001: package org.apache.turbine.services.security.ldap;
002:
003: /*
004: * Copyright 2001-2005 The Apache Software Foundation.
005: *
006: * Licensed under the Apache License, Version 2.0 (the "License")
007: * you may not use this file except in compliance with the License.
008: * You may obtain a copy of the License at
009: *
010: * http://www.apache.org/licenses/LICENSE-2.0
011: *
012: * Unless required by applicable law or agreed to in writing, software
013: * distributed under the License is distributed on an "AS IS" BASIS,
014: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015: * See the License for the specific language governing permissions and
016: * limitations under the License.
017: */
018:
019: import java.io.ByteArrayOutputStream;
020: import java.io.PrintWriter;
021: import java.sql.Connection;
022: import java.util.Hashtable;
023: import javax.naming.NamingException;
024: import javax.naming.directory.Attribute;
025: import javax.naming.directory.Attributes;
026: import javax.naming.directory.BasicAttribute;
027: import javax.naming.directory.BasicAttributes;
028: import javax.servlet.http.HttpSessionBindingEvent;
029:
030: import org.apache.commons.logging.Log;
031: import org.apache.commons.logging.LogFactory;
032: import org.apache.torque.om.BaseObject;
033: import org.apache.torque.om.StringKey;
034: import org.apache.turbine.om.security.User;
035: import org.apache.turbine.services.security.TurbineSecurity;
036:
037: /**
038: * LDAPUser implements User and provides access to a user who accesses the
039: * system via LDAP.
040: *
041: * @author <a href="mailto:cberry@gluecode.com">Craig D. Berry</a>
042: * @author <a href="mailto:tadewunmi@gluecode.com">Tracy M. Adewunmi</a>
043: * @author <a href="mailto:lflournoy@gluecode.com">Leonard J. Flournoy </a>
044: * @author <a href="mailto:dlr@finemaltcoding.com">Daniel Rall</a>
045: * @author <a href="mailto:hhernandez@itweb.com.mx">Humberto Hernandez</a>
046: * @version $Id: LDAPUser.java 278822 2005-09-05 19:53:05Z henning $
047: */
048: public class LDAPUser extends BaseObject implements User {
049:
050: /** Serial Version UID */
051: private static final long serialVersionUID = 3953123276619326752L;
052:
053: /** Logging */
054: private static Log log = LogFactory.getLog(LDAPUser.class);
055:
056: /* A few attributes common to a User. */
057:
058: /** Date when the user was created */
059: private java.util.Date createDate = null;
060:
061: /** Date when the user was last accessed */
062: private java.util.Date lastAccessDate = null;
063:
064: /** timeout */
065: private int timeout = 15;
066:
067: /** This is data that will survive a servlet engine restart. */
068: private Hashtable permStorage = null;
069:
070: /** This is data that will not survive a servlet engine restart. */
071: private Hashtable tempStorage = null;
072:
073: /**
074: * Constructor.
075: * Create a new User and set the createDate.
076: */
077: public LDAPUser() {
078: createDate = new java.util.Date();
079: tempStorage = new Hashtable(10);
080: permStorage = new Hashtable(10);
081: setHasLoggedIn(Boolean.FALSE);
082: }
083:
084: /**
085: * Populates the user with values obtained from the LDAP Service.
086: * This method could be redefined in subclasses.
087: * @param attribs The attributes obtained from LDAP.
088: * @throws NamingException if there was an error with JNDI.
089: */
090: public void setLDAPAttributes(Attributes attribs)
091: throws NamingException {
092:
093: Attribute attr;
094: String attrName;
095:
096: // Set the User id.
097: attrName = LDAPSecurityConstants.getUserIdAttribute();
098: if (attrName != null) {
099: attr = attribs.get(attrName);
100: if (attr != null && attr.get() != null) {
101: try {
102: setPrimaryKey(new StringKey(attr.get().toString()));
103: } catch (Exception ex) {
104: log.error("Exception caught:", ex);
105: }
106: }
107: }
108:
109: // Set the Username.
