001: /*
002: * Copyright (c) 2001 - 2005 ivata limited.
003: * All rights reserved.
004: * -----------------------------------------------------------------------------
005: * ivata groupware may be redistributed under the GNU General Public
006: * License as published by the Free Software Foundation;
007: * version 2 of the License.
008: *
009: * These programs are free software; you can redistribute them and/or
010: * modify them under the terms of the GNU General Public License
011: * as published by the Free Software Foundation; version 2 of the License.
012: *
013: * These programs are distributed in the hope that they will be useful,
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
016: *
017: * See the GNU General Public License in the file LICENSE.txt for more
018: * details.
019: *
020: * If you would like a copy of the GNU General Public License write to
021: *
022: * Free Software Foundation, Inc.
023: * 59 Temple Place - Suite 330
024: * Boston, MA 02111-1307, USA.
025: *
026: *
027: * To arrange commercial support and licensing, contact ivata at
028: * http://www.ivata.com/contact.jsp
029: * -----------------------------------------------------------------------------
030: * $Log: SecurityBean.java,v $
031: * Revision 1.3 2005/04/10 19:42:41 colinmacleod
032: * *** empty log message ***
033: *
034: * Revision 1.2 2005/04/09 17:19:56 colinmacleod
035: * Changed copyright text to GPL v2 explicitly.
036: *
037: * Revision 1.1.1.1 2005/03/10 17:51:40 colinmacleod
038: * Restructured ivata op around Hibernate/PicoContainer.
039: * Renamed ivata groupware.
040: *
041: * Revision 1.3 2004/11/12 18:16:07 colinmacleod
042: * Ordered imports.
043: *
044: * Revision 1.2 2004/11/12 15:57:18 colinmacleod
045: * Removed dependencies on SSLEXT.
046: * Moved Persistence classes to ivata masks.
047: *
048: * Revision 1.1 2004/09/30 15:15:58 colinmacleod
049: * Split off addressbook elements into security subproject.
050: *
051: * Revision 1.5 2004/07/13 19:41:11 colinmacleod
052: * Moved project to POJOs from EJBs.
053: * Applied PicoContainer to services layer (replacing session EJBs).
054: * Applied Hibernate to persistence layer (replacing entity EJBs).
055: *
056: * Revision 1.4 2004/03/21 21:16:05 colinmacleod
057: * Shortened name to ivata op.
058: *
059: * Revision 1.3 2004/03/21 20:21:49 colinmacleod
060: * Converted to using factory method for security server (rather than singleton).
061: *
062: * Revision 1.2 2004/02/01 22:00:31 colinmacleod
063: * Added full names to author tags
064: *
065: * Revision 1.1.1.1 2004/01/27 20:57:45 colinmacleod
066: * Moved ivata openportal to SourceForge..
067: *
068: * Revision 1.7 2003/11/03 11:28:24 jano
069: * commiting addressbook,
070: * tryinjg to fix deploying problem
071: *
072: * Revision 1.6 2003/10/24 13:18:12 jano
073: * fixing some bugs
074: *
075: * Revision 1.5 2003/10/17 12:36:12 jano
076: * fixing problems with building
077: * converting intranet -> portal
078: * Eclipse building
079: *
080: * Revision 1.4 2003/10/16 07:53:41 jano
081: * fixing XDoclet
082: *
083: * Revision 1.3 2003/10/15 12:35:33 jano
084: * going back to 1.1
085: *
086: * Revision 1.1 2003/10/13 20:50:06 colin
087: * Initial revision
088: *
089: * Revision 1.10 2003/09/11 13:10:10 jano
090: * fixing bugs with ranaming userName and with removing user from system
091: *
092: * Revision 1.9 2003/07/25 11:49:45 jano
093: * adding functionality for addressBook extension
094: *
095: * Revision 1.8 2003/06/04 09:56:17 jano
096: * if new user is not enable it's not necesary check email
097: *
098: * Revision 1.7 2003/05/22 07:58:49 jano
099: * we have new method in SecurityBean getUserNameFromSystemUserName
100: *
101: * Revision 1.6 2003/04/09 09:43:42 jano
102: * *** empty log message ***
103: *
104: * Revision 1.5 2003/04/09 08:49:22 jano
105: * handling data of removing user
106: *
107: * Revision 1.4 2003/04/01 15:01:01 jano
108: * fixing bug with addUserToPerson
109: *
110: * Revision 1.3 2003/03/14 10:25:44 jano
111: * adding backdoor man functionality
112: * backdoor man = briezky
113: *
114: * Revision 1.2 2003/02/25 14:38:12 colin
115: * implemented setModified methods on entity beans thro IvataEntityBean superclass
116: *
117: * Revision 1.1 2003/02/24 18:53:57 colin
118: * added to admin
119: *
120: * Revision 1.8 2003/02/04 17:43:50 colin
121: * copyright notice
122: *
123: * Revision 1.7 2002/12/03 15:39:49 jano
124: * automaticaly put new user to USER group
