Source Code Cross Referenced for AbstractPropertyAuthenticatedDeployer.java in  » Web-Framework » rife-1.6.1 » com » uwyn » rife » authentication » elements » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * Copyright 2001-2007 Geert Bevin <gbevin[remove] at uwyn dot com> and
003:         * Steven Grimm <koreth[remove] at midwinter dot com>
004:         * Distributed under the terms of either:
005:         * - the common development and distribution license (CDDL), v1.0; or
006:         * - the GNU Lesser General Public License, v2.1 or later
007:         * $Id: AbstractPropertyAuthenticatedDeployer.java 3643 2007-01-12 15:29:45Z gbevin $
008:         */
009:        package com.uwyn.rife.authentication.elements;
010:
011:        import com.uwyn.rife.authentication.CredentialsManager;
012:        import com.uwyn.rife.authentication.PasswordEncrypting;
013:        import com.uwyn.rife.authentication.RememberManager;
014:        import com.uwyn.rife.authentication.SessionManager;
015:        import com.uwyn.rife.authentication.SessionValidator;
016:        import com.uwyn.rife.authentication.elements.exceptions.UnknownCredentialsClassException;
017:        import com.uwyn.rife.authentication.elements.exceptions.UnsupportedEncryptionException;
018:        import com.uwyn.rife.authentication.remembermanagers.PurgingRememberManager;
019:        import com.uwyn.rife.authentication.sessionmanagers.PurgingSessionManager;
020:        import com.uwyn.rife.config.RifeConfig;
021:        import com.uwyn.rife.engine.exceptions.EngineException;
022:        import com.uwyn.rife.engine.exceptions.PropertyRequiredException;
023:        import com.uwyn.rife.tools.Convert;
024:        import com.uwyn.rife.tools.StringEncryptor;
025:
026:        /**
027:         * Deployer for {@link Authenticated} elements that configures the various
028:         * authentication managers through properties.
029:         * 
030:         * <p>Element properties used:
031:         * <dl>
032:         * <dt>{@value #PROPERTYNAME_CREDENTIALS_CLASS} (required)</dt>
033:         * <dd>The fully qualified name of the class that will be used to store the
034:         * credentials, this is typically {@link com.uwyn.rife.authentication.credentials.RoleUser}</dd>
035:         * <dt>{@value #PROPERTYNAME_ENABLE_PURGING}</dt>
036:         * <dd>When {@code true}, the appropriate authentication managers will
037:         * be wrapped with proxy that purges outdated data on-the-fly without having
038:         * to run an asynchronous purge thread.</dd>
039:         * <dt>{@value #PROPERTYNAME_PASSWORD_ENCRYPTION}</dt>
040:         * <dd>The encryption method that will be used for the password, this has to
041:         * be a valid identifier of a {@link StringEncryptor}</dd>
042:         * <dt>{@value #PROPERTYNAME_SESSION_DURATION}</dt>
043:         * <dd>The duration of an authentication session in milliseconds. This defaults
044:         * to the global authentication session duration that has been setup in the
045:         * configuration participant.</dd>
046:         * <dt>{@value #PROPERTYNAME_REMEMBER_DURATION}</dt>
047:         * <dd>The duration that credential remember IDs are preserved in
048:         * milliseconds. This defaults to the global remember duration that has been
049:         * setup in the configuration participant.</dd>
050:         * <dt>{@value #PROPERTYNAME_SESSION_PURGE_FREQUENCY}</dt>
051:         * <dd>The purge frequency of the authentication session purging when purging
052:         * is enabled.</dd>
053:         * <dt>{@value #PROPERTYNAME_SESSION_PURGE_SCALE}</dt>
054:         * <dd>The purge scale of the authentication session purging when purging
055:         * is enabled.</dd>
056:         * <dt>{@value #PROPERTYNAME_REMEMBER_PURGE_FREQUENCY}</dt>
057:         * <dd>The purge frequency of the remember-me purging when purging
058:         * is enabled.</dd>
059:         * <dt>{@value #PROPERTYNAME_REMEMBER_PURGE_SCALE}</dt>
060:         * <dd>The purge scale of the authentication session purging when purging
061:         * is enabled.</dd>
062:         * </dl>
063:         * <p>
064:         * The frequency of purging is controlled by two properties, "frequency" and
065:         * "scale". Every (frequency / scale) requests, a purge is performed. For
066:         * example, if frequency is 1 and scale is 2, a purge is performed on roughly
067:         * half of requests. If frequency is 2 and scale is 100, a purge is performed
068:         * on 2 percent of requests.
