001: /*
002: * Copyright (c) 1998-2008 Caucho Technology -- all rights reserved
003: *
004: * This file is part of Resin(R) Open Source
005: *
006: * Each copy or derived work must preserve the copyright notice and this
007: * notice unmodified.
008: *
009: * Resin Open Source is free software; you can redistribute it and/or modify
010: * it under the terms of the GNU General Public License as published by
011: * the Free Software Foundation; either version 2 of the License, or
012: * (at your option) any later version.
013: *
014: * Resin Open Source is distributed in the hope that it will be useful,
015: * but WITHOUT ANY WARRANTY; without even the implied warranty of
016: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
017: * of NON-INFRINGEMENT. See the GNU General Public License for more
018: * details.
019: *
020: * You should have received a copy of the GNU General Public License
021: * along with Resin Open Source; if not, write to the
022: *
023: * Free Software Foundation, Inc.
024: * 59 Temple Place, Suite 330
025: * Boston, MA 02111-1307 USA
026: *
027: * @author Scott Ferguson
028: */
029:
030: package com.caucho.server.security;
031:
032: import com.caucho.config.*;
033: import com.caucho.security.BasicPrincipal;
034: import com.caucho.util.Alarm;
035: import com.caucho.vfs.Depend;
036: import com.caucho.vfs.Path;
037:
038: import javax.annotation.PostConstruct;
039: import javax.servlet.ServletContext;
040: import javax.servlet.ServletException;
041: import javax.servlet.http.HttpServletRequest;
042: import javax.servlet.http.HttpServletResponse;
043: import java.security.Principal;
044: import java.util.*;
045: import java.util.logging.*;
046: import java.io.*;
047:
048: /**
049: * The Property authenticator reads a properties file for authentication.
050: *
051: * <code><pre>
052: * <authenticator url="prop:path=WEB-INF/users.xml"/>
053: * </pre></code>
054: *
055: * <p>The format of the static file is as follows:
056: *
057: * <code><pre>
058: * h.potter=password,user,captain
059: * </pre></code>
060: *
061: * <p>The authenticator can also be configured in the resin-web.xml:
062: *
063: * <code><pre>
064: * <authenticator url="prop:password-digest=none">
065: * <init>
066: * Harry Potter=quidditch,user,captain
067: * </init>
068: * </authenticator>
069: * </pre></code>
070: */
071: public class PropertyAuthenticator extends
072: AbstractPasswordAuthenticator {
073: private static final Logger log = Logger
074: .getLogger(PropertyAuthenticator.class.getName());
075:
076: private Path _path;
077: private Hashtable<String, PasswordUser> _userMap = new Hashtable<String, PasswordUser>();
078:
079: private Depend _depend;
080: private long _lastCheck;
081:
082: /**
083: * Sets the path to the property file.
084: */
085: public void setPath(Path path) {
086: _path = path;
087: }
088:
089: /**
090: * Gets the path to the property file.
091: */
092: public Path getPath() {
093: return _path;
094: }
095:
096: /**
097: * Sets the properties value
098: *
099: * <pre>
100: * <init value='Harry Potter=quidditch,user,webdav'/>
101: * </pre>
102: */
103: public void setValue(Properties value) {
104: for (Map.Entry entry : value.entrySet()) {
105: String name = (String) entry.getKey();
106: String userValue = (String) entry.getValue();
107:
108: _userMap.put(name, createUser(name, userValue));
109: }
110: }
111:
112: /**
113: * Initialize the properties authenticator.
114: */
115: @PostConstruct
116: public synchronized void init() throws ServletException {
117: super .init();
118:
119: reload();
120: }
121:
122: /**
123: * Returns the PasswordUser
124: */
125: @Override
126: protected PasswordUser getUser(String userName) {
127: if (userName == null)
128: return null;
129:
130: if (isModified())
131: reload();
132:
133: PasswordUser user = _userMap.get(userName).copy();
134:
135: if (user != null)
136: return user.copy();
137: else
138: return null;
139: }
140:
141: /**
142: * Reload the authenticator.
143: */
144: protected void reload() {
145: if (_path == null)
146: return;
147:
148: synchronized (this ) {
149: try {
150: _lastCheck = Alarm.getCurrentTime();
151: _depend = new Depend(_path);
152:
153: if (log.isLoggable(Level.FINE))
154: log.fine(this + " loading users from " + _path);
155:
156: _userMap = new Hashtable<String, PasswordUser>();
157:
158: Properties props = new Properties();
159: InputStream is = _path.openRead();
160: try {
161: props.load(is);
162: } finally {
163: is.close();
164: }
165:
166: setValue(props);
167: } catch (Exception e) {
168: throw ConfigException.create(e);
169: }
170: }
171: }
172:
173: /**
174: * Creates the password user based on a name and a comma-separated value
175: */
176: protected PasswordUser createUser(String name, String value) {
177: String[] values = value.trim().split("[,]");
178:
179: Principal principal = new BasicPrincipal(name);
180:
181: if (values.length < 1) {
182: return new PasswordUser(principal, new char[0], true,
183: false, new String[0]);
184: }
185:
186: String password = values[0].trim();
187: boolean isDisabled = false;
188: boolean isAnonymous = false;
189: ArrayList<String> roles = new ArrayList<String>();
190:
191: for (int i = 1; i < values.length; i++) {
192: String item = values[i].trim();
193:
194: if (item.equals("disabled"))
195: isDisabled = true;
196: else if (!item.equals(""))
197: roles.add(item);
198: }
199:
200: if (roles.size() == 0)
201: roles.add("user");
202:
203: String[] roleArray = new String[roles.size()];
204: roles.toArray(roleArray);
205:
206: return new PasswordUser(principal, password.toCharArray(),
207: isDisabled, isAnonymous, roleArray);
208: }
209:
210: private boolean isModified() {
211: if (_path == null)
212: return false;
213: else if (_depend == null)
214: return true;
215: else if (Alarm.getCurrentTime() < _lastCheck + 5000)
216: return false;
217: else {
218: _lastCheck = Alarm.getCurrentTime();
219: return _depend.isModified();
220: }
221: }
222:
223: public String toString() {
224: StringBuilder sb = new StringBuilder();
225:
226: sb.append(getClass().getSimpleName());
227: sb.append("[");
228:
229: boolean hasValue = false;
230: if (getPath() != null) {
231: hasValue = true;
232: sb.append(getPath());
233: }
234:
235: if (getPasswordDigest() != null) {
236: if (!hasValue)
237: sb.append(",");
238:
239: sb.append(getPasswordDigest());
240: }
241:
242: sb.append("]");
243:
244: return sb.toString();
245: }
246: }
|