125: *
126: * Revision 1.6 2002/11/20 16:59:06 jano
127: * I changed message that you can add email in contact list or add at least one user alias
128: *
129: * Revision 1.5 2002/10/23 12:44:56 jano
130: * fixing bug in getSystemUserName
131: *
132: * Revision 1.4 2002/10/23 09:16:39 jano
133: * new method for genereting SystemUserName,
134: * it's userName with prefix
135: *
136: * Revision 1.3 2002/10/18 08:37:39 colin
137: * bugfixes in addUser, amendUser and setPassword
138: *
139: * Revision 1.2 2002/09/10 06:52:22 colin
140: * added boolean enable to addUserToPerson
141: *
142: * Revision 1.1 2002/09/09 08:35:24 colin
143: * new security EJB takes over role of
144: * logging into the system
145: * maintaining user names and passwords
146: * -----------------------------------------------------------------------------
147: */
148: package com.ivata.groupware.admin.security;
149:
150: import javax.ejb.CreateException;
151: import javax.ejb.EJBException;
152: import javax.ejb.RemoveException;
153: import javax.ejb.SessionBean;
154: import javax.ejb.SessionContext;
155:
156: import org.picocontainer.PicoContainer;
157:
158: import com.ivata.groupware.admin.security.server.SecuritySession;
159: import com.ivata.groupware.admin.security.user.UserDO;
160: import com.ivata.groupware.container.PicoContainerFactory;
161: import com.ivata.mask.util.SystemException;
162:
163: /**
164: * <p>The security bean is responsible for adding, removing and amending users
165: * to the system, and for logging in in the first place.</p>
166: *
167: * @since 2002-09-08
168: * @author Colin MacLeod
169: * <a href='mailto:colin.macleod@ivata.com'>colin.macleod@ivata.com</a>
170: * @version $Revision: 1.3 $
171: *
172: * @ejb.bean
173: * name="Security"
174: * display-name="Security"
175: * type="Stateless"
176: * view-type="remote"
177: * jndi-name="SecurityRemote"
178: *
179: * @ejb.transaction
180: * type = "Required"
181: *
182: * @ejb.home
183: * generate="false"
184: * remote-class="com.ivata.groupware.admin.security.SecurityRemoteHome"
185: *
186: * @ejb.interface
187: * remote-class="com.ivata.groupware.admin.security.SecurityRemote"
188: */
189: public class SecurityBean implements SessionBean {
190: /**
191: * <p>Provides the session bean with container-specific information.</p>
192: */
193: SessionContext sessionContext;
194:
195: /**
196: * <p>Check a password is correct for a user.</p>
197: *
198: * @param userName
199: * @param password
200: * @throws InvalidFieldValueException if any of the parameters are
201: * <code>null</code>.
202: * @throws InvalidFieldValueException if any of the parameters are
203: * <code>null</code>.
204: *
205: * @ejb.interface-method
206: * view-type = "remote"
207: */
208: public void checkPassword(final SecuritySession securitySession,
209: final String password) throws SystemException {
210: getSecurity().checkPassword(securitySession, password);
211: }
212:
213: /**
214: * <p>Called by the container to notify an entity object it has been
215: * activated.</p>
216: */
217: public void ejbActivate() {
218: }
219:
220: /**
221: * <p>Called by the container just after the bean has been created.</p>
222: *
223: * @exception CreateException if any error occurs. Never thrown by this
224: * class.
225: *
226: * @ejb.create-method
227: */
228: public void ejbCreate() throws CreateException {
229: }
230:
231: /**
232: * <p>Called by the container to notify the entity object it will be
233: * deactivated. Called just before deactivation.</p>
234: */
235: public void ejbPassivate() {
236: }
237:
238: /**
239: * <p>This method is called by the container when the bean is about
240: * to be removed.</p>
241: *
242: * <p>This method will be called after a client calls the <code>remove</code>
243: * method of the remote/local home interface.</p>
244: *
245: * @throws RemoveException if any error occurs. Currently never thrown by
246: * this class.
247: */
248: public void ejbRemove() {
249: }
250:
251: /**
252: * Find a user given the user name.
253: *
254: * @param securitySession valid security session.
255: * @param userName name of the user to find.
256: */
257: public UserDO findUserByName(final SecuritySession securitySession,
258: final String userName) throws SystemException {
259: return getSecurity().findUserByName(securitySession, userName);
260: }
261:
262: /**
263: * Get the security implementation.
264: *
265: * @return valid security implementation.
