001: /*
002: * JFolder, Copyright 2001-2006 Gary Steinmetz
003: *
004: * Distributable under LGPL license.
005: * See terms of license at gnu.org.
006: */
007:
008: package org.jfolder.security.lifecycle;
009:
010: //base classes
011: import java.util.ArrayList;
012: import java.util.Collection;
013: import java.util.HashMap;
014: import java.util.HashSet;
015: import java.util.Iterator;
016: import javax.servlet.http.HttpServletRequest;
017: import javax.servlet.http.HttpSession;
018:
019: //project specific classes
020: import org.jfolder.common.UnexpectedSystemException;
021: import org.jfolder.common.entity.properties.SimpleSystemEntityProperties;
022: import org.jfolder.common.entity.properties.SystemEntityProperties;
023: import org.jfolder.common.utils.web.ParameterSet;
024: import org.jfolder.common.utils.xml.LinearXPath;
025: import org.jfolder.common.web.template.ConsoleTemplateContext;
026: import org.jfolder.common.web.template.SubmitActionContext;
027: import org.jfolder.config.instance.ConfigInstance;
028: import org.jfolder.config.instance.ConfigInstanceConfig;
029: import org.jfolder.config.instance.ConfigInstanceTagHelper;
030: import org.jfolder.platforms.stores.base.SystemStoreSession;
031: import org.jfolder.platforms.stores.base.SystemStoreSessionManager;
032: import org.jfolder.security.model.GroupHolder;
033: import org.jfolder.security.model.SimpleGroupHolder;
034: import org.jfolder.security.model.SimpleUserHolder;
035: import org.jfolder.security.model.SimpleUserIdentity;
036: import org.jfolder.security.model.SystemGroups;
037: import org.jfolder.security.model.UserHolder;
038: import org.jfolder.security.model.UserHolderContext;
039: import org.jfolder.security.model.UserIdentity;
040: import org.jfolder.services.config.ConfigService;
041: import org.jfolder.services.config.ConfigServiceCaller;
042: import org.jfolder.services.config.ConfigServiceCallerFactory;
043:
044: //other classes
045:
046: public class GenericConfigLifecycleSecurityLifecycle implements
047: SecurityLifecycle {
048:
049: public final static String DEFAULT_CONFIG = ConfigInstanceTagHelper.DEFAULT_CONFIG;
050: //private final static String USER_BASE = "";
051: private final static LinearXPath XPATH_GENERIC = LinearXPath
052: .r("generic");
053:
054: private static HashMap cachedGroupsInGroups = null;
055: private static long cachedGroupsInGroupsTime = 0;
056: private static HashMap cachedUsersInGroups = null;
057: private static long cachedUsersInGroupsTime = 0;
058: //
059: private static HashMap cachedUsers = null;
060: private static long cachedUsersTime = 0;
061:
062: protected GenericConfigLifecycleSecurityLifecycle() {
063: }
064:
065: public String getSecurityType() {
066: return DEFAULT_CONFIG;
067: }
068:
069: public GroupHolder getSystemGroup(String inGroup) {
070:
071: SimpleGroupHolder outValue = null;
072:
073: if (inGroup.equals(SystemGroups.DEVELOPERS)) {
074: outValue = SimpleGroupHolder.newInstance(
075: SystemGroups.DEVELOPERS, DEFAULT_CONFIG);
076: //outValue = SimpleGroupHolder.newInstance(SystemGroups.DEVELOPERS);
077: //outValue.setSecurityClass(this.getClass().getName());
078: } else if (inGroup.equals(SystemGroups.ADMINISTRATORS)) {
079: outValue = SimpleGroupHolder.newInstance(
080: SystemGroups.ADMINISTRATORS, DEFAULT_CONFIG);
