001: /**
002: * Copyright 2004-2005 jManage.org
003: *
004: * Licensed under the Apache License, Version 2.0 (the "License");
005: * you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */package org.jmanage.core.auth;
016:
017: import org.jdom.Document;
018: import org.jdom.JDOMException;
019: import org.jdom.Element;
020: import org.jdom.output.XMLOutputter;
021: import org.jdom.input.SAXBuilder;
022: import org.jmanage.core.crypto.Crypto;
023: import org.jmanage.core.util.Loggers;
024:
025: import java.io.File;
026: import java.io.FileOutputStream;
027: import java.util.*;
028: import java.util.logging.Logger;
029:
030: /**
031: *
032: * Date : Jun 27, 2004 10:43:03 PM
033: * @author Shashank
034: */
035: public class UserManager implements AuthConstants {
036:
037: private static final Logger logger = Loggers
038: .getLogger(UserManager.class);
039:
040: /* create instance of UserManager */
041: private static UserManager userManager = new UserManager(new File(
042: USER_CONFIG_FILE_NAME));
043:
044: /* user map */
045: private Map users = null;
046:
047: /**
048: * Cache user information.
049: *
050: * @param userConfigFile
051: */
052: private UserManager(File userConfigFile) {
053: try {
054: Document userConfig = new SAXBuilder()
055: .build(userConfigFile);
056: users = loadUsers(userConfig);
057: } catch (JDOMException jdEx) {
058: logger.info("Error reading user info "
059: + USER_CONFIG_FILE_NAME);
060: jdEx.printStackTrace();
061: }
062: }
063:
064: /**
065: * Get the only instance of UserManager
066: *
067: * @return
068: */
069: public static UserManager getInstance() {
070: return userManager;
071: }
072:
073: /**
074: * Load all users from the configuration file.
075: *
076: * @param userConfig
077: * @return
078: */
079: private Map loadUsers(Document userConfig) {
080: Map userData = Collections.synchronizedMap(new HashMap(1));
081: List users = userConfig.getRootElement().getChildren();
082: Iterator userIterator = users.iterator();
083:
084: while (userIterator.hasNext()) {
085: Element user = (Element) userIterator.next();
086: List roles = user.getChildren(ROLE);
087: Iterator roleIterator = roles.iterator();
088: List userRoles = new ArrayList();
089: while (roleIterator.hasNext()) {
090: Element role = (Element) roleIterator.next();
091: userRoles.add(new Role(role.getTextTrim()));
092: }
093: /* no need to hash password, as it is stored in hash form in
094: the database */
095: userData.put(user.getAttributeValue(NAME), new User(user
096: .getAttributeValue(NAME), user
097: .getAttributeValue(PASSWORD), userRoles, user
098: .getAttributeValue(STATUS), Integer.parseInt(user
099: .getAttributeValue(LOCK_COUNT))));
100: }
101: return userData;
102: }
103:
104: /**
105: * Return instance of User with specified username and passowrd if exists.
106: *
107: * @param username
108: * @param password
109: * @return
110: */
111: public User verifyUsernamePassword(String username, char[] password) {
112: User user = (User) users.get(username);
113: if (user != null) {
114: final String hashedPassword = Crypto.hash(password);
115: user = hashedPassword.equals(user.getPassword())
116: && User.STATUS_ACTIVE.equals(user.getStatus()) ? user
117: : null;
118: }
119: return user;
120: }
121:
122: /**
123: * Overloaded for use in User management functionality.
124: *
125: * @param username
126: * @return
127: */
128: public User getUser(String username) {
129: return users.containsKey(username) ? (User) users.get(username)
130: : null;
131: }
132:
133: /**
134: * Retrieve all configured users of the application.
135: *
136: * @return
137: */
138: public Map getAllUsers() {
139: return users;
140: }
141:
142: /**
143: * Add a new user to the list.
144: *
145: * @param user
146: */
147: public void addUser(User user) {
148: users.put(user.getName(), user);
149: saveUser();
150: }
151:
152: /**
153: * Update the selected user information.
154: *
155: * @param user
156: */
157: public void updateUser(User user) {
158: users.remove(user.getName());
159: users.put(user.getName(), user);
160: saveUser();
161: }
162:
163: /**
164: * Remove the selected user from the list.
165: *
166: * @param username
167: */
168: public void deleteUser(String username) {
169: if (users.containsKey(username)) {
170: users.remove(username);
171: saveUser();
172: }
173: }
174:
175: /**
176: * Update current user's password.
177: *
178: * @param password
179: */
180: public void updatePassword(String username, String password) {
181: User user = (User) users.get(username);
182: user.setPassword(Crypto.hash(password));
183: saveUser();
184: }
185:
186: /**
187: * Save the changes to "jmanage-users.xml"
188: */
189: private void saveUser() {
190: try {
191: Document doc = new Document();
192: Element rootElement = new Element(AuthConstants.JM_USERS);
193: for (Iterator it = users.values().iterator(); it.hasNext();) {
194: User user = (User) it.next();
195: /* create a user element */
196: Element userElement = new Element(AuthConstants.USER);
197: userElement.setAttribute(AuthConstants.NAME, user
198: .getUsername());
199: userElement.setAttribute(AuthConstants.PASSWORD, user
200: .getPassword());
201: assert user.getStatus() != null
202: && (user.getStatus().equals(User.STATUS_ACTIVE) || user
203: .getStatus().equals(User.STATUS_LOCKED));
204: userElement.setAttribute(AuthConstants.STATUS, user
205: .getStatus() != null ? user.getStatus()
206: : User.STATUS_ACTIVE);
207: userElement.setAttribute(AuthConstants.LOCK_COUNT,
208: String.valueOf(user.getStatus() != null ? user
209: .getLockCount() : 0));
210: /* add roles */
211: for (Iterator iterator = user.getRoles().iterator(); iterator
212: .hasNext();) {
213: Role role = (Role) iterator.next();
214: Element roleElement = new Element(
215: AuthConstants.ROLE);
216: roleElement.setText(role.getName());
217: userElement.addContent(roleElement);
218: }
219: rootElement.addContent(userElement);
220: }
221: doc.setRootElement(rootElement);
222: /* write to the disc */
223: XMLOutputter writer = new XMLOutputter();
224: writer.output(doc, new FileOutputStream(
225: AuthConstants.USER_CONFIG_FILE_NAME));
226: } catch (Exception e) {
227: throw new RuntimeException(e);
228: }
229: }
230: }
|