001: package org.apache.turbine.services.security.ldap;
002:
003: /*
004: * Licensed to the Apache Software Foundation (ASF) under one
005: * or more contributor license agreements. See the NOTICE file
006: * distributed with this work for additional information
007: * regarding copyright ownership. The ASF licenses this file
008: * to you under the Apache License, Version 2.0 (the
009: * "License"); you may not use this file except in compliance
010: * with the License. You may obtain a copy of the License at
011: *
012: * http://www.apache.org/licenses/LICENSE-2.0
013: *
014: * Unless required by applicable law or agreed to in writing,
015: * software distributed under the License is distributed on an
016: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017: * KIND, either express or implied. See the License for the
018: * specific language governing permissions and limitations
019: * under the License.
020: */
021:
022: import java.io.ByteArrayOutputStream;
023: import java.io.PrintWriter;
024: import java.sql.Connection;
025: import java.util.Hashtable;
026: import javax.naming.NamingException;
027: import javax.naming.directory.Attribute;
028: import javax.naming.directory.Attributes;
029: import javax.naming.directory.BasicAttribute;
030: import javax.naming.directory.BasicAttributes;
031: import javax.servlet.http.HttpSessionBindingEvent;
032:
033: import org.apache.commons.logging.Log;
034: import org.apache.commons.logging.LogFactory;
035: import org.apache.torque.om.BaseObject;
036: import org.apache.torque.om.StringKey;
037: import org.apache.turbine.om.security.User;
038: import org.apache.turbine.services.security.TurbineSecurity;
039:
040: /**
041: * LDAPUser implements User and provides access to a user who accesses the
042: * system via LDAP.
043: *
044: * @author <a href="mailto:cberry@gluecode.com">Craig D. Berry</a>
045: * @author <a href="mailto:tadewunmi@gluecode.com">Tracy M. Adewunmi</a>
046: * @author <a href="mailto:lflournoy@gluecode.com">Leonard J. Flournoy </a>
047: * @author <a href="mailto:dlr@finemaltcoding.com">Daniel Rall</a>
048: * @author <a href="mailto:hhernandez@itweb.com.mx">Humberto Hernandez</a>
049: * @version $Id: LDAPUser.java 534527 2007-05-02 16:10:59Z tv $
050: */
051: public class LDAPUser extends BaseObject implements User {
052:
053: /** Serial Version UID */
054: private static final long serialVersionUID = 3953123276619326752L;
055:
056: /** Logging */
057: private static Log log = LogFactory.getLog(LDAPUser.class);
058:
059: /* A few attributes common to a User. */
060:
061: /** Date when the user was created */
062: private java.util.Date createDate = null;
063:
064: /** Date when the user was last accessed */
065: private java.util.Date lastAccessDate = null;
066:
067: /** timeout */
068: private int timeout = 15;
069:
070: /** This is data that will survive a servlet engine restart. */
071: private Hashtable permStorage = null;
072:
073: /** This is data that will not survive a servlet engine restart. */
074: private Hashtable tempStorage = null;
075:
076: /**
077: * Constructor.
078: * Create a new User and set the createDate.
079: */
080: public LDAPUser() {
081: createDate = new java.util.Date();
082: tempStorage = new Hashtable(10);
083: permStorage = new Hashtable(10);
084: setHasLoggedIn(Boolean.FALSE);
085: }
086:
087: /**
088: * Populates the user with values obtained from the LDAP Service.
089: * This method could be redefined in subclasses.
090: * @param attribs The attributes obtained from LDAP.
091: * @throws NamingException if there was an error with JNDI.
092: */
093: public void setLDAPAttributes(Attributes attribs)
094: throws NamingException {
095:
096: Attribute attr;
097: String attrName;
098:
099: // Set the User id.