081: //outValue = new GenericGroupHolder(SystemGroups.ADMINISTRATORS);
082: //outValue.setSecurityClass(this.getClass().getName());
083: } else {
084: throw new UnexpectedSystemException(
085: "Not implemented for group '" + inGroup + "'");
086: }
087:
088: return outValue;
089: }
090:
091: public ConsoleTemplateContext getFailedLoginPage(
092: HttpServletRequest inRequest, ParameterSet inPs,
093: SubmitActionContext inSac, UserHolder inUser) {
094:
095: return new GenericConfigFailedLoginPageContext(inUser);
096: }
097:
098: public UserHolder getUser(UserHolderContext inContext) {
099:
100: UserHolder outValue = null;
101:
102: //UserIdentity ui = null;
103: //SystemEntityProperties sep = null;
104:
105: if (inContext.isNamePresent()) {
106:
107: if (!inContext.isSecurityClassPresent()) {
108: //
109: UserIdentity ui = SimpleUserIdentity.newInstance(
110: inContext.getName(), DEFAULT_CONFIG, true,
111: false);
112: SimpleSystemEntityProperties ssep = SimpleSystemEntityProperties
113: .newInstance();
114: outValue = SimpleUserHolder.newInstance(ui, ssep);
115: } else {
116: //
117: UserIdentity ui = SimpleUserIdentity.newInstance(
118: inContext.getName(), DEFAULT_CONFIG, false,
119: false);
120: SimpleSystemEntityProperties ssep = SimpleSystemEntityProperties
121: .newInstance();
122: outValue = SimpleUserHolder.newInstance(ui, ssep);
123: }
124: } else {
125:
126: //
127: String userName = null;
128: String password = null;
129:
130: //
131: //HttpServletRequest request = null;
132: SystemStoreSession requestSss = null;
133: if (inContext.isRequestPresent()) {
134: HttpServletRequest r = inContext.getRequest();
135: requestSss = SystemStoreSessionManager
136: .getSystemStoreSession(r);
137: }
138:
139: //
140: if (inContext.isParameterSetPresent()
141: && inContext.getParameterSet().isParameterPresent(
142: SecurityLifecycleHelper.USERNAME)
143: && inContext.getParameterSet().isParameterString(
144: SecurityLifecycleHelper.USERNAME)
145: && inContext.getParameterSet().isParameterPresent(
146: SecurityLifecycleHelper.PASSWORD)
147: && inContext.getParameterSet().isParameterString(
148: SecurityLifecycleHelper.PASSWORD)) {
149:
150: ParameterSet ps = inContext.getParameterSet();
151: userName = ps
152: .getParameter(SecurityLifecycleHelper.USERNAME);
153: password = ps
154: .getParameter(SecurityLifecycleHelper.PASSWORD);
155: } else if (requestSss != null
156: && requestSss.isUserHolderPresent()) {
157:
158: outValue = requestSss.getUserHolder();
159: } else {
160: UserIdentity ui = SimpleUserIdentity.newInstance(null,
161: DEFAULT_CONFIG, true, true);
162: SimpleSystemEntityProperties ssep = SimpleSystemEntityProperties
163: .newInstance();
164: outValue = SimpleUserHolder.newInstance(ui, ssep);
165: }
166:
167: if (userName != null && password != null) {
168:
169: //MiscHelper.println("userName = " + userName);
170: //MiscHelper.println("password = " + password);
171:
172: HashMap users = getCachedUsers();
173: if (users.containsKey(userName)) {
174: String correctPassword = (String) users
175: .get(userName);
176: if (password.equals(correctPassword)) {
177:
178: UserIdentity ui = SimpleUserIdentity
179: .newInstance(userName, DEFAULT_CONFIG,
180: true, false);
181: SimpleSystemEntityProperties ssep = SimpleSystemEntityProperties
182: .newInstance();
183: outValue = SimpleUserHolder.newInstance(ui,
