001: /*
002: * <copyright>
003: *
004: * Copyright 2001-2004 Mobile Intelligence Corp
005: * under sponsorship of the Defense Advanced Research Projects
006: * Agency (DARPA).
007: *
008: * You can redistribute this software and/or modify it under the
009: * terms of the Cougaar Open Source License as published on the
010: * Cougaar Open Source Website (www.cougaar.org).
011: *
012: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
013: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
014: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
015: * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
016: * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
017: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
018: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
019: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
020: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
021: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
022: * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
023: *
024: * </copyright>
025: */
026: package org.cougaar.community.manager;
027:
028: import org.cougaar.community.CommunityProtectionService;
029: import org.cougaar.community.CommunityServiceConstants;
030:
031: import org.cougaar.core.component.ServiceBroker;
032: import org.cougaar.core.service.AgentIdentificationService;
033: import org.cougaar.core.service.LoggingService;
034: import org.cougaar.core.mts.MessageAddress;
035:
036: import javax.naming.directory.ModificationItem;
037:
038: /**
039: * Performs access control for community manager. All authorization requests
040: * are delegated to the CommunityProtectionService if available. If the
041: * CommunityProtectionService is not available the requests are delegated to
042: * the "authorizeUsingDefaultPolicy" method. The base implementation of this
043: * method approves all requests. Alternate implementations should exend this
044: * class and override the authorizeUsingDefaultPolicy method. The use of an
045: * alternate implementation is specified by defining the new class in the
046: * "org.cougaar.community.access.manager.classname" system property.
047: */
048: public class CommunityAccessManager implements
049: CommunityProtectionService, CommunityServiceConstants {
050:
051: protected ServiceBroker serviceBroker;
052: protected LoggingService logger;
053: protected String agentName;
054:
055: public CommunityAccessManager(ServiceBroker sb) {
056: this .serviceBroker = sb;
057: agentName = getAgentName();
058: logger = (LoggingService) serviceBroker.getService(this ,
059: LoggingService.class, null);
060: logger = org.cougaar.core.logging.LoggingServiceWithPrefix.add(
061: logger, agentName + ": ");
062: }
063:
064: /**
065: * Authorize request to read or modify community state.
066: * @param communityName String Name of affected community
067: * @param requester String Name of requesting agent
068: * @param operation int Requested operation (refer to
069: * org.cougaar.core.service.CommunityServiceConstants
070: * for valid op codes)
071: * @param target String Name of affected community member or null if
072: * target is community
073: * @param attrMods Requested attribute changes
074: * @return boolean Return true if request is authorized by
075: * current policy
076: */
077: public final boolean authorize(String communityName,
078: String requester, int operation, String target,
079: ModificationItem[] attrMods) {
080: boolean isAuthorized = false;
081: CommunityProtectionService cps = (CommunityProtectionService) serviceBroker
082: .getService(this , CommunityProtectionService.class,
083: null);
084: if (cps != null) {
085: isAuthorized = cps.authorize(communityName, requester,
086: operation, target, attrMods);
087: serviceBroker.releaseService(this ,
088: CommunityProtectionService.class, cps);
089: } else {
090: isAuthorized = authorizeUsingDefaultPolicy(communityName,
091: requester, operation, target, attrMods);
092: }
093: return isAuthorized;
094: }
095:
096: /**
097: * Authorization method that is used if the CommunityProtectionService is
098: * not available.
099: * @param communityName String Name of affected community
100: * @param requester String Name of requesting agent
101: * @param operation int Requested operation (refer to
102: * org.cougaar.core.service.CommunityServiceConstants
103: * for valid op codes)
104: * @param target String Name of affected community member or null if
105: * target is community
106: * @return boolean Return true if request is authorized by
107: * current policy
108: */
109: protected boolean authorizeUsingDefaultPolicy(String communityName,
110: String requester, int operation, String target,
111: ModificationItem[] attrMods) {
112: return true;
113: }
114:
115: protected String getAgentName() {
116: AgentIdentificationService ais = (AgentIdentificationService) serviceBroker
117: .getService(this , AgentIdentificationService.class,
118: null);
119: MessageAddress addr = ais.getMessageAddress();
120: serviceBroker.releaseService(this ,
121: AgentIdentificationService.class, ais);
122: return addr.toString();
123: }
124:
125: }
|