100: attrName = LDAPSecurityConstants.getUserIdAttribute();
101: if (attrName != null) {
102: attr = attribs.get(attrName);
103: if (attr != null && attr.get() != null) {
104: try {
105: setPrimaryKey(new StringKey(attr.get().toString()));
106: } catch (Exception ex) {
107: log.error("Exception caught:", ex);
108: }
109: }
110: }
111:
112: // Set the Username.
113: attrName = LDAPSecurityConstants.getNameAttribute();
114: if (attrName != null) {
115: attr = attribs.get(attrName);
116: if (attr != null && attr.get() != null) {
117: setUserName(attr.get().toString());
118: }
119: } else {
120: log.error("There is no LDAP attribute for the username.");
121: }
122:
123: // Set the Firstname.
124: attrName = LDAPSecurityConstants.getFirstNameAttribute();
125: if (attrName != null) {
126: attr = attribs.get(attrName);
127: if (attr != null && attr.get() != null) {
128: setFirstName(attr.get().toString());
129: }
130: }
131:
132: // Set the Lastname.
133: attrName = LDAPSecurityConstants.getLastNameAttribute();
134: if (attrName != null) {
135: attr = attribs.get(attrName);
136: if (attr != null && attr.get() != null) {
137: setLastName(attr.get().toString());
138: }
139: }
140:
141: // Set the E-Mail
142: attrName = LDAPSecurityConstants.getEmailAttribute();
143: if (attrName != null) {
144: attr = attribs.get(attrName);
145: if (attr != null && attr.get() != null) {
146: setEmail(attr.get().toString());
147: }
148: }
149: }
150:
151: /**
152: * Get the JNDI Attributes used to store the user in LDAP.
153: * This method could be redefined in a subclass.
154: *
155: * @throws NamingException if there is a JNDI error.
156: * @return The JNDI attributes of the user.
157: */
158: public Attributes getLDAPAttributes() throws NamingException {
159: Attributes attribs = new BasicAttributes();
160: String attrName;
161:
162: // Set the objectClass
163: attrName = "objectClass";
164: if (attrName != null) {
165: Object value = "turbineUser";
166:
167: if (value != null) {
168: Attribute attr = new BasicAttribute(attrName, value);
169:
170: attribs.put(attr);
171: }
172: }
173:
174: // Set the User id.
175: attrName = LDAPSecurityConstants.getUserIdAttribute();
176: if (attrName != null) {
177: Object value = getPrimaryKey();
178:
179: if (value != null) {
180: Attribute attr = new BasicAttribute(attrName, value);
181:
182: attribs.put(attr);
183: }
184: }
185:
186: // Set the Username.
187: attrName = LDAPSecurityConstants.getNameAttribute();
188: if (attrName != null) {
189: Object value = getName();
190:
191: if (value != null) {
192: Attribute attr = new BasicAttribute(attrName, value);
193:
194: attribs.put(attr);
195: }
196: }
197:
198: // Set the Firstname.
199: attrName = LDAPSecurityConstants.getFirstNameAttribute();
200: if (attrName != null) {
201: Object value = getFirstName();
202:
203: if (value != null) {
204: Attribute attr = new BasicAttribute(attrName, value);
205:
206: attribs.put(attr);
207: }
208: }
209:
210: // Set the Lastname.
211: attrName = LDAPSecurityConstants.getLastNameAttribute();
212: if (attrName != null) {
213: Object value = getLastName();
214:
215: if (value != null) {
216: Attribute attr = new BasicAttribute(attrName, value);
217:
218: attribs.put(attr);
219: }
220: }
221:
222: // Set the E-Mail.
223: attrName = LDAPSecurityConstants.getEmailAttribute();
224: if (attrName != null) {
225: Object value = getEmail();
226:
227: if (value != null) {
228: Attribute attr = new BasicAttribute(attrName, value);
229:
230: attribs.put(attr);
231: }
232: }
233:
234: // Set the Password
235: attrName = LDAPSecurityConstants.getPasswordAttribute();
236: if (attrName != null) {
237: Object value = getPassword();
238:
239: if (value != null) {
240: Attribute attr = new BasicAttribute(attrName, value);
241:
242: attribs.put(attr);
243: }
244: }
245:
246: return attribs;
247: }
248:
249: /**
250: * Gets the distinguished name (DN) of the User.