184: ssep);
185:
186: //outValue = new GenericUserHolder();
187: //outValue.setName(userName);
188: //outValue.setSecurityClass(this.getClass().getName());
189: }
190: }
191:
192: if (outValue == null) {
193: UserIdentity ui = SimpleUserIdentity.newInstance(
194: userName, DEFAULT_CONFIG, false, false);
195: SimpleSystemEntityProperties ssep = SimpleSystemEntityProperties
196: .newInstance();
197: outValue = SimpleUserHolder.newInstance(ui, ssep);
198:
199: //outValue = new GenericUserHolder();
200: //outValue.setValid(false);
201: //outValue.setName(userName);
202: //outValue.setSecurityClass(this.getClass().getName());
203: }
204:
205: if (requestSss != null) {
206: requestSss.setUserHolder(outValue);
207: }
208: }
209:
210: //MiscHelper.println("GenConfigManUaaac outValue = " + outValue);
211: }
212:
213: //outValue = SimpleUserHolder.newInstance(ui, sep);
214:
215: return outValue;
216: }
217:
218: private synchronized final static HashMap getCachedUsers() {
219:
220: HashMap outValue = null;
221:
222: if (cachedUsers != null) {
223: long delta = System.currentTimeMillis() - cachedUsersTime;
224: if (delta > (1000 * 60 * 5)) {
225: outValue = getConfigManagerUsers();
226: cachedUsers = outValue;
227: cachedUsersTime = System.currentTimeMillis();
228: } else {
229: outValue = cachedUsers;
230: }
231: } else {
232: outValue = getConfigManagerUsers();
233: cachedUsers = outValue;
234: cachedUsersTime = System.currentTimeMillis();
235: }
236:
237: return outValue;
238: }
239:
240: private final static HashMap getConfigManagerUsers() {
241:
242: HashMap outValue = null;
243:
244: outValue = new HashMap();
245:
246: ConfigService cs = ConfigServiceCallerFactory
247: .getConfigService();
248: //ConfigLifecycle cm = ConfigLifecycleFactory.getConfigLifecycle();
249:
250: ConfigInstanceConfig cic = cs
251: .accessConfig(ConfigInstance.SECURITY);
252:
253: int userCount = cic
254: .getPropertyCount(ConfigInstance.CUSTOM_CONTENT,
255: XPATH_GENERIC, "user", 0);
256: //MiscHelper.println("userCount = " + userCount);
257: for (int i = 0; i < userCount; i++) {
258: LinearXPath nextBase = XPATH_GENERIC.b("user", (i + 1));
259: String nextUsername = cic.getPropertyAttribute(
260: ConfigInstance.CUSTOM_CONTENT, nextBase,
261: "username", null);
262: String nextPassword = cic.getPropertyAttribute(
263: ConfigInstance.CUSTOM_CONTENT, nextBase,
264: "password", null);
265:
266: //MiscHelper.println("nextUsername = " + nextUsername);
267: //MiscHelper.println("nextPassword = " + nextPassword);
268: //username is case-insentitive,
269: //password is case-sensitive
270:
271: outValue.put(nextUsername, nextPassword);
272: }
273:
274: //cm.close();
275:
276: return outValue;
277: }
278:
279: public boolean isUserInGroup(UserHolder inUser, GroupHolder inGroup) {
280:
281: boolean outValue = false;
282:
283: //String className = this.getClass().getName();
284:
285: //MiscHelper.println("inUser = " + inUser);
286: //MiscHelper.println("inGroup = " + inGroup);
287: //MiscHelper.println("inUser.isValid() = " + inUser.isValid());
288: //MiscHelper.println("inUser.getSecurityClass() = "
289: // + inUser.getSecurityClass());
290: //MiscHelper.println("inGroup.getSecurityClass() = "
291: // + inGroup.getSecurityClass());
292: //try {
293: // Thread.sleep(15000);
294: //}
295: //catch (Exception e) {
