All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.jboss.security.cache.JBossAuthenticationCache Maven / Gradle / Ivy

There is a newer version: 5.1.0.Final
Show newest version
/*
  * JBoss, Home of Professional Open Source
  * Copyright 2007, JBoss Inc., and individual contributors as indicated
  * by the @authors tag. See the copyright.txt in the distribution for a
  * full listing of individual contributors.
  *
  * This is free software; you can redistribute it and/or modify it
  * under the terms of the GNU Lesser General Public License as
  * published by the Free Software Foundation; either version 2.1 of
  * the License, or (at your option) any later version.
  *
  * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
package org.jboss.security.cache;

import java.security.Principal;
import java.util.Arrays;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

import javax.security.auth.Subject;

import org.jboss.security.PicketBoxMessages;
import org.jboss.security.SecurityConstants;
 

/**
 *  Authentication Cache keyed in by Principal
 *  @author [email protected]
 *  @since  May 13, 2007 
 *  @version $Revision$
 */
public class JBossAuthenticationCache implements SecurityCache
{ 
   /** Initial Capacity for the Hash Map **/
   private int initialCapacity = 16;
   
   /** Load Factor for the HashMap **/
   private float loadFactor = (float) 0.75;
   
   /** Concurrency Level hint to the concurrent hashmap **/
   private int concurrencyLevel = 16; 
   
   private ConcurrentHashMap cacheMap = null; 
   
   public JBossAuthenticationCache()
   { 
      constructCache();
   }
   
   public JBossAuthenticationCache(int initCapacity, float loadFactor,int level)
   {
      this.concurrencyLevel = level;
      this.loadFactor = loadFactor;
      this.initialCapacity = initCapacity; 
      constructCache();
   }
   
   /**
    * @see SecurityCache#addCacheEntry(Object, Map)
    */
   public void addCacheEntry(Principal principal, Map map) 
   throws SecurityCacheException
   {
      try
      {
         AuthCacheObject ao = new AuthCacheObject(map.get(SecurityConstants.CREDENTIAL),
               (Subject) map.get(SecurityConstants.SUBJECT));
         cacheMap.put(principal, ao);
      }
      catch(Exception e)
      {
         throw new SecurityCacheException(e);
      }
   }
   
   /**
    * @see SecurityCache#cacheHit(Object)
    */
   public boolean cacheHit(Principal principal)
   {
      return cacheMap.containsKey(principal);
   }

   /**
    * @see SecurityCache#cacheOperation(Object, Map)
    */
   @SuppressWarnings({"unchecked", "rawtypes"})
   public void cacheOperation(Principal principal, Map map) 
   throws SecurityCacheException
   {
      boolean isValid = false;
      if(!cacheHit(principal))
         throw new SecurityCacheException(PicketBoxMessages.MESSAGES.cacheMissMessage());
      Object cred = map.get(SecurityConstants.CREDENTIAL);
      AuthCacheObject ao = cacheMap.get(principal);
      Object cacheCred = ao.credential;
      
      //Anonymous login
      if(cred == null || cacheCred == null)
      {
         if(cred == null && cacheCred == null)
            isValid = true; 
      }  
      // See if the credential is assignable to the cache value
      else if( cacheCred.getClass().isAssignableFrom(cred.getClass()) )
      {
        /* Validate the credential by trying Comparable, char[], byte[],
         Object[], and finally Object.equals()
         */
         if( cacheCred instanceof Comparable )
         {
            Comparable c = (Comparable) cacheCred;
            isValid = c.compareTo(cred) == 0;
         }
         else if( cacheCred instanceof char[] )
         {
            char[] a1 = (char[]) cacheCred;
            char[] a2 = (char[]) cred;
            isValid = Arrays.equals(a1, a2);
         }
         else if( cacheCred instanceof byte[] )
         {
            byte[] a1 = (byte[]) cacheCred;
            byte[] a2 = (byte[]) cred;
            isValid = Arrays.equals(a1, a2);
         }
         else if( cacheCred.getClass().isArray() )
         {
            Object[] a1 = (Object[]) cacheCred;
            Object[] a2 = (Object[]) cred;
            isValid = Arrays.equals(a1, a2);
         }
         else
         {
            isValid = cacheCred.equals(cred);
         }
      }
      else if( cacheCred instanceof char[] && cred instanceof String )
      {
         char[] a1 = (char[]) cacheCred;
         char[] a2 = ((String) cred).toCharArray();
         isValid = Arrays.equals(a1, a2);
      }
      else if( cacheCred instanceof String && cred instanceof char[] )
      {
         char[] a1 = ((String) cacheCred).toCharArray();
         char[] a2 = (char[]) cred;
         isValid = Arrays.equals(a1, a2);         
      }
      
      if(!isValid)
         throw new SecurityCacheException(PicketBoxMessages.MESSAGES.cacheValidationFailedMessage());
   }

   /**
    * @see SecurityCache#get(Object)
    */ 
   @SuppressWarnings("unchecked")
   public  Y get(Principal key) throws SecurityCacheException
   {
      Subject subj = null;
      if(cacheHit(key))
      {
         AuthCacheObject aco = cacheMap.get(key);
         subj = aco.subject;
      }
      return (Y) subj;
   }
   
   private void constructCache()
   {
      cacheMap = 
         new ConcurrentHashMap(initialCapacity,
               loadFactor, concurrencyLevel);
   }
   
   private class AuthCacheObject
   {
      private Object credential;
      private Subject subject;
      
      public AuthCacheObject(Object credential, Subject subject)
      {
         super();
         this.credential = credential;
         this.subject = subject;
      } 
   }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy