Source Code Cross Referenced for BaseSecurityService.java in  » Web-Framework » TURBINE » org » apache » turbine » services » security » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation
1. 6.0 JDK Core
2. 6.0 JDK Modules
3. 6.0 JDK Modules com.sun
4. 6.0 JDK Modules com.sun.java
5. 6.0 JDK Modules sun
6. 6.0 JDK Platform
7. Ajax
8. Apache Harmony Java SE
9. Aspect oriented
10. Authentication Authorization
11. Blogger System
12. Build
13. Byte Code
14. Cache
15. Chart
16. Chat
17. Code Analyzer
18. Collaboration
19. Content Management System
20. Database Client
21. Database DBMS
22. Database JDBC Connection Pool
23. Database ORM
24. Development
25. EJB Server geronimo
26. EJB Server GlassFish
27. EJB Server JBoss 4.2.1
28. EJB Server resin 3.1.5
29. ERP CRM Financial
30. ESB
31. Forum
32. GIS
33. Graphic Library
34. Groupware
35. HTML Parser
36. IDE
37. IDE Eclipse
38. IDE Netbeans
39. Installer
40. Internationalization Localization
41. Inversion of Control
42. Issue Tracking
43. J2EE
44. JBoss
45. JMS
46. JMX
47. Library
48. Mail Clients
49. Net
50. Parser
51. PDF
52. Portal
53. Profiler
54. Project Management
55. Report
56. RSS RDF
57. Rule Engine
58. Science
59. Scripting
60. Search Engine
61. Security
62. Sevlet Container
63. Source Control
64. Swing Library
65. Template Engine
66. Test Coverage
67. Testing
68. UML
69. Web Crawler
70. Web Framework
71. Web Mail
72. Web Server
73. Web Services
74. Web Services apache cxf 2.0.1
75. Web Services AXIS2
76. Wiki Engine
77. Workflow Engines
78. XML
79. XML UI
Java
Java Tutorial
Java Open Source
Jar File Download
Java Articles
Java Products
Java by API
Photoshop Tutorials
Maya Tutorials
Flash Tutorials
3ds-Max Tutorials
Illustrator Tutorials
GIMP Tutorials
C# / C Sharp
C# / CSharp Tutorial
C# / CSharp Open Source
ASP.Net
ASP.NET Tutorial
JavaScript DHTML
JavaScript Tutorial
JavaScript Reference
HTML / CSS
HTML CSS Reference
C / ANSI-C
C Tutorial
C++
C++ Tutorial
Ruby
PHP
Python
Python Tutorial
Python Open Source
SQL Server / T-SQL
SQL Server / T-SQL Tutorial
Oracle PL / SQL
Oracle PL/SQL Tutorial
PostgreSQL
SQL / MySQL
MySQL Tutorial
VB.Net
VB.Net Tutorial
Flash / Flex / ActionScript
VBA / Excel / Access / Word
XML
XML Tutorial
Microsoft Office PowerPoint 2007 Tutorial
Microsoft Office Excel 2007 Tutorial
Microsoft Office Word 2007 Tutorial
Java Source Code / Java Documentation » Web Framework » TURBINE » org.apache.turbine.services.security 
Source Cross Referenced  Class Diagram Java Document (Java Doc) 


0001:        package org.apache.turbine.services.security;
0002:
0003:        /*
0004:         * Licensed to the Apache Software Foundation (ASF) under one
0005:         * or more contributor license agreements.  See the NOTICE file
0006:         * distributed with this work for additional information
0007:         * regarding copyright ownership.  The ASF licenses this file
0008:         * to you under the Apache License, Version 2.0 (the
0009:         * "License"); you may not use this file except in compliance
0010:         * with the License.  You may obtain a copy of the License at
0011:         *
0012:         *   http://www.apache.org/licenses/LICENSE-2.0
0013:         *
0014:         * Unless required by applicable law or agreed to in writing,
0015:         * software distributed under the License is distributed on an
0016:         * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
0017:         * KIND, either express or implied.  See the License for the
0018:         * specific language governing permissions and limitations
0019:         * under the License.
0020:         */
0021:
0022:        import java.util.List;
0023:        import java.util.Map;
0024:
0025:        import javax.servlet.ServletConfig;
0026:
0027:        import org.apache.commons.configuration.Configuration;
0028:
0029:        import org.apache.commons.lang.StringUtils;
0030:
0031:        import org.apache.commons.logging.Log;
0032:        import org.apache.commons.logging.LogFactory;
0033:
0034:        import org.apache.torque.util.Criteria;
0035:
0036:        import org.apache.turbine.om.security.Group;
0037:        import org.apache.turbine.om.security.Permission;
0038:        import org.apache.turbine.om.security.Role;
0039:        import org.apache.turbine.om.security.User;
0040:        import org.apache.turbine.services.InitializationException;
0041:        import org.apache.turbine.services.TurbineBaseService;
0042:        import org.apache.turbine.services.TurbineServices;
0043:        import org.apache.turbine.services.crypto.CryptoAlgorithm;
0044:        import org.apache.turbine.services.crypto.CryptoService;
0045:        import org.apache.turbine.services.crypto.TurbineCrypto;
0046:        import org.apache.turbine.services.factory.FactoryService;
0047:        import org.apache.turbine.util.security.AccessControlList;
0048:        import org.apache.turbine.util.security.DataBackendException;
0049:        import org.apache.turbine.util.security.EntityExistsException;
0050:        import org.apache.turbine.util.security.GroupSet;
0051:        import org.apache.turbine.util.security.PasswordMismatchException;
0052:        import org.apache.turbine.util.security.PermissionSet;
0053:        import org.apache.turbine.util.security.RoleSet;
0054:        import org.apache.turbine.util.security.UnknownEntityException;
0055:
0056:        /**
0057:         * This is a common subset of SecurityService implementation.
0058:         *
0059:         * Provided functionality includes:
0060:         * <ul>
0061:         * <li> methods for retrieving User objects, that delegates functionality
0062:         *      to the pluggable implementations of the User interface.
0063:         * <li> synchronization mechanism for methods reading/modifying the security
0064:         *      information, that guarantees that multiple threads may read the
0065:         *      information concurrently, but threads that modify the information
0066:         *      acquires exclusive access.
0067:         * <li> implementation of convenience methods for retrieving security entities
0068:         *      that maintain in-memory caching of objects for fast access.
0069:         * </ul>
0070:         *
0071:         * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
0072:         * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
0073:         * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
0074:         * @author <a href="mailto:quintonm@bellsouth.net">Quinton McCombs</a>
0075:         * @version $Id: BaseSecurityService.java 534527 2007-05-02 16:10:59Z tv $
0076:         */
0077:        public abstract class BaseSecurityService extends TurbineBaseService
0078:                implements  SecurityService {
0079:            /** The number of threads concurrently reading security information */
0080:            private int readerCount = 0;
0081:
0082:            /** The instance of UserManager the SecurityService uses */
0083:            private UserManager userManager = null;
0084:
0085:            /** The class of User the SecurityService uses */
0086:            private Class userClass = null;
0087:
0088:            /** The class of Group the SecurityService uses */
0089:            private Class groupClass = null;
0090:
0091:            /** The class of Permission the SecurityService uses */
0092:            private Class permissionClass = null;
0093:
0094:            /** The class of Role the SecurityService uses */
0095:            private Class roleClass = null;
0096:
0097:            /** The class of ACL the SecurityService uses */
0098:            private Class aclClass = null;
0099:
0100:            /** A factory to construct ACL Objects */
0101:            private FactoryService aclFactoryService = null;
0102:
0103:            /**
0104:             * The Group object that represents the <a href="#global">global group</a>.
0105:             */
0106:            private static Group globalGroup = null;
0107:
0108:            /** Logging */
0109:            private static Log log = LogFactory
0110:                    .getLog(BaseSecurityService.class);
0111:
0112:            /**
0113:             * This method provides client-side encryption of passwords.
0114:             *
0115:             * If <code>secure.passwords</code> are enabled in TurbineResources,
0116:             * the password will be encrypted, if not, it will be returned unchanged.
0117:             * The <code>secure.passwords.algorithm</code> property can be used
0118:             * to chose which digest algorithm should be used for performing the
0119:             * encryption. <code>SHA</code> is used by default.
0120:             *
0121:             * @param password the password to process
0122:             * @return processed password
0123:             */
0124:            public String encryptPassword(String password) {
0125:                return encryptPassword(password, null);
0126:            }
0127:
0128:            /**
0129:             * This method provides client-side encryption of passwords.
0130:             *
0131:             * If <code>secure.passwords</code> are enabled in TurbineResources,
0132:             * the password will be encrypted, if not, it will be returned unchanged.
0133:             * The <code>secure.passwords.algorithm</code> property can be used
0134:             * to chose which digest algorithm should be used for performing the
0135:             * encryption. <code>SHA</code> is used by default.
0136:             *
0137:             * The used algorithms must be prepared to accept null as a
0138:             * valid parameter for salt. All algorithms in the Fulcrum Cryptoservice
0139:             * accept this.
0140:             *
0141:             * @param password the password to process
0142:             * @param salt     algorithms that needs a salt can provide one here
0143:             * @return processed password
0144:             */
0145:
0146:            public String encryptPassword(String password, String salt) {
0147:                if (password == null) {
0148:                    return null;
0149:                }
0150:                String secure = getConfiguration().getString(
0151:                        SecurityService.SECURE_PASSWORDS_KEY,
0152:                        SecurityService.SECURE_PASSWORDS_DEFAULT).toLowerCase();
0153:
0154:                String algorithm = getConfiguration().getString(
0155:                        SecurityService.SECURE_PASSWORDS_ALGORITHM_KEY,
0156:                        SecurityService.SECURE_PASSWORDS_ALGORITHM_DEFAULT);
0157:
0158:                CryptoService cs = TurbineCrypto.getService();
0159:
0160:                if (cs != null
0161:                        && (secure.equals("true") || secure.equals("yes"))) {
0162:                    try {
0163:                        CryptoAlgorithm ca = cs.getCryptoAlgorithm(algorithm);
0164:
0165:                        ca.setSeed(salt);
0166:
0167:                        String result = ca.encrypt(password);
0168:
0169:                        return result;
0170:                    } catch (Exception e) {
0171:                        log.error("Unable to encrypt password: ", e);
0172:
0173:                        return null;
0174:                    }
0175:                } else {
0176:                    return password;
0177:                }
0178:            }
0179:
0180:            /**
0181:             * Checks if a supplied password matches the encrypted password
0182:             *
0183:             * @param checkpw      The clear text password supplied by the user
0184:             * @param encpw        The current, encrypted password
0185:             *
0186:             * @return true if the password matches, else false
0187:             *
0188:             */
0189:
0190:            public boolean checkPassword(String checkpw, String encpw) {
0191:                String result = encryptPassword(checkpw, encpw);
0192:
0193:                return (result == null) ? false : result.equals(encpw);
0194:            }
0195:
0196:            /**
0197:             * Initializes the SecurityService, locating the apropriate UserManager
0198:             * This is a zero parameter variant which queries the Turbine Servlet
0199:             * for its config.
0200:             *
0201:             * @throws InitializationException Something went wrong in the init stage
0202:             */
0203:            public void init() throws InitializationException {
0204:                Configuration conf = getConfiguration();
0205:
0206:                String userManagerClassName = conf.getString(
0207:                        SecurityService.USER_MANAGER_KEY,
0208:                        SecurityService.USER_MANAGER_DEFAULT);
0209:
0210:                String userClassName = conf.getString(
0211:                        SecurityService.USER_CLASS_KEY,
0212:                        SecurityService.USER_CLASS_DEFAULT);
0213:
0214:                String groupClassName = conf.getString(
0215:                        SecurityService.GROUP_CLASS_KEY,
0216:                        SecurityService.GROUP_CLASS_DEFAULT);
0217:
0218:                String permissionClassName = conf.getString(
0219:                        SecurityService.PERMISSION_CLASS_KEY,
0220:                        SecurityService.PERMISSION_CLASS_DEFAULT);
0221:
0222:                String roleClassName = conf.getString(
0223:                        SecurityService.ROLE_CLASS_KEY,
0224:                        SecurityService.ROLE_CLASS_DEFAULT);
0225:
0226:                String aclClassName = conf.getString(
0227:                        SecurityService.ACL_CLASS_KEY,
0228:                        SecurityService.ACL_CLASS_DEFAULT);
0229:
0230:                try {
0231:                    userClass = Class.forName(userClassName);
0232:                    groupClass = Class.forName(groupClassName);
0233:                    permissionClass = Class.forName(permissionClassName);
0234:                    roleClass = Class.forName(roleClassName);
0235:                    aclClass = Class.forName(aclClassName);
0236:                } catch (Exception e) {
0237:                    if (userClass == null) {
0238:                        throw new InitializationException(
0239:                                "Failed to create a Class object for User implementation",
0240:                                e);
0241:                    }
0242:                    if (groupClass == null) {
0243:                        throw new InitializationException(
0244:                                "Failed to create a Class object for Group implementation",
0245:                                e);
0246:                    }
0247:                    if (permissionClass == null) {
0248:                        throw new InitializationException(
0249:                                "Failed to create a Class object for Permission implementation",
0250:                                e);
0251:                    }
0252:                    if (roleClass == null) {
0253:                        throw new InitializationException(
0254:                                "Failed to create a Class object for Role implementation",
0255:                                e);
0256:                    }
0257:                    if (aclClass == null) {
0258:                        throw new InitializationException(
0259:                                "Failed to create a Class object for ACL implementation",
0260:                                e);
0261:                    }
0262:                }
0263:
0264:                try {
0265:                    UserManager userManager = (UserManager) Class.forName(
0266:                            userManagerClassName).newInstance();
0267:
0268:                    userManager.init(conf);
0269:
0270:                    setUserManager(userManager);
0271:                } catch (Exception e) {
0272:                    throw new InitializationException(
0273:                            "Failed to instantiate UserManager", e);
0274:                }
0275:
0276:                try {
0277:                    aclFactoryService = (FactoryService) TurbineServices
0278:                            .getInstance().getService(
0279:                                    FactoryService.SERVICE_NAME);
0280:                } catch (Exception e) {
0281:                    throw new InitializationException(
0282:                            "BaseSecurityService.init: Failed to get the Factory Service object",
0283:                            e);
0284:                }
0285:
0286:                setInit(true);
0287:            }
0288:
0289:            /**
0290:             * Initializes the SecurityService, locating the apropriate UserManager
0291:             *
0292:             * @param config a ServletConfig, to enforce early initialization
0293:             * @throws InitializationException Something went wrong in the init stage
0294:             * @deprecated use init() instead.
0295:             */
0296:            public void init(ServletConfig config)
0297:                    throws InitializationException {
0298:                init();
0299:            }
0300:
0301:            /**
0302:             * Return a Class object representing the system's chosen implementation of
0303:             * of User interface.
0304:             *
0305:             * @return systems's chosen implementation of User interface.
0306:             * @throws UnknownEntityException if the implementation of User interface
0307:             *         could not be determined, or does not exist.
0308:             */
0309:            public Class getUserClass() throws UnknownEntityException {
0310:                if (userClass == null) {
0311:                    throw new UnknownEntityException(
0312:                            "Failed to create a Class object for User implementation");
0313:                }
0314:                return userClass;
0315:            }
0316:
0317:            /**
0318:             * Construct a blank User object.
0319:             *
0320:             * This method calls getUserClass, and then creates a new object using
0321:             * the default constructor.
0322:             *
0323:             * @return an object implementing User interface.
0324:             * @throws UnknownEntityException if the object could not be instantiated.
0325:             */
0326:            public User getUserInstance() throws UnknownEntityException {
0327:                User user;
0328:                try {
0329:                    user = (User) getUserClass().newInstance();
0330:                } catch (Exception e) {
0331:                    throw new UnknownEntityException(
0332:                            "Failed instantiate an User implementation object",
0333:                            e);
0334:                }
0335:                return user;
0336:            }
0337:
0338:            /**
0339:             * Construct a blank User object.
0340:             *
0341:             * This method calls getUserClass, and then creates a new object using
0342:             * the default constructor.