069:         * 
070:         * @author Steven Grimm (koreth[remove] at midwinter dot com)
071:         * @author Geert Bevin (gbevin[remove] at uwyn dot com)
072:         * @version $Revision: 3643 $
073:         * @since 1.6
074:         */
075:        public abstract class AbstractPropertyAuthenticatedDeployer extends
076:                AuthenticatedDeployer {
077:            public final static String PROPERTYNAME_CREDENTIALS_CLASS = "credentials_class";
078:            public final static String PROPERTYNAME_ENABLE_PURGING = "enable_purging";
079:            public final static String PROPERTYNAME_PASSWORD_ENCRYPTION = "password_encryption";
080:            public final static String PROPERTYNAME_SESSION_DURATION = "session_duration";
081:            public final static String PROPERTYNAME_REMEMBER_DURATION = "remember_duration";
082:            public final static String PROPERTYNAME_SESSION_PURGE_FREQUENCY = "session_purge_frequency";
083:            public final static String PROPERTYNAME_SESSION_PURGE_SCALE = "session_purge_scale";
084:            public final static String PROPERTYNAME_REMEMBER_PURGE_FREQUENCY = "remember_purge_frequency";
085:            public final static String PROPERTYNAME_REMEMBER_PURGE_SCALE = "remember_purge_scale";
086:
087:            public AbstractPropertyAuthenticatedDeployer() {
088:            }
089:
090:            /**
091:             * Creates a {@code SessionManager}.
092:             *
093:             * @return a {@code SessionManager} instance
094:             * @since 1.6
095:             */
096:            public abstract SessionManager createSessionManager();
097:
098:            /**
099:             * Creates a {@code SessionValidator}.
100:             *
101:             * @return a {@code SessionValidator} instance
102:             * @since 1.6
103:             */
104:            public abstract SessionValidator createSessionValidator();
105:
106:            /**
107:             * Creates a {@code CredentialsManager}.
108:             *
109:             * @return a {@code CredentialsManager} instance
110:             * @since 1.6
111:             */
112:            public abstract CredentialsManager createCredentialsManager();
113:
114:            /**
115:             * Creates a {@code RememberManager}.
116:             *
117:             * @return a {@code RememberManager} instance
118:             * @since 1.6
119:             */
120:            public abstract RememberManager createRememberManager();
121:
122:            public void deploy() throws EngineException {
123:                if (!getElementInfo().containsProperty(
124:                        PROPERTYNAME_CREDENTIALS_CLASS)) {
125:                    throw new PropertyRequiredException(getElementInfo()
126:                            .getDeclarationName(),
127:                            PROPERTYNAME_CREDENTIALS_CLASS);
128:                }
129:
130:                String credentials_class_name = getElementInfo()
131:                        .getPropertyString(PROPERTYNAME_CREDENTIALS_CLASS);
132:                Class credentials_class = null;
133:                try {
134:                    credentials_class = Class.forName(credentials_class_name);
135:                    setCredentialsClass(credentials_class);
136:                } catch (ClassNotFoundException e) {
137:                    throw new UnknownCredentialsClassException(
138:                            credentials_class_name, e);
139:                }
140:
141:                SessionValidator validator = createSessionValidator();
142:
143:                // set up the authentication handlers
144:                SessionManager session_manager = createSessionManager();
145:                CredentialsManager credentials_manager = createCredentialsManager();
146:                RememberManager remember_manager = createRememberManager();
147:
148:                validator.setCredentialsManager(credentials_manager);
149:                validator.setSessionManager(session_manager);
150:                validator.setRememberManager(remember_manager);
151:
152:                // handle purging
153:                if (Convert.toBoolean(getElementInfo().getProperty(
154:                        PROPERTYNAME_ENABLE_PURGING), false)) {
155:                    PurgingSessionManager purging_session_manager = new PurgingSessionManager(
156:                            validator.getSessionManager());
157:                    validator.setSessionManager(purging_session_manager);
158:
159:                    if (!getElementInfo().isPropertyEmpty(
160:                            PROPERTYNAME_SESSION_PURGE_FREQUENCY)) {
161:                        purging_session_manager
162:                                .setSessionPurgeFrequency(Convert
163:                                        .toInt(
164:                                                getElementInfo()
165:                                                        .getProperty(