266: */
267: private Security getSecurity() throws SystemException {
268: PicoContainer container = PicoContainerFactory.getInstance()
269: .getGlobalContainer();
270: return (Security) container
271: .getComponentInstance(Security.class);
272: }
273:
274: /**
275: * <p>This method add prefix to username.</p>
276: *
277: * @param userName
278: * @return prefix_userName
279: *
280: * @ejb.interface-method
281: * view-type = "remote"
282: */
283: public final String getSystemUserName(
284: final SecuritySession securitySession, final String userName)
285: throws SystemException {
286: return getSecurity().getSystemUserName(securitySession,
287: userName);
288: }
289:
290: /**
291: * <p>This method is converting SystemUserName to userName, it's oposite method to getSystemUserName.</p>
292: * @param systemUserName
293: * @return
294: *
295: * @ejb.interface-method
296: * view-type = "remote"
297: */
298: public final String getUserNameFromSystemUserName(
299: final SecuritySession securitySession,
300: final String systemUserName) throws SystemException {
301: return getSecurity().getUserNameFromSystemUserName(
302: securitySession, systemUserName);
303: }
304:
305: /**
306: * <p>Find out if a user is currently enabled
307: * @param userName
308: * @throws InvalidFieldValueException if <code>userName</code> is
309: * <code>null</code>.
310: * @return <code>true</code> if the user is currently enabled, otherwise
311: * <code>false</code>.
312: *
313: * @ejb.interface-method
314: * view-type = "remote"
315: */
316: public boolean isUserEnabled(final SecuritySession securitySession,
317: final String userName) throws SystemException {
318: return getSecurity().isUserEnabled(securitySession, userName);
319: }
320:
321: /**
322: * <p>Login to the system. This method confirms the user name and password
323: * against system settings and logs the user into the mail server, if this
324: * is the desired form of authentication.</p>
325: *
326: * @param userName this user name is used to log into the remote system.
327: * @param password the clear-text password to log into the remote system.
328: * @throws EJBException if the person cannot log in.
329: * @return the mail server used to access the mail system, or
330: * <code>null</code> if another form of authentication is being used.
331: *
332: * @ejb.interface-method
333: * view-type = "remote"
334: */
335: public SecuritySession login(final UserDO user,
336: final String password) throws SystemException {
337: return getSecurity().login(user, password);
338: }
339:
340: /**
341: * <p>if userName briezky is trying login -> find first admin .</p>
342: * @param userName
343: * @return
344: *
345: * @ejb.interface-method
346: * view-type = "remote"
347: */
348: public String loginAgain(final SecuritySession securitySession,
349: final String userName) throws SystemException {
350: return getSecurity().loginAgain(securitySession, userName);
351: }
352:
353: /**
354: * <p>Remove a user from the system. <strong>Note:</strong> this can have dire
355: * consequences and will delete all entries this user has ever made in the
356: * system. Consider using <code>enableUser</code> instead.</p>
357: *
358: * @param userName the name of the user who is doing the removing. <strong>This
359: * is not the name of the user to be removed!</strong>
360: * @param userNameRemove the name of the user to be removed.
361: * @see #enableUser
362: * @throws InvalidFieldValueException if any of the parameters are
363: * <code>null</code>.
364: *
365: * @ejb.interface-method
366: * view-type = "remote"
367: */
368: public void removeUser(final SecuritySession securitySession,
369: final String userNameRemove) throws SystemException {
370: getSecurity().removeUser(securitySession, userNameRemove);
371: }
372:
373: /**
374: * <p>Restore user is he was delted.</p>
375: * @param userName who is doing this operation
376: * @param restoreUserName who is going to be restored
377: *
378: * @ejb.interface-method
379: * view-type = "remote"
380: */
381: public void restoreUser(final SecuritySession securitySession,
382: final String restoreUserName) throws SystemException {
383: getSecurity().restoreUser(securitySession, restoreUserName);
384: }
385:
386: /**
387: * <p>Set the password of a user.</p>
388: *
389: * @param userName the name of the user who is changing the password in the
390: * system. <strong>This is not be the user name whose password is to be
391: * changed!</strong>
392: * @param userNamePassword the name of the user for whom to change the
393: * password.
394: * @param password the new value of the password (unencrypted) for the user.
395: * @throws InvalidFieldValueException if any of the parameters are
396: * <code>null</code>.
397: *
398: * @ejb.interface-method
399: * view-type = "remote"
400: */
401: public final void setPassword(
402: final SecuritySession securitySession,
403: final String userNamePassword, final String password)
404: throws SystemException {
405: getSecurity().setPassword(securitySession, userNamePassword,
406: password);
407: }
408:
409: /**
410: * <p>Set up the context for this entity object. The session bean stores the
411: * context for later use.</p>
412: *
413: * @param sessionContext the new context which the session object should
414: * store.
415: */
416: public final void setSessionContext(
417: final SessionContext sessionContext) {
418: this.sessionContext = sessionContext;
419: }
420: }
|