0343:             *
0344:             * @param userName The name of the user.
0345:             *
0346:             * @return an object implementing User interface.
0347:             *
0348:             * @throws UnknownEntityException if the object could not be instantiated.
0349:             */
0350:            public User getUserInstance(String userName)
0351:                    throws UnknownEntityException {
0352:                User user = getUserInstance();
0353:                user.setName(userName);
0354:                return user;
0355:            }
0356:
0357:            /**
0358:             * Return a Class object representing the system's chosen implementation of
0359:             * of Group interface.
0360:             *
0361:             * @return systems's chosen implementation of Group interface.
0362:             * @throws UnknownEntityException if the implementation of Group interface
0363:             *         could not be determined, or does not exist.
0364:             */
0365:            public Class getGroupClass() throws UnknownEntityException {
0366:                if (groupClass == null) {
0367:                    throw new UnknownEntityException(
0368:                            "Failed to create a Class object for Group implementation");
0369:                }
0370:                return groupClass;
0371:            }
0372:
0373:            /**
0374:             * Construct a blank Group object.
0375:             *
0376:             * This method calls getGroupClass, and then creates a new object using
0377:             * the default constructor.
0378:             *
0379:             * @return an object implementing Group interface.
0380:             * @throws UnknownEntityException if the object could not be instantiated.
0381:             */
0382:            public Group getGroupInstance() throws UnknownEntityException {
0383:                Group group;
0384:                try {
0385:                    group = (Group) getGroupClass().newInstance();
0386:                } catch (Exception e) {
0387:                    throw new UnknownEntityException(
0388:                            "Failed to instantiate a Group implementation object",
0389:                            e);
0390:                }
0391:                return group;
0392:            }
0393:
0394:            /**
0395:             * Construct a blank Group object.
0396:             *
0397:             * This method calls getGroupClass, and then creates a new object using
0398:             * the default constructor.
0399:             *
0400:             * @param groupName The name of the Group
0401:             *
0402:             * @return an object implementing Group interface.
0403:             *
0404:             * @throws UnknownEntityException if the object could not be instantiated.
0405:             */
0406:            public Group getGroupInstance(String groupName)
0407:                    throws UnknownEntityException {
0408:                Group group = getGroupInstance();
0409:                group.setName(groupName);
0410:                return group;
0411:            }
0412:
0413:            /**
0414:             * Return a Class object representing the system's chosen implementation of
0415:             * of Permission interface.
0416:             *
0417:             * @return systems's chosen implementation of Permission interface.
0418:             * @throws UnknownEntityException if the implementation of Permission interface
0419:             *         could not be determined, or does not exist.
0420:             */
0421:            public Class getPermissionClass() throws UnknownEntityException {
0422:                if (permissionClass == null) {
0423:                    throw new UnknownEntityException(
0424:                            "Failed to create a Class object for Permission implementation");
0425:                }
0426:                return permissionClass;
0427:            }
0428:
0429:            /**
0430:             * Construct a blank Permission object.
0431:             *
0432:             * This method calls getPermissionClass, and then creates a new object using
0433:             * the default constructor.
0434:             *
0435:             * @return an object implementing Permission interface.
0436:             * @throws UnknownEntityException if the object could not be instantiated.
0437:             */
0438:            public Permission getPermissionInstance()
0439:                    throws UnknownEntityException {
0440:                Permission permission;
0441:                try {
0442:                    permission = (Permission) getPermissionClass()
0443:                            .newInstance();
0444:                } catch (Exception e) {
0445:                    throw new UnknownEntityException(
0446:                            "Failed to instantiate a Permission implementation object",
0447:                            e);
0448:                }
0449:                return permission;
0450:            }
0451:
0452:            /**
0453:             * Construct a blank Permission object.
0454:             *
0455:             * This method calls getPermissionClass, and then creates a new object using
0456:             * the default constructor.
0457:             *
0458:             * @param permName The name of the permission.
0459:             *
0460:             * @return an object implementing Permission interface.
0461:             * @throws UnknownEntityException if the object could not be instantiated.
0462:             */
0463:            public Permission getPermissionInstance(String permName)
0464:                    throws UnknownEntityException {
0465:                Permission perm = getPermissionInstance();
0466:                perm.setName(permName);
0467:                return perm;
0468:            }
0469:
0470:            /**
0471:             * Return a Class object representing the system's chosen implementation of
0472:             * of Role interface.
0473:             *
0474:             * @return systems's chosen implementation of Role interface.
0475:             * @throws UnknownEntityException if the implementation of Role interface
0476:             *         could not be determined, or does not exist.
0477:             */
0478:            public Class getRoleClass() throws UnknownEntityException {
0479:                if (roleClass == null) {
0480:                    throw new UnknownEntityException(
0481:                            "Failed to create a Class object for Role implementation");
0482:                }
0483:                return roleClass;
0484:            }
0485:
0486:            /**
0487:             * Construct a blank Role object.
0488:             *
0489:             * This method calls getRoleClass, and then creates a new object using
0490:             * the default constructor.
0491:             *
0492:             * @return an object implementing Role interface.
0493:             * @throws UnknownEntityException if the object could not be instantiated.
0494:             */
0495:            public Role getRoleInstance() throws UnknownEntityException {
0496:                Role role;
0497:
0498:                try {
0499:                    role = (Role) getRoleClass().newInstance();
0500:                } catch (Exception e) {
0501:                    throw new UnknownEntityException(
0502:                            "Failed to instantiate a Role implementation object",
0503:                            e);
0504:                }
0505:                return role;
0506:            }
0507:
0508:            /**
0509:             * Construct a blank Role object.