166:                                                                PROPERTYNAME_SESSION_PURGE_FREQUENCY),
167:                                                RifeConfig.Authentication
168:                                                        .getSessionPurgeFrequency()));
169:                    }
170:                    if (!getElementInfo().isPropertyEmpty(
171:                            PROPERTYNAME_SESSION_PURGE_SCALE)) {
172:                        purging_session_manager.setSessionPurgeScale(Convert
173:                                .toInt(getElementInfo().getProperty(
174:                                        PROPERTYNAME_SESSION_PURGE_SCALE),
175:                                        RifeConfig.Authentication
176:                                                .getSessionPurgeScale()));
177:                    }
178:
179:                    RememberManager current_remember_manager = validator
180:                            .getRememberManager();
181:                    if (null != current_remember_manager) {
182:                        PurgingRememberManager purging_remember_manager = new PurgingRememberManager(
183:                                current_remember_manager);
184:                        validator.setRememberManager(purging_remember_manager);
185:
186:                        if (!getElementInfo().isPropertyEmpty(
187:                                PROPERTYNAME_REMEMBER_PURGE_FREQUENCY)) {
188:                            purging_remember_manager
189:                                    .setRememberPurgeFrequency(Convert
190:                                            .toInt(
191:                                                    getElementInfo()
192:                                                            .getProperty(
193:                                                                    PROPERTYNAME_REMEMBER_PURGE_FREQUENCY),
194:                                                    RifeConfig.Authentication
195:                                                            .getRememberPurgeFrequency()));
196:                        }
197:                        if (!getElementInfo().isPropertyEmpty(
198:                                PROPERTYNAME_REMEMBER_PURGE_SCALE)) {
199:                            purging_remember_manager
200:                                    .setRememberPurgeScale(Convert
201:                                            .toInt(
202:                                                    getElementInfo()
203:                                                            .getProperty(
204:                                                                    PROPERTYNAME_REMEMBER_PURGE_SCALE),
205:                                                    RifeConfig.Authentication
206:                                                            .getRememberPurgeScale()));
207:                        }
208:                    }
209:                }
210:
211:                // register the session validator
212:                setSessionValidator(validator);
213:
214:                // handle encryption settings
215:                if (credentials_manager instanceof  PasswordEncrypting
216:                        && !getElementInfo().isPropertyEmpty(
217:                                PROPERTYNAME_PASSWORD_ENCRYPTION)) {
218:                    String encryption = getElementInfo().getPropertyString(
219:                            PROPERTYNAME_PASSWORD_ENCRYPTION);
220:                    StringEncryptor encryptor = StringEncryptor
221:                            .getEncryptor(encryption);
222:                    if (null == encryptor) {
223:                        throw new UnsupportedEncryptionException(encryption);
224:                    }
225:                    ((PasswordEncrypting) credentials_manager)
226:                            .setPasswordEncryptor(encryptor);
227:                }
228:
229:                // handle authentication duration settings
230:                if (!getElementInfo().isPropertyEmpty(
231:                        PROPERTYNAME_SESSION_DURATION)) {
232:                    session_manager.setSessionDuration(Convert.toLong(
233:                            getElementInfo().getProperty(
234:                                    PROPERTYNAME_SESSION_DURATION),
235:                            RifeConfig.Authentication.getSessionDuration()));
236:                }
237:
238:                // handle remember duration settings
239:                if (null != remember_manager
240:                        && !getElementInfo().isPropertyEmpty(
241:                                PROPERTYNAME_REMEMBER_DURATION)) {
242:                    remember_manager.setRememberDuration(Convert.toLong(
243:                            getElementInfo().getProperty(
244:                                    PROPERTYNAME_REMEMBER_DURATION),
245:                            RifeConfig.Authentication.getRememberDuration()));
246:                }
247:            }
248:        }