296: //}
297:
298: if (inUser.getUserIdentity().isValid()
299: && !inUser.getUserIdentity().isAnonymous()
300: && inUser.getUserIdentity().getSecurityType().equals(
301: DEFAULT_CONFIG)
302: && inGroup.getSecurityType().equals(DEFAULT_CONFIG)) {
303:
304: ConfigService cs = ConfigServiceCallerFactory
305: .getConfigService();
306: //ConfigLifecycle cm = ConfigLifecycleFactory.getConfigLifecycle();
307: ConfigInstanceConfig cic = cs
308: .accessConfig(ConfigInstance.SECURITY);
309:
310: //Iterator iter = null;
311: HashMap groupsInGroups = null;
312: HashMap usersInGroups = null;
313: //synchronized(GenericConfigManagerUaaac.class) {
314: groupsInGroups = getCachedGroups(cic);
315: //MiscHelper.println("groupsInGroups = "
316: //+ groupsInGroups.size());
317: //iter = groupsInGroups.keySet().iterator();
318: //while (iter.hasNext()) {
319: // MiscHelper.println("nextGroupInGroup = " + iter.next());
320: //}
321: usersInGroups = getCachedUsers(cic);
322: //}
323: //MiscHelper.println("usersInGroups = " + usersInGroups.size());
324: //iter = usersInGroups.keySet().iterator();
325: //while (iter.hasNext()) {
326: // MiscHelper.println("nextUserInGroup = " + iter.next());
327: //}
328:
329: ArrayList groupsAvailable = new ArrayList();
330: Iterator iter = groupsInGroups.keySet().iterator();
331: while (iter.hasNext()) {
332: groupsAvailable.add(iter.next().toString()
333: .toUpperCase());
334: }
335:
336: outValue = isUserInGroup(inUser, inGroup, groupsInGroups,
337: usersInGroups, groupsAvailable);
338: //MiscHelper.println("outValue = " + outValue);
339:
340: //cm.close();
341: }
342:
343: return outValue;
344: }
345:
346: private final static synchronized HashMap getCachedUsers(
347: ConfigInstanceConfig inCic) {
348:
349: HashMap outValue = null;
350:
351: if (cachedUsersInGroups != null) {
352: long delta = System.currentTimeMillis()
353: - cachedUsersInGroupsTime;
354: if (delta > (1000 * 60 * 10)) {
355: outValue = getEntitiesInGroups(inCic, "user");
356: cachedUsersInGroups = outValue;
357: cachedUsersInGroupsTime = System.currentTimeMillis();
358: } else {
359: outValue = cachedUsersInGroups;
360: }
361: } else {
362: outValue = getEntitiesInGroups(inCic, "user");
363: cachedUsersInGroups = outValue;
364: cachedUsersInGroupsTime = System.currentTimeMillis();
365: }
366:
367: return outValue;
368: }
369:
370: private final static synchronized HashMap getCachedGroups(
371: ConfigInstanceConfig inCic) {
372:
373: HashMap outValue = null;
374:
375: if (cachedGroupsInGroups != null) {
376: long delta = System.currentTimeMillis()
377: - cachedGroupsInGroupsTime;
378: if (delta > (1000 * 60 * 10)) {
379: outValue = getEntitiesInGroups(inCic, "group");
380: cachedGroupsInGroups = outValue;
381: cachedGroupsInGroupsTime = System.currentTimeMillis();
382: } else {
383: outValue = cachedGroupsInGroups;
384: }
385: } else {
386: outValue = getEntitiesInGroups(inCic, "group");
387: cachedGroupsInGroups = outValue;
388: cachedGroupsInGroupsTime = System.currentTimeMillis();
389: }
390:
391: return outValue;
392: }
393:
394: private boolean isUserInGroup(UserHolder inUser,
395: GroupHolder inGroup, HashMap inGroupsInGroups,
396: HashMap inUsersInGroups, Collection inGroupsAvailable) {
397:
398: boolean outValue = false;
399:
400: //MiscHelper.println("isUserInGroup::inUser = " + inUser);