0510:             *
0511:             * This method calls getRoleClass, and then creates a new object using
0512:             * the default constructor.
0513:             *
0514:             * @param roleName The name of the role.
0515:             *
0516:             * @return an object implementing Role interface.
0517:             *
0518:             * @throws UnknownEntityException if the object could not be instantiated.
0519:             */
0520:            public Role getRoleInstance(String roleName)
0521:                    throws UnknownEntityException {
0522:                Role role = getRoleInstance();
0523:                role.setName(roleName);
0524:                return role;
0525:            }
0526:
0527:            /**
0528:             * Return a Class object representing the system's chosen implementation of
0529:             * of ACL interface.
0530:             *
0531:             * @return systems's chosen implementation of ACL interface.
0532:             * @throws UnknownEntityException if the implementation of ACL interface
0533:             *         could not be determined, or does not exist.
0534:             */
0535:            public Class getAclClass() throws UnknownEntityException {
0536:                if (aclClass == null) {
0537:                    throw new UnknownEntityException(
0538:                            "Failed to create a Class object for ACL implementation");
0539:                }
0540:                return aclClass;
0541:            }
0542:
0543:            /**
0544:             * Construct a new ACL object.
0545:             *
0546:             * This constructs a new ACL object from the configured class and
0547:             * initializes it with the supplied roles and permissions.
0548:             *
0549:             * @param roles The roles that this ACL should contain
0550:             * @param permissions The permissions for this ACL
0551:             *
0552:             * @return an object implementing ACL interface.
0553:             * @throws UnknownEntityException if the object could not be instantiated.
0554:             */
0555:            public AccessControlList getAclInstance(Map roles, Map permissions)
0556:                    throws UnknownEntityException {
0557:                Object[] objects = { roles, permissions };
0558:                String[] signatures = { Map.class.getName(),
0559:                        Map.class.getName() };
0560:                AccessControlList accessControlList;
0561:
0562:                try {
0563:                    accessControlList = (AccessControlList) aclFactoryService
0564:                            .getInstance(aclClass.getName(), objects,
0565:                                    signatures);
0566:                } catch (Exception e) {
0567:                    throw new UnknownEntityException(
0568:                            "Failed to instantiate an ACL implementation object",
0569:                            e);
0570:                }
0571:
0572:                return accessControlList;
0573:            }
0574:
0575:            /**
0576:             * Returns the configured UserManager.
0577:             *
0578:             * @return An UserManager object
0579:             */
0580:            public UserManager getUserManager() {
0581:                return userManager;
0582:            }
0583:
0584:            /**
0585:             * Configure a new user Manager.
0586:             *
0587:             * @param userManager An UserManager object
0588:             */
0589:            public void setUserManager(UserManager userManager) {
0590:                this .userManager = userManager;
0591:            }
0592:
0593:            /**
0594:             * Check whether a specified user's account exists.
0595:             *
0596:             * The login name is used for looking up the account.
0597:             *
0598:             * @param user The user to be checked.
0599:             * @return true if the specified account exists
0600:             * @throws DataBackendException if there was an error accessing the data
0601:             *         backend.
0602:             */
0603:            public boolean accountExists(User user) throws DataBackendException {
0604:                return getUserManager().accountExists(user);
0605:            }
0606:
0607:            /**
0608:             * Check whether a specified user's account exists.
0609:             *
0610:             * The login name is used for looking up the account.
0611:             *
0612:             * @param userName The name of the user to be checked.
0613:             * @return true if the specified account exists
0614:             * @throws DataBackendException if there was an error accessing the data
0615:             *         backend.
0616:             */
0617:            public boolean accountExists(String userName)
0618:                    throws DataBackendException {
0619:                return getUserManager().accountExists(userName);
0620:            }
0621:
0622:            /**
0623:             * Authenticates an user, and constructs an User object to represent
0624:             * him/her.
0625:             *
0626:             * @param username The user name.
0627:             * @param password The user password.
0628:             * @return An authenticated Turbine User.
0629:             * @throws PasswordMismatchException if the supplied password was incorrect.
0630:             * @throws UnknownEntityException if the user's account does not
0631:             *            exist in the database.
0632:             * @throws DataBackendException if there is a problem accessing the storage.
0633:             */
0634:            public User getAuthenticatedUser(String username, String password)
0635:                    throws DataBackendException, UnknownEntityException,
0636:                    PasswordMismatchException {
0637:                return getUserManager().retrieve(username, password);
0638:            }
0639:
0640:            /**
0641:             * Constructs an User object to represent a registered user of the
0642:             * application.
0643:             *
0644:             * @param username The user name.
0645:             * @return A Turbine User.
0646:             * @throws UnknownEntityException if the user's account does not exist
0647:             * @throws DataBackendException if there is a problem accessing the storage.
0648:             */
0649:            public User getUser(String username) throws DataBackendException,
0650:                    UnknownEntityException {
0651:                return getUserManager().retrieve(username);
0652:            }
0653:
0654:            /**
0655:             * Retrieve a set of users that meet the specified criteria.
0656:             *
0657:             * As the keys for the criteria, you should use the constants that
0658:             * are defined in {@link User} interface, plus the names
0659:             * of the custom attributes you added to your user representation
0660:             * in the data storage. Use verbatim names of the attributes -
0661:             * without table name prefix in case of DB implementation.