110: attrName = LDAPSecurityConstants.getNameAttribute();
111: if (attrName != null) {
112: attr = attribs.get(attrName);
113: if (attr != null && attr.get() != null) {
114: setUserName(attr.get().toString());
115: }
116: } else {
117: log.error("There is no LDAP attribute for the username.");
118: }
119:
120: // Set the Firstname.
121: attrName = LDAPSecurityConstants.getFirstNameAttribute();
122: if (attrName != null) {
123: attr = attribs.get(attrName);
124: if (attr != null && attr.get() != null) {
125: setFirstName(attr.get().toString());
126: }
127: }
128:
129: // Set the Lastname.
130: attrName = LDAPSecurityConstants.getLastNameAttribute();
131: if (attrName != null) {
132: attr = attribs.get(attrName);
133: if (attr != null && attr.get() != null) {
134: setLastName(attr.get().toString());
135: }
136: }
137:
138: // Set the E-Mail
139: attrName = LDAPSecurityConstants.getEmailAttribute();
140: if (attrName != null) {
141: attr = attribs.get(attrName);
142: if (attr != null && attr.get() != null) {
143: setEmail(attr.get().toString());
144: }
145: }
146: }
147:
148: /**
149: * Get the JNDI Attributes used to store the user in LDAP.
150: * This method could be redefined in a subclass.
151: *
152: * @throws NamingException if there is a JNDI error.
153: * @return The JNDI attributes of the user.
154: */
155: public Attributes getLDAPAttributes() throws NamingException {
156: Attributes attribs = new BasicAttributes();
157: String attrName;
158:
159: // Set the objectClass
160: attrName = "objectClass";
161: if (attrName != null) {
162: Object value = "turbineUser";
163:
164: if (value != null) {
165: Attribute attr = new BasicAttribute(attrName, value);
166:
167: attribs.put(attr);
168: }
169: }
170:
171: // Set the User id.
172: attrName = LDAPSecurityConstants.getUserIdAttribute();
173: if (attrName != null) {
174: Object value = getPrimaryKey();
175:
176: if (value != null) {
177: Attribute attr = new BasicAttribute(attrName, value);
178:
179: attribs.put(attr);
180: }
181: }
182:
183: // Set the Username.
184: attrName = LDAPSecurityConstants.getNameAttribute();
185: if (attrName != null) {
186: Object value = getName();
187:
188: if (value != null) {
189: Attribute attr = new BasicAttribute(attrName, value);
190:
191: attribs.put(attr);
192: }
193: }
194:
195: // Set the Firstname.
196: attrName = LDAPSecurityConstants.getFirstNameAttribute();
197: if (attrName != null) {
198: Object value = getFirstName();
199:
200: if (value != null) {
201: Attribute attr = new BasicAttribute(attrName, value);
202:
203: attribs.put(attr);
204: }
205: }
206:
207: // Set the Lastname.
208: attrName = LDAPSecurityConstants.getLastNameAttribute();
209: if (attrName != null) {
210: Object value = getLastName();
211:
212: if (value != null) {
213: Attribute attr = new BasicAttribute(attrName, value);
214:
215: attribs.put(attr);
216: }
217: }
218:
219: // Set the E-Mail.
220: attrName = LDAPSecurityConstants.getEmailAttribute();
221: if (attrName != null) {
222: Object value = getEmail();
223:
224: if (value != null) {
225: Attribute attr = new BasicAttribute(attrName, value);
226:
227: attribs.put(attr);
228: }
229: }
230:
231: // Set the Password
232: attrName = LDAPSecurityConstants.getPasswordAttribute();
233: if (attrName != null) {
234: Object value = getPassword();
235:
236: if (value != null) {
237: Attribute attr = new BasicAttribute(attrName, value);
238:
239: attribs.put(attr);
240: }
241: }
242:
243: return attribs;
244: }
245:
246: /**
247: * Gets the distinguished name (DN) of the User.
248: * This method could be redefined in a subclass.
249: * @return The Distinguished Name of the user.
