openwfe.org.auth.Passwd Maven / Gradle / Ivy
/*
* Copyright (c) 2001-2006, John Mettraux, OpenWFE.org
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* . Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* . Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* . Neither the name of the "OpenWFE" nor the names of its contributors may be
* used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $Id: Passwd.java 3077 2006-08-30 06:01:05Z jmettraux $
*/
//
// Passwd.java
//
// [email protected]
//
// made in the CreveCoeur
//
// generated with
// jtmpl 1.0.04 31.10.2002 John Mettraux ([email protected])
//
package openwfe.org.auth;
import java.security.ProtectionDomain;
import java.security.Permissions;
import java.security.PermissionCollection;
import javax.security.auth.Subject;
/**
* Encapsulating authentification and authorizations.
*
*
* Important note
* Log ouptut for Passwd and PolicyService has been commented out, it
* induced stack overflow errors when log4j was rotating its log files (and
* thus requesting this PolicyService for filepermissions).
* Feel free to comment in log output, but beware to comment it out for
* production builds.
*
*
* CVS Info :
*
$Author: jmettraux $
*
$Date: 2006-08-30 08:01:05 +0200 (Wed, 30 Aug 2006) $
*
$Id: Passwd.java 3077 2006-08-30 06:01:05Z jmettraux $
*
* @author [email protected]
*/
public class Passwd
{
private final static org.apache.log4j.Logger log = org.apache.log4j.Logger
.getLogger(Passwd.class.getName());
//
// FIELDS
private String name = null;
private java.util.Map grantMap = null;
private java.util.Map principalMap = null;
private java.util.List principalList = null;
// principals archetypes are stored by their names
// and as a list
//
// CONSTRUCTORS
public Passwd
(final String name,
final java.util.List principalList,
final java.util.Map grantMap)
{
this.name = name;
this.principalList = principalList;
this.grantMap = grantMap;
buildPrincipalMap();
}
//
// METHODS
public String getName ()
{
return this.name;
}
public java.util.Map getPrincipalMap ()
{
return this.principalMap;
}
public java.util.Map getGrantMap ()
{
return this.grantMap;
}
public Principal authentify
(final String principalName, final Object credentials)
throws
AuthException
{
Principal p = (Principal)this.principalMap.get(principalName);
if (p == null)
{
if (log.isDebugEnabled())
{
log.debug
("authentify() "+
"No principal named '"+principalName+"' found in map");
}
final java.util.Iterator it = this.principalList.iterator();
while (it.hasNext())
{
final Principal ip = (Principal)it.next();
//log.debug
// ("authentify() "+
// "does '"+principalName+
// "' match '"+ip.getName()+"'");
if (principalName.matches(ip.getName()))
{
p = ip;
break;
}
}
if (p == null)
{
throw new AuthException
("No principal named '"+principalName+"' found");
}
}
if (log.isDebugEnabled())
log.debug("authentify() is p a copy ? "+p.isCopy());
if ( ! p.authentify(credentials))
{
log.debug("authentify() authentication failed.");
return null;
}
return p.getWorkCopy(principalName);
}
/*
* extracts the Principal this class cares about
*/
private Principal extractsEffectivePrincipal (ProtectionDomain domain)
throws AuthException
{
java.security.Principal[] principals = domain.getPrincipals();
for (int i=0; i