401: //MiscHelper.println("isUserInGroup::inGroup = " + inGroup);
402: //MiscHelper.println("isUserInGroup::inGroupsInGroups = "
403: // + inGroupsInGroups);
404: //MiscHelper.println("isUserInGroup::inUsersInGroups = "
405: // + inUsersInGroups);
406: //MiscHelper.println("isUserInGroup::inGroupsAvailable = "
407: // + inGroupsAvailable);
408:
409: if (inGroupsAvailable.contains(inGroup.getName().toUpperCase())) {
410: //int groupIndex = inGroupsAvailable.indexOf(inGroup);
411: //MiscHelper.println("GroupFound");
412: inGroupsAvailable.remove(inGroup);
413:
414: Iterator users = ((HashSet) inUsersInGroups.get(inGroup
415: .getName().toUpperCase())).iterator();
416: while (users.hasNext()) {
417: String nextUser = (String) users.next();
418: //MiscHelper.println("nextUser = " + nextUser);
419: //MiscHelper.println("inUser.getName() = " + inUser.getName());
420: if (nextUser.equalsIgnoreCase(inUser.getUserIdentity()
421: .getName())) {
422: //
423: outValue = true;
424: break;
425: }
426: }
427: if (!outValue) {
428: //MiscHelper.println("inGroup = " + inGroup);
429: //MiscHelper.println(inGroupsInGroups.toString());
430: //MiscHelper.println("inGroup.toUpperCase() = "
431: // + inGroup.toUpperCase());
432: //MiscHelper.println(
433: // "inGroupsInGroups.get(inGroup.toUpperCase()) = "
434: // + inGroupsInGroups.get(inGroup.toUpperCase()));
435: //Iterator iter = inGroupsInGroups.keySet().iterator();
436: //while (iter.hasNext()) {
437: // MiscHelper.println("key = '" + iter.next() + "'");
438: //}
439: Iterator groups = ((HashSet) inGroupsInGroups
440: .get(inGroup.getName().toUpperCase()))
441: .iterator();
442: while (groups.hasNext()) {
443: String nextGroup = (String) groups.next();
444: outValue = isUserInGroup(inUser, SimpleGroupHolder
445: .newInstance(nextGroup, DEFAULT_CONFIG),
446: //new GenericGroupHolder(nextGroup),
447: inGroupsInGroups, inUsersInGroups,
448: inGroupsAvailable);
449: if (outValue) {
450: break;
451: }
452: }
453: }
454: }
455:
456: return outValue;
457: }
458:
459: private final static HashMap getEntitiesInGroups(
460: ConfigInstanceConfig inCic, String inEntity) {
461:
462: HashMap outValue = new HashMap();
463:
464: int groupCount = inCic.getPropertyCount(
465: ConfigInstance.CUSTOM_CONTENT, XPATH_GENERIC, "group",
466: 0);
467: for (int i = 0; i < groupCount; i++) {
468: LinearXPath nextGroupPath = XPATH_GENERIC.b("group",
469: (i + 1));
470: String nextGroupName = inCic.getPropertyAttribute(
471: ConfigInstance.CUSTOM_CONTENT, nextGroupPath,
472: "name", null);
473: // inCm.getPropertyAttribute(nextGroupPath, "name", null);
474: HashSet nextGroup = new HashSet();
475: if (nextGroupName != null) {
476: outValue.put(nextGroupName.toUpperCase(), nextGroup);
477: } else {
478: continue;
479: }
480: int subCount = inCic.getPropertyCount(
481: ConfigInstance.CUSTOM_CONTENT, nextGroupPath,
482: inEntity, 0);
483: for (int j = 0; j < subCount; j++) {
484: LinearXPath nextSubPath = nextGroupPath.b(inEntity,
485: (j + 1));
486: String subId = inCic.getPropertyAttribute(
487: ConfigInstance.CUSTOM_CONTENT, nextSubPath,
488: "name", null);
489: // inCm.getPropertyAttribute(nextSubPath, "name", null);
490: if (subId != null) {
491: nextGroup.add(subId.toUpperCase());
492: }
493: }
494: }
495:
496: return outValue;
497: }
498:
499: }
|