251: * This method could be redefined in a subclass.
252: * @return The Distinguished Name of the user.
253: */
254: public String getDN() {
255: String filterAttribute = LDAPSecurityConstants
256: .getNameAttribute();
257: String userBaseSearch = LDAPSecurityConstants.getBaseSearch();
258: String userName = getName();
259:
260: String dn = filterAttribute + "=" + userName + ","
261: + userBaseSearch;
262:
263: return dn;
264: }
265:
266: /**
267: * Gets the access counter for a user during a session.
268: *
269: * @return The access counter for the user for the session.
270: */
271: public int getAccessCounterForSession() {
272: try {
273: return ((Integer) getTemp(User.SESSION_ACCESS_COUNTER))
274: .intValue();
275: } catch (Exception e) {
276: return 0;
277: }
278: }
279:
280: /**
281: * Gets the access counter for a user from perm storage.
282: *
283: * @return The access counter for the user.
284: */
285: public int getAccessCounter() {
286: try {
287: return ((Integer) getPerm(User.ACCESS_COUNTER)).intValue();
288: } catch (Exception e) {
289: return 0;
290: }
291: }
292:
293: /**
294: * Gets the create date for this User. This is the time at which
295: * the user object was created.
296: *
297: * @return A Java Date with the date of creation for the user.
298: */
299: public java.util.Date getCreateDate() {
300: return createDate;
301: }
302:
303: /**
304: * Returns the value of Confirmed variable
305: * @return the confirm value.
306: */
307: public String getConfirmed() {
308: String tmp = null;
309:
310: tmp = (String) getPerm(User.CONFIRM_VALUE);
311: if (tmp != null && tmp.length() == 0) {
312: tmp = null;
313: }
314: return tmp;
315: }
316:
317: /**
318: * Returns the Email for this user. If this is defined, then
319: * the user is considered logged in.
320: *
321: * @return A String with the user's Email.
322: */
323: public String getEmail() {
324: String tmp = null;
325:
326: tmp = (String) getPerm(User.EMAIL);
327: if (tmp != null && tmp.length() == 0) {
328: tmp = null;
329: }
330: return tmp;
331: }
332:
333: /**
334: * Gets the last access date for this User. This is the last time
335: * that the user object was referenced.
336: *
337: * @return A Java Date with the last access date for the user.
338: */
339: public java.util.Date getLastAccessDate() {
340: if (lastAccessDate == null) {
341: setLastAccessDate();
342: }
343: return lastAccessDate;
344: }
345:
346: /**
347: * Get last login date/time for this user.
348: *
349: * @return A Java Date with the last login date for the user.
350: */
351: public java.util.Date getLastLogin() {
352: return (java.util.Date) getPerm(User.LAST_LOGIN);
353: }
354:
355: /**
356: * Get password for this user.
357: *
358: * @return A String with the password for the user.
359: */
360: public String getPassword() {
361: return (String) getPerm(User.PASSWORD);
362: }
363:
364: /**
365: * Get an object from permanent storage.
366: * @param name The object's name.
367: * @return An Object with the given name.
368: */
369: public Object getPerm(String name) {
370: return permStorage.get(name);
371: }
372:
373: /**
374: * Get an object from permanent storage; return default if value
375: * is null.
376: *
377: * @param name The object's name.
378: * @param def A default value to return.
379: * @return An Object with the given name.
380: */
381: public Object getPerm(String name, Object def) {
382: try {
383: Object val = permStorage.get(name);
384:
385: if (val == null) {
386: return def;
387: }
388: return val;
389: } catch (Exception e) {
390: return def;
391: }
392: }
393:
394: /**
395: * This should only be used in the case where we want to save the
396: * data to the database.
