001: /*
002: * Copyright 2005 David M Johnson (For RSS and Atom In Action)
003: *
004: * Licensed under the Apache License, Version 2.0 (the "License");
005: * you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */
016: package org.apache.roller.webservices.adminapi;
017:
018: import javax.servlet.http.HttpServletRequest;
019: import org.apache.roller.RollerException;
020: import org.apache.roller.business.Roller;
021: import org.apache.roller.business.RollerFactory;
022: import org.apache.roller.business.UserManager;
023: import org.apache.roller.pojos.UserData;
024:
025: /**
026: * TODO
027: *
028: * @author jtb
029: */
030: abstract class Authenticator {
031: private HttpServletRequest request;
032: private Roller roller;
033: private String userName;
034:
035: /** Creates a new instance of HttpBasicAuthenticator */
036: public Authenticator(HttpServletRequest req) {
037: setRequest(req);
038: setRoller(RollerFactory.getRoller());
039: }
040:
041: public abstract void authenticate() throws HandlerException;
042:
043: /**
044: * This method should be called by extensions of this class within their
045: * implementation of authenticate().
046: */
047: protected void verifyUser(String userName, String password)
048: throws HandlerException {
049: UserData ud = getUserData(userName);
050: String realpassword = ud.getPassword();
051:
052: if (!userName.trim().equals(ud.getUserName())) {
053: throw new UnauthorizedException(
054: "ERROR: User is not authorized: " + userName);
055: }
056: if (!password.trim().equals(realpassword)) {
057: throw new UnauthorizedException(
058: "ERROR: User is not authorized: " + userName);
059: }
060:
061: if (!ud.hasRole("admin")) {
062: throw new UnauthorizedException(
063: "ERROR: User must have the admin role to use the AAPP endpoint: "
064: + userName);
065: }
066: if (!ud.getEnabled().booleanValue()) {
067: throw new UnauthorizedException("ERROR: User is disabled: "
068: + userName);
069: }
070: }
071:
072: public HttpServletRequest getRequest() {
073: return request;
074: }
075:
076: protected void setRequest(HttpServletRequest request) {
077: this .request = request;
078: }
079:
080: public String getUserName() {
081: return userName;
082: }
083:
084: protected void setUserName(String userId) {
085: this .userName = userId;
086: }
087:
088: protected Roller getRoller() {
089: return roller;
090: }
091:
092: protected void setRoller(Roller roller) {
093: this .roller = roller;
094: }
095:
096: protected UserData getUserData(String name)
097: throws NotFoundException, InternalException {
098: try {
099: UserManager mgr = getRoller().getUserManager();
100: UserData ud = mgr.getUserByUserName(name, Boolean.TRUE);
101: if (ud == null) {
102: ud = mgr.getUserByUserName(name, Boolean.FALSE);
103: }
104: if (ud == null) {
105: throw new NotFoundException("ERROR: Unknown user: "
106: + name);
107: }
108:
109: return ud;
110: } catch (RollerException re) {
111: throw new InternalException("ERROR: Could not get user: "
112: + name, re);
113: }
114: }
115:
116: }
|