0662:             *
0663:             * @param criteria The criteria of selection.
0664:             * @return a List of users meeting the criteria.
0665:             * @throws DataBackendException if there is a problem accessing the
0666:             *         storage.
0667:             * @deprecated Use <a href="#getUserList">getUserList</a> instead.
0668:             */
0669:            public User[] getUsers(Criteria criteria)
0670:                    throws DataBackendException {
0671:                return (User[]) getUserList(criteria).toArray(new User[0]);
0672:            }
0673:
0674:            /**
0675:             * Retrieve a set of users that meet the specified criteria.
0676:             *
0677:             * As the keys for the criteria, you should use the constants that
0678:             * are defined in {@link User} interface, plus the names
0679:             * of the custom attributes you added to your user representation
0680:             * in the data storage. Use verbatim names of the attributes -
0681:             * without table name prefix in case of DB implementation.
0682:             *
0683:             * @param criteria The criteria of selection.
0684:             * @return a List of users meeting the criteria.
0685:             * @throws DataBackendException if there is a problem accessing the
0686:             *         storage.
0687:             */
0688:            public List getUserList(Criteria criteria)
0689:                    throws DataBackendException {
0690:                return getUserManager().retrieveList(criteria);
0691:            }
0692:
0693:            /**
0694:             * Constructs an User object to represent an anonymous user of the
0695:             * application.
0696:             *
0697:             * @return An anonymous Turbine User.
0698:             * @throws UnknownEntityException if the implementation of User interface
0699:             *         could not be determined, or does not exist.
0700:             */
0701:            public User getAnonymousUser() throws UnknownEntityException {
0702:                User user = getUserInstance();
0703:                user.setName("");
0704:                return user;
0705:            }
0706:
0707:            /**
0708:             * Checks whether a passed user object matches the anonymous user pattern
0709:             * according to the configured user manager
0710:             *
0711:             * @param user An user object
0712:             *
0713:             * @return True if this is an anonymous user
0714:             *
0715:             */
0716:            public boolean isAnonymousUser(User user) {
0717:                // Either just null, the name is null or the name is the empty string
0718:                return (user == null) || StringUtils.isEmpty(user.getName());
0719:            }
0720:
0721:            /**
0722:             * Saves User's data in the permanent storage. The user account is required
0723:             * to exist in the storage.
0724:             *
0725:             * @param user the User object to save
0726:             * @throws UnknownEntityException if the user's account does not
0727:             *         exist in the database.
0728:             * @throws DataBackendException if there is a problem accessing the storage.
0729:             */
0730:            public void saveUser(User user) throws UnknownEntityException,
0731:                    DataBackendException {
0732:                getUserManager().store(user);
0733:            }
0734:
0735:            /**
0736:             * Saves User data when the session is unbound. The user account is required
0737:             * to exist in the storage.
0738:             *
0739:             * LastLogin, AccessCounter, persistent pull tools, and any data stored
0740:             * in the permData hashtable that is not mapped to a column will be saved.
0741:             *
0742:             * @exception UnknownEntityException if the user's account does not
0743:             *            exist in the database.
0744:             * @exception DataBackendException if there is a problem accessing the
0745:             *            storage.
0746:             */
0747:            public void saveOnSessionUnbind(User user)
0748:                    throws UnknownEntityException, DataBackendException {
0749:                userManager.saveOnSessionUnbind(user);
0750:            }
0751:
0752:            /**
0753:             * Creates new user account with specified attributes.
0754:             *
0755:             * @param user the object describing account to be created.
0756:             * @param password The password to use for the account.
0757:             *
0758:             * @throws DataBackendException if there was an error accessing the
0759:             *         data backend.
0760:             * @throws EntityExistsException if the user account already exists.
0761:             */
0762:            public void addUser(User user, String password)
0763:                    throws DataBackendException, EntityExistsException {
0764:                getUserManager().createAccount(user, password);
0765:            }
0766:
0767:            /**
0768:             * Removes an user account from the system.
0769:             *
0770:             * @param user the object describing the account to be removed.
0771:             * @throws DataBackendException if there was an error accessing the data
0772:             *         backend.
0773:             * @throws UnknownEntityException if the user account is not present.
0774:             */
0775:            public void removeUser(User user) throws DataBackendException,
0776:                    UnknownEntityException {
0777:                // revoke all roles form the user
0778:                revokeAll(user);
0779:
0780:                getUserManager().removeAccount(user);
0781:            }
0782:
0783:            /**
0784:             * Change the password for an User.
0785:             *
0786:             * @param user an User to change password for.
0787:             * @param oldPassword the current password supplied by the user.
0788:             * @param newPassword the current password requested by the user.
0789:             * @throws PasswordMismatchException if the supplied password was incorrect.
0790:             * @throws UnknownEntityException if the user's record does not
0791:             *            exist in the database.
0792:             * @throws DataBackendException if there is a problem accessing the storage.
0793:             */
0794:            public void changePassword(User user, String oldPassword,
0795:                    String newPassword) throws PasswordMismatchException,
0796:                    UnknownEntityException, DataBackendException {
0797:                getUserManager().changePassword(user, oldPassword, newPassword);
0798:            }
0799:
0800:            /**
0801:             * Forcibly sets new password for an User.
0802:             *
0803:             * This is supposed by the administrator to change the forgotten or
0804:             * compromised passwords. Certain implementatations of this feature
0805:             * would require administrative level access to the authenticating
0806:             * server / program.
0807:             *
0808:             * @param user an User to change password for.
0809:             * @param password the new password.