397: *
398: * @return A Hashtable.
399: */
400: public Hashtable getPermStorage() {
401: if (this .permStorage == null) {
402: this .permStorage = new Hashtable();
403: }
404: return this .permStorage;
405: }
406:
407: /**
408: * Get an object from temporary storage.
409: *
410: * @param name The object's name.
411: * @return An Object with the given name.
412: */
413: public Object getTemp(String name) {
414: return tempStorage.get(name);
415: }
416:
417: /**
418: * Get an object from temporary storage; return default if value
419: * is null.
420: *
421: * @param name The object's name.
422: * @param def A default value to return.
423: * @return An Object with the given name.
424: */
425: public Object getTemp(String name, Object def) {
426: Object val;
427:
428: try {
429: val = tempStorage.get(name);
430: if (val == null) {
431: val = def;
432: }
433: } catch (Exception e) {
434: val = def;
435: }
436: return val;
437: }
438:
439: /**
440: * A User object can have a variable Timeout, which is defined in
441: * minutes. If the user has been timed out, then the
442: * hasLoggedIn() value will return false.
443: *
444: * @return An int specifying the timeout.
445: */
446: public int getTimeout() {
447: return this .timeout;
448: }
449:
450: /**
451: * Returns the username for this user. If this is defined, then
452: * the user is considered logged in.
453: *
454: * @return A String with the username.
455: * @deprecated Use getName() instead
456: */
457: public String getUserName() {
458: return getName();
459: }
460:
461: /**
462: * Returns the first name for this user. If this is defined, then
463: * the user is considered logged in.
464: *
465: * @return A String with the user's first name.
466: */
467: public String getFirstName() {
468: String tmp = null;
469:
470: tmp = (String) getPerm(User.FIRST_NAME);
471: if (tmp != null && tmp.length() == 0) {
472: tmp = null;
473: }
474: return tmp;
475: }
476:
477: /**
478: * Returns the last name for this user. If this is defined, then
479: * the user is considered logged in.
480: *
481: * @return A String with the user's last name.
482: */
483: public String getLastName() {
484: String tmp = null;
485:
486: tmp = (String) getPerm(User.LAST_NAME);
487: if (tmp != null && tmp.length() == 0) {
488: tmp = null;
489: }
490: return tmp;
491: }
492:
493: /**
494: * The user is considered logged in if they have not timed out.
495: *
496: * @return True if the user has logged in.
497: */
498: public boolean hasLoggedIn() {
499: Boolean tmp = getHasLoggedIn();
500:
501: if (tmp != null && tmp.booleanValue()) {
502: return true;
503: } else {
504: return false;
505: }
506: }
507:
508: /**
509: * This method reports whether or not the user has been confirmed
510: * in the system by checking the <code>CONFIRM_VALUE</code>
511: * column to see if it is equal to <code>CONFIRM_DATA</code>.
512: *
513: * @return True if the user has been confirmed.
514: */
515: public boolean isConfirmed() {
516: return ((String) getTemp(CONFIRM_VALUE, ""))
517: .equals(CONFIRM_DATA);
518: }
519:
520: /**
521: * Increments the permanent hit counter for the user.
522: */
523: public void incrementAccessCounter() {
524: setAccessCounter(getAccessCounter() + 1);
525: }
526:
527: /**
528: * Increments the session hit counter for the user.
529: */
530: public void incrementAccessCounterForSession() {
531: setAccessCounterForSession(getAccessCounterForSession() + 1);
532: }
533:
534: /**
535: * Remove an object from temporary storage and return the object.
536: *
537: * @param name The name of the object to remove.
538: * @return An Object.
539: */
540: public Object removeTemp(String name) {
541: return tempStorage.remove(name);
542: }
543:
544: /**
545: * Sets the access counter for a user, saved in perm storage.
546: *
547: * @param cnt The new count.
