Source Code Cross Referenced for LdapUserSecurityHandler.java in  » Portal » jetspeed-2.1.3 » org » apache » jetspeed » security » spi » impl » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /* 
002:         * Licensed to the Apache Software Foundation (ASF) under one or more
003:         * contributor license agreements.  See the NOTICE file distributed with
004:         * this work for additional information regarding copyright ownership.
005:         * The ASF licenses this file to You under the Apache License, Version 2.0
006:         * (the "License"); you may not use this file except in compliance with
007:         * the License.  You may obtain a copy of the License at
008:         *
009:         *     http://www.apache.org/licenses/LICENSE-2.0
010:         *
011:         * Unless required by applicable law or agreed to in writing, software
012:         * distributed under the License is distributed on an "AS IS" BASIS,
013:         * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014:         * See the License for the specific language governing permissions and
015:         * limitations under the License.
016:         */
017:        package org.apache.jetspeed.security.spi.impl;
018:
019:        import java.security.Principal;
020:        import java.util.ArrayList;
021:        import java.util.Arrays;
022:        import java.util.List;
023:
024:        import javax.naming.NamingException;
025:
026:        import org.apache.commons.lang.StringUtils;
027:        import org.apache.commons.logging.Log;
028:        import org.apache.commons.logging.LogFactory;
029:        import org.apache.jetspeed.security.SecurityException;
030:        import org.apache.jetspeed.security.UserPrincipal;
031:        import org.apache.jetspeed.security.impl.UserPrincipalImpl;
032:        import org.apache.jetspeed.security.spi.UserSecurityHandler;
033:        import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;
034:        import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDaoImpl;
035:
036:        /**
037:         * @see org.apache.jetspeed.security.spi.UserSecurityHandler
038:         * @author <a href="mailto:mike.long@dataline.com">Mike Long </a>
039:         */
040:        public class LdapUserSecurityHandler implements  UserSecurityHandler {
041:            /** The logger. */
042:            private static final Log logger = LogFactory
043:                    .getLog(LdapUserSecurityHandler.class);
044:
045:            /** The {@link LdapPrincipalDao}. */
046:            private LdapPrincipalDao ldap;
047:
048:            /**
049:             * @param ldap The LdapPrincipalDao.
050:             */
051:            public LdapUserSecurityHandler(LdapPrincipalDao ldap) {
052:                this .ldap = ldap;
053:            }
054:
055:            /**
056:             * <p>
057:             * Default constructor.
058:             * </p>
059:             */
060:            public LdapUserSecurityHandler() throws NamingException,
061:                    SecurityException {
062:                this (new LdapUserPrincipalDaoImpl());
063:            }
064:
065:            /**
066:             * <p>
067:             * Lookup the user by his UID attribute on the Ldap Server.
068:             * </p>
069:             * 
070:             * @return true if the Ldap Server finds a user with that UID; false if he
071:             *         is not found or some sort of NamingException occurred.
072:             * @see org.apache.jetspeed.security.spi.UserSecurityHandler#isUserPrincipal(java.lang.String)
073:             */
074:            public boolean isUserPrincipal(String uid) {
075:                verifyUid(uid);
076:                return getUserPrincipal(uid) != null;
077:            }
078:
079:            /**
080:             * @see org.apache.jetspeed.security.spi.UserSecurityHandler#getUserPrincipal(java.lang.String)
081:             */
082:            public Principal getUserPrincipal(String uid) {
083:                verifyUid(uid);
084:                try {
085:                    String dn = ldap.lookupByUid(uid);
086:
087:                    if (!StringUtils.isEmpty(dn)) {
088:                        return new UserPrincipalImpl(uid);
089:                    }
090:                } catch (SecurityException e) {
091:                    logSecurityException(e, uid);
092:                }
093:
094:                return null;
095:            }
096:
097:            /**
098:             * <p>
099:             * Verify the uid.
100:             * </p>
101:             * 
102:             * @param uid The uid.
103:             */
104:            private void verifyUid(String uid) {
105:                if (StringUtils.isEmpty(uid)) {
106:                    throw new IllegalArgumentException(
107:                            "The uid cannot be null or empty.");
108:                }
109:            }
110:
111:            /**
112:             * @param se SecurityException Throws a {@link SecurityException}.
113:             * @param uid The uid.
114:             */
115:            private void logSecurityException(SecurityException se, String uid) {
116:                if (logger.isErrorEnabled()) {
117:                    logger.error("An LDAP error has occurred for user uid:"
118:                            + uid, se);
119:                }
120:            }
121:
122:            /**
123:             * @see org.apache.jetspeed.security.spi.UserSecurityHandler#getUserPrincipals(java.lang.String)
124:             */
125:            public List getUserPrincipals(String filter) {
126:                try {
127:                    return Arrays.asList(ldap.find(filter,
128:                            UserPrincipal.PREFS_USER_ROOT));
129:                } catch (SecurityException e) {
130:                    logSecurityException(e, filter);
131:                }
132:
133:                return new ArrayList();
134:            }
135:
136:            /**
137:             * @see org.apache.jetspeed.security.spi.UserSecurityHandler#addUserPrincipal(org.apache.jetspeed.security.UserPrincipal)
138:             */
139:            public void addUserPrincipal(UserPrincipal userPrincipal)
140:                    throws SecurityException {
141:                verifyUserPrincipal(userPrincipal);
142:
143:                String uid = userPrincipal.getName();
144:                if (isUserPrincipal(uid)) {
145:                    throw new SecurityException(
146:                            SecurityException.USER_ALREADY_EXISTS.create(uid));
147:                }
148:                ldap.create(uid);
149:            }
150:
151:            /**
152:             * @see org.apache.jetspeed.security.spi.UserSecurityHandler#updateUserPrincipal(org.apache.jetspeed.security.UserPrincipal)
153:             */
154:            public void updateUserPrincipal(UserPrincipal userPrincipal)
155:                    throws SecurityException {
156:                verifyUserPrincipal(userPrincipal);
157:                String uid = userPrincipal.getName();
158:                if (!isUserPrincipal(uid)) {
159:                    ldap.create(uid);
160:                }
161:            }
162:
163:            /**
164:             * @param userPrincipal
165:             */
166:            private void verifyUserPrincipal(UserPrincipal userPrincipal) {
167:                if (userPrincipal == null) {
168:                    throw new IllegalArgumentException(
169:                            "The UserPrincipal cannot be null or empty.");
170:                }
171:            }
172:
173:            /**
174:             * @see org.apache.jetspeed.security.spi.UserSecurityHandler#removeUserPrincipal(org.apache.jetspeed.security.UserPrincipal)
175:             */
176:            public void removeUserPrincipal(UserPrincipal userPrincipal)
177:                    throws SecurityException {
178:                verifyUserPrincipal(userPrincipal);
179:
180:                String uid = userPrincipal.getName();
181:
182:                ldap.delete(uid);
183:            }
184:        }