250: */
251: public String getDN() {
252: String filterAttribute = LDAPSecurityConstants
253: .getNameAttribute();
254: String userBaseSearch = LDAPSecurityConstants.getBaseSearch();
255: String userName = getName();
256:
257: String dn = filterAttribute + "=" + userName + ","
258: + userBaseSearch;
259:
260: return dn;
261: }
262:
263: /**
264: * Gets the access counter for a user during a session.
265: *
266: * @return The access counter for the user for the session.
267: */
268: public int getAccessCounterForSession() {
269: try {
270: return ((Integer) getTemp(User.SESSION_ACCESS_COUNTER))
271: .intValue();
272: } catch (Exception e) {
273: return 0;
274: }
275: }
276:
277: /**
278: * Gets the access counter for a user from perm storage.
279: *
280: * @return The access counter for the user.
281: */
282: public int getAccessCounter() {
283: try {
284: return ((Integer) getPerm(User.ACCESS_COUNTER)).intValue();
285: } catch (Exception e) {
286: return 0;
287: }
288: }
289:
290: /**
291: * Gets the create date for this User. This is the time at which
292: * the user object was created.
293: *
294: * @return A Java Date with the date of creation for the user.
295: */
296: public java.util.Date getCreateDate() {
297: return createDate;
298: }
299:
300: /**
301: * Returns the value of Confirmed variable
302: * @return the confirm value.
303: */
304: public String getConfirmed() {
305: String tmp = null;
306:
307: tmp = (String) getPerm(User.CONFIRM_VALUE);
308: if (tmp != null && tmp.length() == 0) {
309: tmp = null;
310: }
311: return tmp;
312: }
313:
314: /**
315: * Returns the Email for this user. If this is defined, then
316: * the user is considered logged in.
317: *
318: * @return A String with the user's Email.
319: */
320: public String getEmail() {
321: String tmp = null;
322:
323: tmp = (String) getPerm(User.EMAIL);
324: if (tmp != null && tmp.length() == 0) {
325: tmp = null;
326: }
327: return tmp;
328: }
329:
330: /**
331: * Gets the last access date for this User. This is the last time
332: * that the user object was referenced.
333: *
334: * @return A Java Date with the last access date for the user.
335: */
336: public java.util.Date getLastAccessDate() {
337: if (lastAccessDate == null) {
338: setLastAccessDate();
339: }
340: return lastAccessDate;
341: }
342:
343: /**
344: * Get last login date/time for this user.
345: *
346: * @return A Java Date with the last login date for the user.
347: */
348: public java.util.Date getLastLogin() {
349: return (java.util.Date) getPerm(User.LAST_LOGIN);
350: }
351:
352: /**
353: * Get password for this user.
354: *
355: * @return A String with the password for the user.
356: */
357: public String getPassword() {
358: return (String) getPerm(User.PASSWORD);
359: }
360:
361: /**
362: * Get an object from permanent storage.
363: * @param name The object's name.
364: * @return An Object with the given name.
365: */
366: public Object getPerm(String name) {
367: return permStorage.get(name);
368: }
369:
370: /**
371: * Get an object from permanent storage; return default if value
372: * is null.
373: *
374: * @param name The object's name.
375: * @param def A default value to return.
376: * @return An Object with the given name.
377: */
378: public Object getPerm(String name, Object def) {
379: try {
380: Object val = permStorage.get(name);
381:
382: if (val == null) {
383: return def;
384: }
385: return val;
386: } catch (Exception e) {
387: return def;
388: }
389: }
390:
391: /**
392: * This should only be used in the case where we want to save the
393: * data to the database.
394: *
395: * @return A Hashtable.
396: */
397: public Hashtable getPermStorage() {
398: if (this .permStorage == null) {
399: this .permStorage = new Hashtable();
400: }
401: return this .permStorage;
402: }
403:
404: /**
405: * Get an object from temporary storage.
406: *
407: * @param name The object's name.
408: * @return An Object with the given name.
409: */
410: public Object getTemp(String name) {
411: return tempStorage.get(name);
412: }
413:
414: /**
415: * Get an object from temporary storage; return default if value
416: * is null.