0810:             * @throws UnknownEntityException if the user's record does not
0811:             *            exist in the database.
0812:             * @throws DataBackendException if there is a problem accessing the storage.
0813:             */
0814:            public void forcePassword(User user, String password)
0815:                    throws UnknownEntityException, DataBackendException {
0816:                getUserManager().forcePassword(user, password);
0817:            }
0818:
0819:            /**
0820:             * Acquire a shared lock on the security information repository.
0821:             *
0822:             * Methods that read security information need to invoke this
0823:             * method at the beginning of their body.
0824:             */
0825:            protected synchronized void lockShared() {
0826:                readerCount++;
0827:            }
0828:
0829:            /**
0830:             * Release a shared lock on the security information repository.
0831:             *
0832:             * Methods that read security information need to invoke this
0833:             * method at the end of their body.
0834:             */
0835:            protected synchronized void unlockShared() {
0836:                readerCount--;
0837:                this .notify();
0838:            }
0839:
0840:            /**
0841:             * Acquire an exclusive lock on the security information repository.
0842:             *
0843:             * Methods that modify security information need to invoke this
0844:             * method at the beginning of their body. Note! Those methods must
0845:             * be <code>synchronized</code> themselves!
0846:             */
0847:            protected void lockExclusive() {
0848:                while (readerCount > 0) {
0849:                    try {
0850:                        this .wait();
0851:                    } catch (InterruptedException e) {
0852:                    }
0853:                }
0854:            }
0855:
0856:            /**
0857:             * Release an exclusive lock on the security information repository.
0858:             *
0859:             * This method is provided only for completeness. It does not really
0860:             * do anything. Note! Methods that modify security information
0861:             * must be <code>synchronized</code>!
0862:             */
0863:            protected void unlockExclusive() {
0864:                // do nothing
0865:            }
0866:
0867:            /**
0868:             * Provides a reference to the Group object that represents the
0869:             * <a href="#global">global group</a>.
0870:             *
0871:             * @return a Group object that represents the global group.
0872:             */
0873:            public Group getGlobalGroup() {
0874:                if (globalGroup == null) {
0875:                    synchronized (BaseSecurityService.class) {
0876:                        if (globalGroup == null) {
0877:                            try {
0878:                                globalGroup = getAllGroups().getGroupByName(
0879:                                        Group.GLOBAL_GROUP_NAME);
0880:                            } catch (DataBackendException e) {
0881:                                log
0882:                                        .error(
0883:                                                "Failed to retrieve global group object: ",
0884:                                                e);
0885:                            }
0886:                        }
0887:                    }
0888:                }
0889:                return globalGroup;
0890:            }
0891:
0892:            /**
0893:             * Retrieve a Group object with specified name.
0894:             *
0895:             * @param name the name of the Group.
0896:             * @return an object representing the Group with specified name.
0897:             * @throws DataBackendException if there was an error accessing the
0898:             *         data backend.
0899:             * @throws UnknownEntityException if the group does not exist.
0900:             * @deprecated Use <a href="#getGroupByName">getGroupByName</a> instead.
0901:             */
0902:            public Group getGroup(String name) throws DataBackendException,
0903:                    UnknownEntityException {
0904:                return getGroupByName(name);
0905:            }
0906:
0907:            /**
0908:             * Retrieve a Group object with specified name.
0909:             *
0910:             * @param name the name of the Group.
0911:             * @return an object representing the Group with specified name.
0912:             * @throws DataBackendException if there was an error accessing the
0913:             *         data backend.
0914:             * @throws UnknownEntityException if the group does not exist.
0915:             */
0916:            public Group getGroupByName(String name)
0917:                    throws DataBackendException, UnknownEntityException {
0918:                Group group = getAllGroups().getGroupByName(name);
0919:                if (group == null) {
0920:                    throw new UnknownEntityException(
0921:                            "The specified group does not exist");
0922:                }
0923:                return group;
0924:            }
0925:
0926:            /**
0927:             * Retrieve a Group object with specified Id.
0928:             *
0929:             * @param id the id of the Group.
0930:             * @return an object representing the Group with specified name.
0931:             * @throws UnknownEntityException if the permission does not
0932:             *            exist in the database.
0933:             * @throws DataBackendException if there is a problem accessing the
0934:             *            storage.
0935:             */
0936:            public Group getGroupById(int id) throws DataBackendException,
0937:                    UnknownEntityException {
0938:                Group group = getAllGroups().getGroupById(id);
0939:                if (group == null) {
0940:                    throw new UnknownEntityException(
0941:                            "The specified group does not exist");
0942:                }
0943:                return group;
0944:            }
0945:
0946:            /**
0947:             * Retrieve a Role object with specified name.
0948:             *
0949:             * @param name the name of the Role.
0950:             * @return an object representing the Role with specified name.
0951:             * @throws DataBackendException if there was an error accessing the
0952:             *         data backend.
0953:             * @throws UnknownEntityException if the role does not exist.
0954:             * @deprecated Use <a href="#getRoleByName">getRoleByName</a> instead.
0955:             */
0956:            public Role getRole(String name) throws DataBackendException,
0957:                    UnknownEntityException {
0958:                return getRoleByName(name);
0959:            }
0960:
0961:            /**
0962:             * Retrieve a Role object with specified name.
0963:             *
0964:             * @param name the name of the Role.
0965:             * @return an object representing the Role with specified name.
0966:             * @throws DataBackendException if there was an error accessing the
0967:             *         data backend.
