**
079: * Creates a cookie based on the user hash.
080: */
081: public String getHash() {
082: if (_remoteCookie == null) {
083: long crc64 = 0;
084:
085: for (PasswordUser user : _userMap.values()) {
086: if (user.isDisabled())
087: continue;
088:
089: String item = (user.getPrincipal().getName() + ":" + new String(
090: user.getPassword()));
091:
092: crc64 = Crc64.generate(crc64, item);
093: }
094:
095: if (crc64 != 0) {
096: CharBuffer cb = new CharBuffer();
097: Base64.encode(cb, crc64);
098:
099: _remoteCookie = cb.toString();
100: }
101: }
102:
103: return _remoteCookie;
104: }
105: }
|