001: /* Copyright 2001 The JA-SIG Collaborative. All rights reserved.
002: * See license distributed with this file and
003: * available online at http://www.uportal.org/license.html
004: */
005:
006: package org.jasig.portal.security.provider;
007:
008: import java.util.Enumeration;
009:
010: import javax.servlet.http.HttpServletRequest;
011:
012: import org.apache.commons.logging.Log;
013: import org.apache.commons.logging.LogFactory;
014: import org.jasig.portal.security.IPerson;
015: import org.jasig.portal.security.IPersonManager;
016: import org.jasig.portal.security.ISecurityContext;
017: import org.jasig.portal.security.PersonFactory;
018: import org.jasig.portal.security.PortalSecurityException;
019:
020: /**
021: * When retrieving a new person, the value of the <code>REMOTEUSER</code> environment variable
022: * is passed to the security context. If it is set then the server has authenticated
023: * the user and the username may be used for login.
024: *
025: * @author Pete Boysen (pboysen@iastate.edu)
026: * @version $Revision: 36399 $
027: */
028: public class RemoteUserPersonManager implements IPersonManager {
029:
030: private static final Log log = LogFactory
031: .getLog(RemoteUserPersonManager.class);
032:
033: /**
034: * Description of the Field
035: */
036: public final static String REMOTE_USER = "remote_user";
037:
038: /**
039: * Retrieve an IPerson object for the incoming request
040: *
041: * @param request
042: * @return IPerson object for the incoming request
043: * @exception PortalSecurityException Description of the Exception
044: */
045: public IPerson getPerson(HttpServletRequest request)
046: throws PortalSecurityException {
047: // Return the person object if it exists in the user's session
048: IPerson person = (IPerson) request.getSession(false)
049: .getAttribute(PERSON_SESSION_KEY);
050: if (person != null)
051: return person;
052: try {
053: // Create a new instance of a person
054: person = PersonFactory.createGuestPerson();
055:
056: // If the user has authenticated with the server which has implemented web authentication,
057: // the REMOTE_USER environment variable will be set.
058: String remoteUser = request.getRemoteUser();
059:
060: // We don't want to ignore the security contexts which are already configured in security.properties, so we
061: // retrieve the existing security contexts. If one of the existing security contexts is a RemoteUserSecurityContext,
062: // we set the REMOTE_USER field of the existing RemoteUserSecurityContext context.
063: //
064: // If a RemoteUserSecurityContext does not already exist, we create one and populate the REMOTE_USER field.
065:
066: ISecurityContext context = null;
067: Enumeration subContexts = null;
068: boolean remoteUserSecurityContextExists = false;
069:
070: // Retrieve existing security contexts.
071: context = person.getSecurityContext();
072: if (context != null)
073: subContexts = context.getSubContexts();
074:
075: if (subContexts != null) {
076: while (subContexts.hasMoreElements()) {
077: ISecurityContext ctx = (ISecurityContext) subContexts
078: .nextElement();
079: // Check to see if a RemoteUserSecurityContext already exists, and set the REMOTE_USER
080: if (ctx instanceof RemoteUserSecurityContext) {
081: RemoteUserSecurityContext remoteuserctx = (RemoteUserSecurityContext) ctx;
082: remoteuserctx.setRemoteUser(remoteUser);
083: remoteUserSecurityContextExists = true;
084: }
085: }
086: }
087:
088: // If a RemoteUserSecurityContext doesn't alreay exist, create one.
089: // This preserves the default behavior of this class.
090: if (!remoteUserSecurityContextExists) {
091: RemoteUserSecurityContext remoteuserctx = new RemoteUserSecurityContext(
092: remoteUser);
093: person.setSecurityContext(remoteuserctx);
094: }
095: } catch (Exception e) {
096: // Log the exception
097: log.error("Exception creating person for request "
098: + request, e);
099: }
100: // Add this person object to the user's session
101: request.getSession(false).setAttribute(PERSON_SESSION_KEY,
102: person);
103: // Return the new person object
104: return (person);
105: }
106: }
|