0968:             * @throws UnknownEntityException if the role does not exist.
0969:             */
0970:            public Role getRoleByName(String name) throws DataBackendException,
0971:                    UnknownEntityException {
0972:                Role role = getAllRoles().getRoleByName(name);
0973:                if (role == null) {
0974:                    throw new UnknownEntityException(
0975:                            "The specified role does not exist");
0976:                }
0977:                role.setPermissions(getPermissions(role));
0978:                return role;
0979:            }
0980:
0981:            /**
0982:             * Retrieve a Role object with specified Id.
0983:             * @param id the id of the Role.
0984:             * @return an object representing the Role with specified name.
0985:             * @throws UnknownEntityException if the permission does not
0986:             *            exist in the database.
0987:             * @throws DataBackendException if there is a problem accessing the
0988:             *            storage.
0989:             */
0990:            public Role getRoleById(int id) throws DataBackendException,
0991:                    UnknownEntityException {
0992:                Role role = getAllRoles().getRoleById(id);
0993:                if (role == null) {
0994:                    throw new UnknownEntityException(
0995:                            "The specified role does not exist");
0996:                }
0997:                role.setPermissions(getPermissions(role));
0998:                return role;
0999:            }
1000:
1001:            /**
1002:             * Retrieve a Permission object with specified name.
1003:             *
1004:             * @param name the name of the Permission.
1005:             * @return an object representing the Permission with specified name.
1006:             * @throws DataBackendException if there was an error accessing the
1007:             *         data backend.
1008:             * @throws UnknownEntityException if the permission does not exist.
1009:             * @deprecated Use <a href="#getPermissionByName">getPermissionByName</a> instead.
1010:             */
1011:            public Permission getPermission(String name)
1012:                    throws DataBackendException, UnknownEntityException {
1013:                return getPermissionByName(name);
1014:            }
1015:
1016:            /**
1017:             * Retrieve a Permission object with specified name.
1018:             *
1019:             * @param name the name of the Permission.
1020:             * @return an object representing the Permission with specified name.
1021:             * @throws DataBackendException if there was an error accessing the
1022:             *         data backend.
1023:             * @throws UnknownEntityException if the permission does not exist.
1024:             */
1025:            public Permission getPermissionByName(String name)
1026:                    throws DataBackendException, UnknownEntityException {
1027:                Permission permission = getAllPermissions()
1028:                        .getPermissionByName(name);
1029:                if (permission == null) {
1030:                    throw new UnknownEntityException(
1031:                            "The specified permission does not exist");
1032:                }
1033:                return permission;
1034:            }
1035:
1036:            /**
1037:             * Retrieve a Permission object with specified Id.
1038:             *
1039:             * @param id the id of the Permission.
1040:             * @return an object representing the Permission with specified name.
1041:             * @throws UnknownEntityException if the permission does not
1042:             *            exist in the database.
1043:             * @throws DataBackendException if there is a problem accessing the
1044:             *            storage.
1045:             */
1046:            public Permission getPermissionById(int id)
1047:                    throws DataBackendException, UnknownEntityException {
1048:                Permission permission = getAllPermissions().getPermissionById(
1049:                        id);
1050:                if (permission == null) {
1051:                    throw new UnknownEntityException(
1052:                            "The specified permission does not exist");
1053:                }
1054:                return permission;
1055:            }
1056:
1057:            /**
1058:             * Retrieves all groups defined in the system.
1059:             *
1060:             * @return the names of all groups defined in the system.
1061:             * @throws DataBackendException if there was an error accessing the
1062:             *         data backend.
1063:             */
1064:            public GroupSet getAllGroups() throws DataBackendException {
1065:                return getGroups(new Criteria());
1066:            }
1067:
1068:            /**
1069:             * Retrieves all roles defined in the system.
1070:             *
1071:             * @return the names of all roles defined in the system.
1072:             * @throws DataBackendException if there was an error accessing the
1073:             *         data backend.
1074:             */
1075:            public RoleSet getAllRoles() throws DataBackendException {
1076:                return getRoles(new Criteria());
1077:            }
1078:
1079:            /**
1080:             * Retrieves all permissions defined in the system.
1081:             *
1082:             * @return the names of all roles defined in the system.
1083:             * @throws DataBackendException if there was an error accessing the
1084:             *         data backend.
1085:             */
1086:            public PermissionSet getAllPermissions()
1087:                    throws DataBackendException {
1088:                return getPermissions(new Criteria());
1089:            }
1090:
1091:            /**
1092:             * @deprecated Use getGroupInstance(String name) instead.
1093:             */
1094:            public Group getNewGroup(String groupName) {
1095:                try {
1096:                    return getGroupInstance(groupName);
1097:                } catch (UnknownEntityException uee) {
1098:                    uee.printStackTrace();
1099:                    return null;
1100:                }
1101:            }
1102:
1103:            /**
1104:             * @deprecated Use getRoleInstance(String name) instead.
1105:             */
1106:            public Role getNewRole(String roleName) {
1107:                try {
1108:                    return getRoleInstance(roleName);
1109:                } catch (UnknownEntityException uee) {
1110:                    return null;
1111:                }
1112:            }
1113:
1114:            /**
1115:             * @deprecated Use getPermissionInstance(String name) instead.
1116:             */
1117:            public Permission getNewPermission(String permissionName) {
1118:                try {
1119:                    return getPermissionInstance(permissionName);
1120:                } catch (UnknownEntityException uee) {
1121:                    return null;
1122:                }
1123:            }
1124:        }
www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.