001: /**
002: * JOnAS: Java(TM) Open Application Server
003: * Copyright (C) 2004 Bull S.A.
004: * Contact: jonas-team@objectweb.org
005: *
006: * This library is free software; you can redistribute it and/or
007: * modify it under the terms of the GNU Lesser General Public
008: * License as published by the Free Software Foundation; either
009: * version 2.1 of the License, or any later version.
010: *
011: * This library is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this library; if not, write to the Free Software
018: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
019: * USA
020: *
021: * --------------------------------------------------------------------------
022: * $Id: AbsSecurityContextHelper.java 6661 2005-04-28 08:43:27Z benoitf $
023: * --------------------------------------------------------------------------
024: */package org.objectweb.jonas.security;
025:
026: import java.util.ArrayList;
027:
028: import org.objectweb.jonas.common.JProp;
029: import org.objectweb.jonas.security.realm.factory.JResource;
030: import org.objectweb.jonas.security.realm.factory.JResourceException;
031: import org.objectweb.jonas.security.realm.principals.User;
032: import org.objectweb.jonas.service.ServiceManager;
033: import org.objectweb.security.context.SecurityContext;
034: import org.objectweb.security.context.SecurityCurrent;
035: import org.objectweb.util.monolog.api.BasicLevel;
036: import org.objectweb.util.monolog.api.Logger;
037:
038: /**
039: * This class allows to authenticate users.
040: * It's a singleton to allow inherence and "static" methods.
041: * @author Florent Benoit : Initial Developper
042: * @author Helene Joanin : Refactoring
043: */
044: public abstract class AbsSecurityContextHelper {
045:
046: /**
047: * JResource
048: */
049: private static JResource jResource = null;
050:
051: /**
052: * @return return the associated logger
053: */
054: abstract protected Logger getLogger();
055:
056: /**
057: * @return return the Realm Key
058: */
059: abstract protected String getRealmKey();
060:
061: /**
062: * @return return the default realm value
063: */
064: abstract protected String getRealmDefault();
065:
066: /**
067: * Login with given principal and given credential
068: * @param principalName the login
069: * @param credential the password
070: */
071: public void login(String principalName, String credential) {
072:
073: // No authentication can be made with a null username
074: if (principalName == null) {
075: getLogger().log(BasicLevel.ERROR,
076: "No username so no authentication");
077: return;
078: }
079:
080: // Does a user with this username exist?
081: User user = null;
082: try {
083: user = getJResource().findUser(principalName);
084: } catch (Exception jre) {
085: // could not retrieve user
086: getLogger().log(BasicLevel.ERROR,
087: "Can not find the user : " + jre.getMessage());
088: return;
089: }
090:
091: // User was not found
092: if (user == null) {
093: if (getLogger().isLoggable(BasicLevel.DEBUG)) {
094: getLogger().log(BasicLevel.DEBUG,
095: "User " + principalName + " not found.");
096: }
097: return;
098: }
099:
100: boolean validated = getJResource()
101: .isValidUser(user, credential);
102: if (!validated) {
103: getLogger().log(
104: BasicLevel.ERROR,
105: "The password for the user " + principalName
106: + " is not valid");
107: return;
108: }
109:
110: ArrayList combinedRoles = null;
111: try {
112: combinedRoles = getJResource().getArrayListCombinedRoles(
113: user);
114: } catch (JResourceException jre) {
115: getLogger().log(BasicLevel.ERROR, jre.getMessage());
116: return;
117: }
118:
119: SecurityContext ctx = new SecurityContext(principalName,
120: combinedRoles);
121: SecurityCurrent current = SecurityCurrent.getCurrent();
122: current.setSecurityContext(ctx);
123: if (getLogger().isLoggable(BasicLevel.DEBUG)) {
124: getLogger().log(
125: BasicLevel.DEBUG,
126: "Login of principalName '" + principalName
127: + "' succeeded.");
128: }
129:
130: }
131:
132: /**
133: * @return the Resource for the authentication (Realm based)
134: */
135: private JResource getJResource() {
136:
137: if (jResource != null) {
138: return jResource;
139: }
140:
141: SecurityService securityService = null;
142: // Get the Security Service
143: try {
144: securityService = (SecurityService) ServiceManager
145: .getInstance().getSecurityService();
146: } catch (Exception e) {
147: // Can't retrieve Security service
148: throw new IllegalStateException(
149: "can't retrieve Security service");
150: }
151:
152: String resName = null;
153: try {
154: resName = JProp.getInstance().getValue(getRealmKey());
155: } catch (Exception e) {
156: getLogger().log(BasicLevel.ERROR,
157: "Cannot read properties in jonas.properties file.");
158: }
159: if (resName == null) {
160: if (getLogger().isLoggable(BasicLevel.DEBUG)) {
161: getLogger()
162: .log(
163: BasicLevel.DEBUG,
164: "Cannot read property '"
165: + getRealmKey()
166: + "' in jonas.properties file. Use default value = '"
167: + getRealmDefault() + "'.");
168: }
169: resName = getRealmDefault();
170: }
171:
172: // Get the resource from the security service
173: jResource = securityService.getJResource(resName);
174: if (jResource == null) {
175: throw new IllegalStateException("Can't retrieve resource '"
176: + resName + "' from the security service");
177: }
178: return jResource;
179: }
180:
181: }
|