001: /*
002: jGuard is a security framework based on top of jaas (java authentication and authorization security).
003: it is written for web applications, to resolve simply, access control problems.
004:
005: http://sourceforge.net/projects/jguard/
006:
007: Copyright (C) 2004 Charles GAY
008:
009: This library is free software; you can redistribute it and/or
010: modify it under the terms of the GNU Lesser General Public
011: License as published by the Free Software Foundation; either
012: version 2.1 of the License, or (at your option) any later version.
013:
014: This library is distributed in the hope that it will be useful,
015: but WITHOUT ANY WARRANTY; without even the implied warranty of
016: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
017: Lesser General Public License for more details.
018:
019: You should have received a copy of the GNU Lesser General Public
020: License along with this library; if not, write to the Free Software
021: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
022:
023:
024: jGuard project home page:
025: http://sourceforge.net/projects/jguard/
026:
027: */
028: package net.sf.jguard.core.authentication.configuration;
029:
030: import java.security.AccessController;
031: import java.util.ArrayList;
032: import java.util.Arrays;
033: import java.util.Collection;
034: import java.util.HashMap;
035: import java.util.Iterator;
036: import java.util.List;
037: import java.util.Map;
038: import java.util.logging.Level;
039: import java.util.logging.Logger;
040:
041: import javax.security.auth.AuthPermission;
042: import javax.security.auth.login.AppConfigurationEntry;
043: import javax.security.auth.login.Configuration;
044:
045: /**
046: * extends the <a href="http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/login/Configuration.html">
047: * Configuration</a>
048: * this class is used to define the authentication stack scheme per application.
049: * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
050: *
051: */
052: public final class JGuardConfiguration extends Configuration {
053:
054: private Collection internalConfigs = null;
055: private Map appConfigurations = null;
056: private static Logger logger = Logger
057: .getLogger(JGuardConfiguration.class.getName());
058:
059: /**
060: * constructor.
061: */
062: public JGuardConfiguration() {
063: super ();
064: logger.finest("##### JGuardConfiguration #####");
065:
066: internalConfigs = new ArrayList();
067: appConfigurations = new HashMap();
068:
069: }
070:
071: /**
072: * reload the Configuration.
073: * @see javax.security.auth.login.Configuration#refresh()
074: */
075: public void refresh() {
076: AccessController.checkPermission(new AuthPermission(
077: "refreshLoginConfiguration"));
078:
079: if (internalConfigs.size() > 0) {
080: Iterator itConfigs = internalConfigs.iterator();
081: while (itConfigs.hasNext()) {
082: Configuration tempConfig = (Configuration) itConfigs
083: .next();
084: tempConfig.refresh();
085: }
086: }
087:
088: }
089:
090: /**
091: * retrieve the AppConfigurationEntry array for the corresponding application's name.
092: * @param applicationName
093: * @return array of AppConfigurationEntry
094: * @see javax.security.auth.login.Configuration#getAppConfigurationEntry(java.lang.String)
095: */
096: public AppConfigurationEntry[] getAppConfigurationEntry(
097: String applicationName) {
098: Collection appInternalEntries = new ArrayList();
099: Iterator itConfigs = internalConfigs.iterator();
100: while (itConfigs.hasNext()) {
101: Configuration tempConfig = (Configuration) itConfigs.next();
102: if (tempConfig == null) {
103: itConfigs.remove();
104: logger
105: .log(
106: Level.WARNING,
107: "the default Configuration implementation has been removed from the JGuardConfiguration which imported it");
108: } else if (tempConfig
109: .getAppConfigurationEntry(applicationName) != null) {
110: appInternalEntries.addAll(Arrays.asList(tempConfig
111: .getAppConfigurationEntry(applicationName)));
112: }
113: }
114:
115: List jGuardAppConfigEntries = (List) appConfigurations
116: .get(applicationName);
117:
118: if (jGuardAppConfigEntries != null) {
119: appInternalEntries.addAll(jGuardAppConfigEntries);
120: }
121: if (appInternalEntries.size() > 0) {
122: return (AppConfigurationEntry[]) appInternalEntries
123: .toArray(new AppConfigurationEntry[appInternalEntries
124: .size()]);
125: }
126:
127: return null;
128:
129: }
130:
131: /**
132: * add AppconfigurationEntries for a specified application.
133: * @param applicationName
134: * @param entries
135: * @see javax.security.auth.login.Configuration#getAppConfigurationEntry(java.lang.String)
136: */
137: public void addConfigEntriesForApplication(String applicationName,
138: List entries) {
139: if (entries == null || entries.size() == 0) {
140: logger.log(Level.WARNING,
141: " entries provided are null or empty ");
142: return;
143: }
144:
145: List applicationEntries = (List) appConfigurations
146: .get(applicationName);
147: if (applicationEntries == null) {
148: //this application is not yet configured
149: appConfigurations.put(applicationName, entries);
150: }
151:
152: //we don't add other appConfigurationEntries if the application name already exists
153: //because when webapp stops and start (but not app server), configuration for the application
154: // will have twice loginmodules
155: }
156:
157: /**
158: * add the same AppconfigurationEntries like an already configured application.
159: * @param applicationName name of the application to configure
160: * @param applicationTemplateName name of the application
161: * which will be the template to configure the first one.
162: * @see javax.security.auth.login.Configuration#getAppConfigurationEntry(java.lang.String)
163: */
164: public void addConfigEntriesLikeApplication(String applicationName,
165: String applicationTemplateName) {
166: List applicationEntries = (List) appConfigurations
167: .get(applicationTemplateName);
168: if (applicationEntries == null) {
169: logger
170: .log(Level.SEVERE,
171: " there is no applications registered with your applicationName and password ");
172: return;
173: }
174: appConfigurations.put(applicationName, applicationEntries);
175: }
176:
177: /**
178: * add the same AppconfigurationEntries like an already configured application.
179: * @param applicationName
180: * @param password
181: * @param applicationTemplateName
182: */
183: public void addConfigEntriesLikeApplication(String applicationName,
184: String password, String applicationTemplateName) {
185: StringBuffer newApplicationName = new StringBuffer(
186: applicationName).append('#').append(password);
187: addConfigEntriesLikeApplication(newApplicationName.toString(),
188: applicationTemplateName);
189: }
190:
191: /**
192: * include Configuration information.
193: * @param configuration
194: */
195: protected void includeConfiguration(Configuration configuration) {
196: //we do not include a jGuardConfiguration to prevent infinite loop
197: if (!configuration.getClass().getName().equals(
198: JGuardConfiguration.class.getName())
199: && !internalConfigs.contains(configuration)) {
200: internalConfigs.add(configuration);
201: }
202: }
203:
204: /**
205: * register the application with a name and a password
206: * add AppconfigurationEntries for a specified application.
207: * @param applicationName
208: * @param password
209: * @param entries
210: * @see javax.security.auth.login.Configuration#getAppConfigurationEntry(java.lang.String)
211: */
212: public void addConfigEntriesForApplication(String applicationName,
213: String password, List entries) {
214: StringBuffer newApplicationName = new StringBuffer(
215: applicationName).append('#').append(password);
216: addConfigEntriesForApplication(newApplicationName.toString(),
217: entries);
218: }
219:
220: }
|