001: /* Copyright 2001 The JA-SIG Collaborative. All rights reserved.
002: * See license distributed with this file and
003: * available online at http://www.uportal.org/license.html
004: */
005:
006: package org.jasig.portal;
007:
008: import java.io.Serializable;
009: import java.util.Hashtable;
010:
011: import javax.servlet.http.HttpServletRequest;
012: import javax.servlet.http.HttpSession;
013: import javax.servlet.http.HttpSessionBindingEvent;
014: import javax.servlet.http.HttpSessionBindingListener;
015:
016: import org.jasig.portal.security.IPerson;
017: import org.jasig.portal.security.PersonManagerFactory;
018: import org.jasig.portal.security.PortalSecurityException;
019: import org.apache.commons.logging.Log;
020: import org.apache.commons.logging.LogFactory;
021:
022: /**
023: * Determines which user instance object to use for a given user.
024: *
025: * @author Peter Kharchenko {@link <a href="mailto:pkharchenko@interactivebusiness.com"">pkharchenko@interactivebusiness.com"</a>}
026: * @version $Revision 1.1$
027: */
028: public class UserInstanceManager {
029:
030: private static final Log log = LogFactory
031: .getLog(UserInstanceManager.class);
032:
033: // a table to keep guestUserInstance objects
034: static Hashtable guestUserInstances = new Hashtable();
035:
036: /**
037: * Returns the UserInstance object that is associated with the given request.
038: * @param request Incoming HttpServletRequest
039: * @return UserInstance object associated with the given request
040: */
041: public static UserInstance getUserInstance(
042: HttpServletRequest request) throws PortalException {
043: IPerson person = null;
044: try {
045: // Retrieve the person object that is associated with the request
046: person = PersonManagerFactory.getPersonManagerInstance()
047: .getPerson(request);
048: if (person == null) {
049: throw new IllegalStateException(
050: "Configured PersonManager returned null person for this request. With no user, there's no UserInstance. Is PersonManager misconfigured? RDBMS access misconfigured?");
051: }
052: } catch (Exception e) {
053: log.error(
054: "UserInstanceManager: Unable to retrieve IPerson!",
055: e);
056: throw (new PortalSecurityException(
057: "Could not retrieve IPerson", e));
058: }
059:
060: HttpSession session = request.getSession(false);
061:
062: // Return the UserInstance object if it's in the session
063: UserInstance userInstance = null;
064: UserInstanceHolder holder = (UserInstanceHolder) session
065: .getAttribute(UserInstanceHolder.KEY);
066: if (holder != null)
067: userInstance = holder.getUserInstance();
068:
069: if (userInstance != null) {
070: return (userInstance);
071: }
072: // Create either a UserInstance or a GuestUserInstance
073: if (person.isGuest()) {
074: GuestUserInstance guestUserInstance = (GuestUserInstance) guestUserInstances
075: .get(new Integer(person.getID()));
076: if (guestUserInstance == null) {
077: guestUserInstance = new GuestUserInstance(person);
078: guestUserInstances.put(new Integer(person.getID()),
079: guestUserInstance);
080: }
081: guestUserInstance.registerSession(request);
082: userInstance = guestUserInstance;
083: } else {
084: if (person.getSecurityContext().isAuthenticated()) {
085: userInstance = new UserInstance(person);
086: } else {
087: // we can't allow for unauthenticated, non-guest user to come into the system
088: throw new PortalSecurityException(
089: "System does not allow for unauthenticated non-guest users.");
090: }
091: }
092:
093: if (holder == null)
094: holder = new UserInstanceHolder();
095: holder.setUserInstance(userInstance);
096:
097: // Put the user instance in the user's session
098: session.setAttribute(UserInstanceHolder.KEY, holder);
099:
100: // Return the new UserInstance
101: return (userInstance);
102: }
103:
104: /**
105: * <p>Serializable wrapper class so the UserInstance object can
106: * be indirectly stored in the session. The manager can deal with
107: * this class returning a null value and its field is transient
108: * so the session can be serialized successfully with the
109: * UserInstance object in it.</p>
110: * <p>Implements HttpSessionBindingListener and delegates those methods to
111: * the wrapped UserInstance, if present.</p>
112: */
113: private static class UserInstanceHolder implements Serializable,
114: HttpSessionBindingListener {
115: public transient static final String KEY = UserInstanceHolder.class
116: .getName();
117:
118: private transient UserInstance ui = null;
119:
120: /**
121: * @return Returns the userInstance.
122: */
123: protected UserInstance getUserInstance() {
124: return this .ui;
125: }
126:
127: /**
128: * @param userInstance The userInstance to set.
129: */
130: protected void setUserInstance(UserInstance userInstance) {
131: this .ui = userInstance;
132: }
133:
134: public void valueBound(HttpSessionBindingEvent bindingEvent) {
135: // delegate to contained UserInstance if there is one
136: if (this .ui != null) {
137: this .ui.valueBound(bindingEvent);
138: }
139:
140: }
141:
142: public void valueUnbound(HttpSessionBindingEvent bindingEvent) {
143: // delegate to contained UserInstance if there is one
144: if (this.ui != null) {
145: this.ui.valueUnbound(bindingEvent);
146: }
147:
148: }
149: }
150: }
|