001: /*
002: * Copyright (c) 1998-2008 Caucho Technology -- all rights reserved
003: *
004: * This file is part of Resin(R) Open Source
005: *
006: * Each copy or derived work must preserve the copyright notice and this
007: * notice unmodified.
008: *
009: * Resin Open Source is free software; you can redistribute it and/or modify
010: * it under the terms of the GNU General Public License as published by
011: * the Free Software Foundation; either version 2 of the License, or
012: * (at your option) any later version.
013: *
014: * Resin Open Source is distributed in the hope that it will be useful,
015: * but WITHOUT ANY WARRANTY; without even the implied warranty of
016: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
017: * of NON-INFRINGEMENT. See the GNU General Public License for more
018: * details.
019: *
020: * You should have received a copy of the GNU General Public License
021: * along with Resin Open Source; if not, write to the
022: * Free SoftwareFoundation, Inc.
023: * 59 Temple Place, Suite 330
024: * Boston, MA 02111-1307 USA
025: *
026: * @author Scott Ferguson
027: */
028:
029: package com.caucho.server.security;
030:
031: import com.caucho.config.*;
032: import com.caucho.security.BasicPrincipal;
033: import com.caucho.util.Alarm;
034: import com.caucho.vfs.Depend;
035: import com.caucho.vfs.Path;
036:
037: import javax.annotation.PostConstruct;
038: import javax.servlet.ServletContext;
039: import javax.servlet.ServletException;
040: import javax.servlet.http.HttpServletRequest;
041: import javax.servlet.http.HttpServletResponse;
042: import java.security.Principal;
043: import java.util.Hashtable;
044: import java.util.logging.*;
045:
046: /**
047: * The XML authenticator reads a static file for authentication.
048: *
049: * <code><pre>
050: * <authenticator url="xml:path=WEB-INF/users.xml"/>
051: * </pre></code>
052: *
053: * <p>The format of the static file is as follows:
054: *
055: * <code><pre>
056: * <users>
057: * <user name="h.potter" password="quidditch" roles="user,captain"/>
058: * ...
059: * </users>
060: * </pre></code>
061: *
062: * <p>The authenticator can also be configured in the resin-web.xml:
063: *
064: * <code><pre>
065: * <authenticator url="xml:password-digest=none">
066: * <init>
067: * <user name="Harry Potter" password="quidditch" roles="user,captain"/>
068: * </init>
069: * </authenticator>
070: * </pre></code>
071: */
072: public class XmlAuthenticator extends AbstractPasswordAuthenticator {
073: private static final Logger log = Logger
074: .getLogger(XmlAuthenticator.class.getName());
075:
076: private Path _path;
077: private Hashtable<String, PasswordUser> _userMap = new Hashtable<String, PasswordUser>();
078:
079: private Depend _depend;
080: private long _lastCheck;
081:
082: /**
083: * Sets the path to the XML file.
084: */
085: public void setPath(Path path) {
086: _path = path;
087: }
088:
089: /**
090: * Gets the path to the XML file.
091: */
092: public Path getPath() {
093: return _path;
094: }
095:
096: /**
097: * Adds a user from the configuration.
098: *
099: * <pre>
100: * <init user='Harry Potter:quidditch:user,webdav'/>
101: * </pre>
102: */
103: public void addUser(User user) {
104: _userMap.put(user.getName(), user.getPasswordUser());
105: }
106:
107: /**
108: * Initialize the XML authenticator.
109: */
110: @PostConstruct
111: public synchronized void init() throws ServletException {
112: super .init();
113:
114: reload();
115: }
116:
117: /**
118: * Returns the PasswordUser
119: */
120: @Override
121: protected PasswordUser getUser(String userName) {
122: if (userName == null)
123: return null;
124:
125: if (isModified())
126: reload();
127:
128: PasswordUser user = _userMap.get(userName);
129:
130: if (user != null)
131: return user.copy();
132: else
133: return null;
134: }
135:
136: /**
137: * Reload the authenticator.
138: */
139: public synchronized void reload() {
140: if (_path == null)
141: return;
142:
143: try {
144: _lastCheck = Alarm.getCurrentTime();
145: _depend = new Depend(_path);
146:
147: if (log.isLoggable(Level.FINE))
148: log.fine(this + " loading users from " + _path);
149:
150: _userMap = new Hashtable<String, PasswordUser>();
151:
152: new Config().configureBean(this , _path);
153: } catch (Exception e) {
154: throw ConfigException.create(e);
155: }
156: }
157:
158: private boolean isModified() {
159: if (_path == null)
160: return false;
161: else if (_depend == null)
162: return true;
163: else if (Alarm.getCurrentTime() < _lastCheck + 5000)
164: return false;
165: else {
166: _lastCheck = Alarm.getCurrentTime();
167: return _depend.isModified();
168: }
169: }
170:
171: public static class User {
172: private String _name;
173: private String _password;
174:
175: private Principal _principal;
176: private String[] _roles = new String[0];
177:
178: private boolean _isDisabled;
179:
180: public User() {
181: }
182:
183: User(String name, String password, Principal principal) {
184: _name = name;
185: _password = password;
186: _principal = principal;
187: }
188:
189: public void setName(String name) {
190: _name = name;
191:
192: if (_principal == null)
193: _principal = new BasicPrincipal(name);
194: }
195:
196: public String getName() {
197: return _name;
198: }
199:
200: public void setPassword(String password) {
201: _password = password;
202: }
203:
204: public void setPrincipal(Principal principal) {
205: _principal = principal;
206: }
207:
208: Principal getPrincipal() {
209: return _principal;
210: }
211:
212: public void addRoles(String roles) {
213: for (String role : roles.split("[ ,]")) {
214: addRole(role);
215: }
216: }
217:
218: public void setEnable(boolean isEnabled) {
219: _isDisabled = !isEnabled;
220: }
221:
222: public void setDisable(boolean isDisabled) {
223: _isDisabled = isDisabled;
224: }
225:
226: public void addRole(String role) {
227: if ("disabled".equals(role))
228: _isDisabled = true;
229:
230: String[] newRoles = new String[_roles.length + 1];
231: System.arraycopy(_roles, 0, newRoles, 0, _roles.length);
232: newRoles[_roles.length] = role;
233:
234: _roles = newRoles;
235: }
236:
237: String[] getRoles() {
238: return _roles;
239: }
240:
241: public void addText(String userParam) {
242: int p1 = userParam.indexOf(':');
243:
244: if (p1 < 0)
245: return;
246:
247: String name = userParam.substring(0, p1);
248: int p2 = userParam.indexOf(':', p1 + 1);
249: String password;
250: String roles;
251:
252: if (p2 < 0) {
253: password = userParam.substring(p1 + 1);
254: roles = "user";
255: } else {
256: password = userParam.substring(p1 + 1, p2);
257: roles = userParam.substring(p2 + 1);
258: }
259:
260: setName(name);
261: setPassword(password);
262: addRoles(roles);
263: }
264:
265: public PasswordUser getPasswordUser() {
266: boolean isAnonymous = false;
267:
268: return new PasswordUser(_principal,
269: _password.toCharArray(), _isDisabled, isAnonymous,
270: _roles);
271: }
272: }
273: }
|