548: */
549: public void setAccessCounter(int cnt) {
550: setPerm(User.ACCESS_COUNTER, new Integer(cnt));
551: }
552:
553: /**
554: * Sets the session access counter for a user, saved in temp
555: * storage.
556: *
557: * @param cnt The new count.
558: */
559: public void setAccessCounterForSession(int cnt) {
560: setTemp(User.SESSION_ACCESS_COUNTER, new Integer(cnt));
561: }
562:
563: /**
564: * Set the users confirmed variable
565: *
566: * @param confirm The new confim value.
567: */
568: public void setConfirmed(String confirm) {
569: getPerm(User.CONFIRM_VALUE, confirm);
570: }
571:
572: /**
573: * Sets the last access date for this User. This is the last time
574: * that the user object was referenced.
575: */
576: public void setLastAccessDate() {
577: lastAccessDate = new java.util.Date();
578: }
579:
580: /**
581: * Sets the create date for this User. This is the time at which
582: * the user object was created.
583: *
584: * @param date The create date.
585: */
586: public void setCreateDate(java.util.Date date) {
587: createDate = date;
588: }
589:
590: /**
591: * Set the users Email
592: *
593: * @param email The new email.
594: */
595: public void setEmail(String email) {
596: setPerm(User.EMAIL, email);
597: }
598:
599: /**
600: * Set the users First Name
601: *
602: * @param fname The new firstname.
603: */
604: public void setFirstName(String fname) {
605: setPerm(User.FIRST_NAME, fname);
606: }
607:
608: /**
609: * Set last login date/time.
610: *
611: * @param date The last login date.
612: */
613: public void setLastLogin(java.util.Date date) {
614: setPerm(User.LAST_LOGIN, date);
615: }
616:
617: /**
618: * Set the users Last Name
619: * Sets the last name for this user.
620: *
621: * @param lname The new lastname.
622: */
623: public void setLastName(String lname) {
624: setPerm(User.LAST_NAME, lname);
625: }
626:
627: /**
628: * Set password.
629: *
630: * @param password The new password.
631: */
632: public void setPassword(String password) {
633: setPerm(User.PASSWORD, password);
634: }
635:
636: /**
637: * Put an object into permanent storage.
638: *
639: * @param name The object's name.
640: * @param value The object.
641: */
642: public void setPerm(String name, Object value) {
643: permStorage.put(name, value);
644: }
645:
646: /**
647: * This should only be used in the case where we want to save the
648: * data to the database.
649: *
650: * @param stuff A Hashtable.
651: */
652: public void setPermStorage(Hashtable stuff) {
653: this .permStorage = stuff;
654: }
655:
656: /**
657: * This should only be used in the case where we want to save the
658: * data to the database.
659: *
660: * @return A Hashtable.
661: */
662: public Hashtable getTempStorage() {
663: if (this .tempStorage == null) {
664: this .tempStorage = new Hashtable();
665: }
666: return this .tempStorage;
667: }
668:
669: /**
670: * This should only be used in the case where we want to save the
671: * data to the database.
672: *
673: * @param storage A Hashtable.
674: */
675: public void setTempStorage(Hashtable storage) {
676: this .tempStorage = storage;
677: }
678:
679: /**
680: * This gets whether or not someone has logged in. hasLoggedIn()
681: * returns this value as a boolean. This is private because you
682: * should use hasLoggedIn() instead.
683: *
684: * @return True if someone has logged in.
685: */
686: private Boolean getHasLoggedIn() {
687: return (Boolean) getTemp(User.HAS_LOGGED_IN);
688: }
689:
690: /**
691: * This sets whether or not someone has logged in. hasLoggedIn()
692: * returns this value.
693: *
694: * @param value Whether someone has logged in or not.
695: */
696: public void setHasLoggedIn(Boolean value) {
697: setTemp(User.HAS_LOGGED_IN, value);
698: }
699:
700: /**
701: * Put an object into temporary storage.
