Java tutorial
/** * Copyright (c) 2009 Juwi MacMillan Group GmbH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ // license-header java merge-point /** * This is only generated once! It will never be overwritten. * You can (and have to!) safely modify it by hand. */ package de.juwimm.cms.authorization.remote; import java.io.IOException; import java.util.Collection; import java.util.Iterator; import java.util.Vector; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.LoginContext; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import de.juwimm.cms.authorization.model.GroupHbm; import de.juwimm.cms.authorization.model.UserHbm; import de.juwimm.cms.authorization.vo.GroupValue; import de.juwimm.cms.authorization.vo.UserLoginValue; import de.juwimm.cms.common.UserRights; import de.juwimm.cms.exceptions.UserException; import de.juwimm.cms.model.SiteHbm; import de.juwimm.cms.model.UnitHbm; import de.juwimm.cms.remote.helper.AuthenticationHelper; import de.juwimm.cms.vo.SiteValue; import de.juwimm.cms.vo.UnitValue; /** * @see de.juwimm.cms.authorization.remote.AuthorizationServiceSpring * @author <a href="mailto:carsten.schalm@juwimm.com">Carsten Schalm</a> , * Juwi|MacMillan Group Gmbh, Walsrode, Germany * @version $Id: AuthorizationServiceSpringImpl.java 26916 2008-04-30 17:51:21Z * greivej $ */ public class AuthorizationServiceSpringImpl extends AuthorizationServiceSpringBase { private static Log log = LogFactory.getLog(AuthorizationServiceSpringImpl.class); /** * @see de.juwimm.cms.authorization.remote.AuthorizationServiceSpring#isUserInRole(java.lang.String) */ @Override protected boolean handleIsUserInRole(String roleName) throws Exception { try { UserHbm user = super.getUserHbmDao().load(AuthenticationHelper.getUserName()); return super.getUserHbmDao().isInRole(user, roleName, user.getActiveSite()); } catch (Exception e) { if (log.isErrorEnabled()) { log.error("Could not get role for user", e); } } return false; } /** * @see de.juwimm.cms.authorization.remote.AuthorizationServiceSpring#isUserInUnit(java.lang.Integer) */ @Override protected boolean handleIsUserInUnit(Integer unitId) throws Exception { try { UserHbm user = super.getUserHbmDao().load(AuthenticationHelper.getUserName()); return getUserHbmDao().isInUnit(unitId, user); } catch (Exception e) { if (log.isErrorEnabled()) { log.error("Could not get unit for user", e); } } return false; } /** * @see de.juwimm.cms.authorization.remote.AuthorizationServiceSpring#getGroups() */ @Override protected GroupValue[] handleGetGroups() throws Exception { try { UserHbm user = super.getUserHbmDao().load(AuthenticationHelper.getUserName()); Collection coll = null; if (user.isMasterRoot()) { coll = super.getGroupHbmDao().findAll(user.getActiveSite().getSiteId()); } else { coll = getUserHbmDao().getGroups4ActiveSite(user); } Iterator it = coll.iterator(); GroupValue[] gvarr = new GroupValue[coll.size()]; int i = 0; while (it.hasNext()) { gvarr[i++] = ((GroupHbm) it.next()).getGroupValue(); } return gvarr; } catch (Exception e) { throw new UserException(e.getMessage()); } } /** * @see de.juwimm.cms.authorization.remote.AuthorizationServiceSpring#getUnits() */ @Override protected UnitValue[] handleGetUnits() throws Exception { Vector<UnitValue> vec = new Vector<UnitValue>(); try { if (log.isDebugEnabled()) log.debug("begin getUnits"); UserHbm user = super.getUserHbmDao().load(AuthenticationHelper.getUserName()); Iterator iterator = null; if (getUserHbmDao().isInRole(user, UserRights.SITE_ROOT, user.getActiveSite())) { iterator = super.getUnitHbmDao().findAll(user.getActiveSite().getSiteId()).iterator(); } else { iterator = super.getUserHbmDao().getUnits4ActiveSite(user).iterator(); } UnitHbm unit; while (iterator.hasNext()) { unit = (UnitHbm) iterator.next(); UnitValue dao = getUnitHbmDao().getDao(unit); vec.addElement(dao); } if (log.isDebugEnabled()) log.debug("end getUnits"); } catch (Exception e) { throw new UserException(e.getMessage()); } return vec.toArray(new UnitValue[0]); } /** * @see de.juwimm.cms.authorization.remote.AuthorizationServiceSpring#getSites() */ @Override protected SiteValue[] handleGetSites() throws Exception { SiteValue[] retArr = null; try { if (log.isDebugEnabled()) log.debug("begin getSites for principal " + AuthenticationHelper.getUserName()); UserHbm user = super.getUserHbmDao().load(AuthenticationHelper.getUserName()); Collection coll = null; if (user.isMasterRoot()) { coll = super.getSiteHbmDao().findAll(); } else { coll = user.getSites(); } int i = 0; retArr = new SiteValue[coll.size()]; SiteHbm site; for (Iterator it = coll.iterator(); it.hasNext();) { site = (SiteHbm) it.next(); retArr[i++] = site.getSiteValue(); } if (log.isDebugEnabled()) log.debug("end getSites"); } catch (Exception exe) { log.error("Unknown Error occured inside getSites: " + exe.getMessage(), exe); } return retArr; } /** * @see de.juwimm.cms.authorization.remote.AuthorizationServiceSpring#login(java.lang.String, * java.lang.String, java.lang.Integer) */ @Override protected UserLoginValue handleLogin(String userName, String passwd, Integer siteId) throws Exception { // try { if (log.isDebugEnabled()) { log.debug("Try to login \"" + AuthenticationHelper.getUserName() + "\" at " + siteId); } SiteHbm site = null; try { site = super.getSiteHbmDao().load(siteId); } catch (Exception exe) { throw new SecurityException("Invalid SiteId"); } UserHbm user = null; try { user = super.getUserHbmDao().load(AuthenticationHelper.getUserName()); } catch (Exception ex) { throw new SecurityException("Invalid Principal"); } if (!user.isMasterRoot() && !user.getSites().contains(site)) { throw new SecurityException("User is not a member of the given site!"); } user.setActiveSite(site); user.setLoginDate((System.currentTimeMillis())); LoginContext lc = new LoginContext("juwimm-cms-security-domain", new InternalCallbackHandler(passwd)); lc.login(); /* * if(log.isDebugEnabled()) { Subject subj = lc.getSubject(); * Principal[] prip = (Principal[]) subj.getPrincipals().toArray(new * Principal[0]); Group groupPrincipal = null; for(int i = 0; i < * prip.length; i++) { if(prip[i] instanceof Group) { groupPrincipal = * ((Group) prip[i]); Enumeration group = groupPrincipal.members(); * while(group.hasMoreElements()) { Principal rolePrincipal = * ((Principal) group.nextElement()); String role = * rolePrincipal.getName(); log.debug("User is in role: " + role); } } * else { //log.warn("Found one Principal other then a group - is is: " + * prip[i].getName()); } } } */ if (log.isInfoEnabled()) log.info("Login User " + user.getUserId() + " at site " + site.getSiteId() + " (" + site.getShortName().trim() + ")"); // UserLoginValue ulv = user.getUserLoginValue(); UserLoginValue ulv = super.getUserHbmDao().getUserLoginValue(user); ulv.setSiteName(site.getName()); ulv.setSiteConfigXML(site.getConfigXML()); return ulv; // } catch (Exception e) { // throw new UserException(e.getMessage()); // } } /** * @see de.juwimm.cms.authorization.remote.AuthorizationServiceSpring#logout() */ @Override protected void handleLogout() throws Exception { UserHbm user = null; try { user = super.getUserHbmDao().load(AuthenticationHelper.getUserName()); if (log.isInfoEnabled()) log.info("Logout User " + user.getUserId()); user.setLoginDate(0L); } catch (Exception e) { throw new UserException(e.getMessage()); } } /** * */ private class InternalCallbackHandler implements CallbackHandler { private final String passwd; public InternalCallbackHandler(String passwd) { this.passwd = passwd; } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof NameCallback) { // prompt the user for a username NameCallback nc = (NameCallback) callbacks[i]; nc.setName(AuthenticationHelper.getUserName()); } else if (callbacks[i] instanceof PasswordCallback) { PasswordCallback pc = (PasswordCallback) callbacks[i]; pc.setPassword(this.passwd.toCharArray()); } } } } private class CredentialCallbackHandler implements CallbackHandler { private final String passwd; private final String user; public CredentialCallbackHandler(String user, String passwd) { this.passwd = passwd; this.user = user; } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof NameCallback) { NameCallback nc = (NameCallback) callbacks[i]; nc.setName(user); } else if (callbacks[i] instanceof PasswordCallback) { PasswordCallback pc = (PasswordCallback) callbacks[i]; pc.setPassword(this.passwd.toCharArray()); } } } } @Override protected void handleRemoteLoginLive(String userName, String pass) throws Exception { UserHbm user; try { user = getUserHbmDao().load(userName); } catch (Exception ex) { throw new SecurityException("Invalid Principal"); } user.setLoginDate((System.currentTimeMillis())); LoginContext lc = new LoginContext("juwimm-cms-security-domain", new CredentialCallbackHandler(userName, pass)); lc.login(); //UserLoginValue ulv = getUserHbmDao().getUserLoginValue(user); //return ulv; } @Override protected UserLoginValue handleRemoteLogin(String userName, String pass) throws Exception { UserHbm user; try { user = getUserHbmDao().load(userName); } catch (Exception ex) { throw new SecurityException("Invalid Principal"); } user.setLoginDate((System.currentTimeMillis())); LoginContext lc = new LoginContext("juwimm-cms-security-domain", new CredentialCallbackHandler(userName, pass)); lc.login(); UserLoginValue ulv = getUserHbmDao().getUserLoginValue(user); return ulv; } }