001: /*
002:
003: This software is OSI Certified Open Source Software.
004: OSI Certified is a certification mark of the Open Source Initiative.
005:
006: The license (Mozilla version 1.0) can be read at the MMBase site.
007: See http://www.MMBase.org/license
008:
009: */
010: package org.mmbase.security;
011:
012: import org.mmbase.util.logging.Logger;
013: import org.mmbase.util.logging.Logging;
014:
015: /**
016: * This class is the main class of the security system. It loads the authentication
017: * and authorization classes if needed, and they can be requested from this manager.
018: *
019: *
020: * @javadoc
021: * @author Eduard Witteveen
022: * @version $Id: MMBaseCop.java,v 1.26 2008/01/22 16:49:42 michiel Exp $
023: */
024: public class MMBaseCop extends SecurityManager {
025: private static final Logger log = Logging
026: .getLoggerInstance(MMBaseCop.class);
027:
028: /**
029: * The configuration used by our system
030: */
031: private MMBaseCopConfig config;
032:
033: /**
034: * The constructor, will load the classes for authorization and authentication
035: * with their config files, as specied in the xml from configUrl
036: * @throws java.io.IOException When reading the file failed
037: * @throws java.lang.NoSuchMethodException When a tag was not specified
038: * @throws org.mmbase.security.SecurityException When the class could not be loaded
039: */
040: public MMBaseCop() throws java.io.IOException,
041: NoSuchMethodException, SecurityException {
042: super ();
043: config = new MMBaseCopConfig(this );
044: config.load();
045: copyActions(ActionRepository.bootstrap, config
046: .getActionRepository());
047: ActionRepository.bootstrap = null;
048: log.service("Done loading security configuration");
049: }
050:
051: /**
052: * @since MMBase-1.9
053: */
054: protected void copyActions(ActionRepository source,
055: ActionRepository destination) {
056: for (java.util.Map<String, Action> map : source.getActions()) {
057: for (Action a : map.values()) {
058: destination.add(a);
059: }
060: }
061: }
062:
063: /**
064: * reload, will load the classes for authorization and authentication
065: * with their config files, as specied in the xml from configUrl
066: * @throws java.io.IOException When reading the file failed
067: * @throws java.lang.NoSuchMethodException When a tag was not specified
068: * @throws org.mmbase.security.SecurityException When the class could not be loaded
069: */
070: public void reload() throws java.io.IOException,
071: NoSuchMethodException, SecurityException {
072: log.debug("Retrieving a new security configuration...");
073: MMBaseCopConfig newConfig = new MMBaseCopConfig(this );
074: newConfig.load();
075: // if no exception happed, the configuration can be replaced
076: config.watcher.clear();
077: copyActions(config.getActionRepository(), newConfig
078: .getActionRepository());
079: config = newConfig;
080: log.info("Done changing security configuration");
081: }
082:
083: private final MMBaseCopConfig getConfig() {
084: if (config == null)
085: throw new RuntimeException(
086: "No MMBaseCopConfig in MMBaseCop!!");
087: return config;
088: }
089:
090: /**
091: * Returns the authentication class, which should be used.
092: * @return The authentication class which should be used.
093: */
094: public Authentication getAuthentication() {
095: return getConfig().getAuthentication();
096: }
097:
098: /**
099: * Returns the authorization class, which should be used.
100: * @return The authorization class which should be used.
101: */
102: public Authorization getAuthorization() {
103: return getConfig().getAuthorization();
104: }
105:
106: /**
107: * @since MMBase-1.9
108: */
109: public ActionRepository getActionRepository() {
110: return getConfig().getActionRepository();
111: }
112:
113: /**
114: * Returns the authorization class, which should be used(for optimizations)
115: * @return <code>true</code>When the SecurityManager should
116: * be used.
117: * <code>false</code>When not.
118: */
119: public boolean getActive() {
120: return getConfig().getActive();
121: }
122:
123: /**
124: * checks if the received shared secret is equals to your own shared secret
125: * @param received shared secret
126: * @return true if received shared secret equals your own shared secret
127: * @return false if received shared secret not equals your own shared secret
128: */
129: public boolean checkSharedSecret(String received) {
130: return getConfig().checkSharedSecret(received);
131: }
132:
133: /**
134: * get the shared Secret
135: * @return the shared Secret
136: */
137: public String getSharedSecret() {
138: return getConfig().getSharedSecret();
139: }
140: }
|