702: *
703: * @param name The object's name.
704: * @param value The object.
705: */
706: public void setTemp(String name, Object value) {
707: tempStorage.put(name, value);
708: }
709:
710: /**
711: * A User object can have a variable Timeout which is defined in
712: * minutes. If the user has been timed out, then the
713: * hasLoggedIn() value will return false.
714: *
715: * @param time The user's timeout.
716: */
717: public void setTimeout(int time) {
718: this .timeout = time;
719: }
720:
721: /**
722: * Sets the username for this user.
723: *
724: * @param username The user's username.
725: */
726: public void setUserName(String username) {
727: setPerm(User.USERNAME, username);
728: }
729:
730: /**
731: * Updates the last login date in the database.
732: *
733: * @exception Exception a generic exception.
734: */
735: public void updateLastLogin() throws Exception {
736: setPerm(User.LAST_LOGIN, new java.util.Date());
737: }
738:
739: /**
740: * Implement this method if you wish to be notified when the User
741: * has been Bound to the session.
742: *
743: * @param hsbe The HttpSessionBindingEvent.
744: */
745: public void valueBound(HttpSessionBindingEvent hsbe) {
746: // Do not currently need this method.
747: }
748:
749: /**
750: * Implement this method if you wish to be notified when the User
751: * has been Unbound from the session.
752: *
753: * @param hsbe The HttpSessionBindingEvent.
754: */
755: public void valueUnbound(HttpSessionBindingEvent hsbe) {
756: try {
757: if (hasLoggedIn()) {
758: TurbineSecurity.saveUser(this );
759: }
760: } catch (Exception e) {
761: log.error("BaseUser.valueUnbobund(): " + e.getMessage());
762: log.error(e);
763:
764: // To prevent messages being lost in case the logging system
765: // goes away before sessions get unbound on servlet container
766: // shutdown, print the stcktrace to the container's console.
767: ByteArrayOutputStream ostr = new ByteArrayOutputStream();
768:
769: e.printStackTrace(new PrintWriter(ostr, true));
770: String stackTrace = ostr.toString();
771:
772: System.out.println(stackTrace);
773: }
774: }
775:
776: /**
777: * Returns the username for this user. If this is defined, then
778: * the user is considered logged in.
779: *
780: * @return A String with the username.
781: */
782: public String getName() {
783: String tmp = null;
784:
785: tmp = (String) getPerm(User.USERNAME);
786: if (tmp != null && tmp.length() == 0) {
787: tmp = null;
788: }
789: return tmp;
790: }
791:
792: /**
793: * Not implemented.
794: * @param name the name of the User.
795: */
796: public void setName(String name) {
797: }
798:
799: /**
800: * Not implemented.
801: * @return 0
802: */
803: public int getId() {
804: return 0;
805: }
806:
807: /**
808: * Not implemented.
809: * @return null
810: */
811: public Integer getIdAsObj() {
812: return new Integer(0);
813: }
814:
815: /**
816: * Not implemented.
817: *
818: * @param id The id of the User.
819: */
820: public void setId(int id) {
821: }
822:
823: /**
824: * Saves this object to the data store.
825: * @throws Exception if it cannot be saved
826: */
827: public void save() throws Exception {
828: if (TurbineSecurity.accountExists(this )) {
829: TurbineSecurity.saveUser(this );
830: } else {
831: TurbineSecurity.addUser(this , getPassword());
832: }
833: }
834:
835: /**
836: * not implemented
837: *
838: * @param conn the database connection
839: * @throws Exception if there is an error
840: */
841: public void save(Connection conn) throws Exception {
842: throw new Exception("not implemented");
843: }
844:
845: /**
846: * not implemented
847: *
848: * @param dbname the database name
849: * @throws Exception if there is an error
850: */
851: public void save(String dbname) throws Exception {
852: throw new Exception("not implemented");
853: }
854:
855: }
|