417: *
418: * @param name The object's name.
419: * @param def A default value to return.
420: * @return An Object with the given name.
421: */
422: public Object getTemp(String name, Object def) {
423: Object val;
424:
425: try {
426: val = tempStorage.get(name);
427: if (val == null) {
428: val = def;
429: }
430: } catch (Exception e) {
431: val = def;
432: }
433: return val;
434: }
435:
436: /**
437: * A User object can have a variable Timeout, which is defined in
438: * minutes. If the user has been timed out, then the
439: * hasLoggedIn() value will return false.
440: *
441: * @return An int specifying the timeout.
442: */
443: public int getTimeout() {
444: return this .timeout;
445: }
446:
447: /**
448: * Returns the username for this user. If this is defined, then
449: * the user is considered logged in.
450: *
451: * @return A String with the username.
452: * @deprecated Use getName() instead
453: */
454: public String getUserName() {
455: return getName();
456: }
457:
458: /**
459: * Returns the first name for this user. If this is defined, then
460: * the user is considered logged in.
461: *
462: * @return A String with the user's first name.
463: */
464: public String getFirstName() {
465: String tmp = null;
466:
467: tmp = (String) getPerm(User.FIRST_NAME);
468: if (tmp != null && tmp.length() == 0) {
469: tmp = null;
470: }
471: return tmp;
472: }
473:
474: /**
475: * Returns the last name for this user. If this is defined, then
476: * the user is considered logged in.
477: *
478: * @return A String with the user's last name.
479: */
480: public String getLastName() {
481: String tmp = null;
482:
483: tmp = (String) getPerm(User.LAST_NAME);
484: if (tmp != null && tmp.length() == 0) {
485: tmp = null;
486: }
487: return tmp;
488: }
489:
490: /**
491: * The user is considered logged in if they have not timed out.
492: *
493: * @return True if the user has logged in.
494: */
495: public boolean hasLoggedIn() {
496: Boolean tmp = getHasLoggedIn();
497:
498: if (tmp != null && tmp.booleanValue()) {
499: return true;
500: } else {
501: return false;
502: }
503: }
504:
505: /**
506: * This method reports whether or not the user has been confirmed
507: * in the system by checking the <code>CONFIRM_VALUE</code>
508: * column to see if it is equal to <code>CONFIRM_DATA</code>.
509: *
510: * @return True if the user has been confirmed.
511: */
512: public boolean isConfirmed() {
513: return ((String) getTemp(CONFIRM_VALUE, ""))
514: .equals(CONFIRM_DATA);
515: }
516:
517: /**
518: * Increments the permanent hit counter for the user.
519: */
520: public void incrementAccessCounter() {
521: setAccessCounter(getAccessCounter() + 1);
522: }
523:
524: /**
525: * Increments the session hit counter for the user.
526: */
527: public void incrementAccessCounterForSession() {
528: setAccessCounterForSession(getAccessCounterForSession() + 1);
529: }
530:
531: /**
532: * Remove an object from temporary storage and return the object.
533: *
534: * @param name The name of the object to remove.
535: * @return An Object.
536: */
537: public Object removeTemp(String name) {
538: return tempStorage.remove(name);
539: }
540:
541: /**
542: * Sets the access counter for a user, saved in perm storage.
543: *
544: * @param cnt The new count.
545: */
546: public void setAccessCounter(int cnt) {
547: setPerm(User.ACCESS_COUNTER, new Integer(cnt));
548: }
549:
550: /**
551: * Sets the session access counter for a user, saved in temp
552: * storage.
553: *
554: * @param cnt The new count.
555: */
556: public void setAccessCounterForSession(int cnt) {
557: setTemp(User.SESSION_ACCESS_COUNTER, new Integer(cnt));
558: }
559:
560: /**
561: * Set the users confirmed variable
562: *
563: * @param confirm The new confim value.
564: */
565: public void setConfirmed(String confirm) {
566: getPerm(User.CONFIRM_VALUE, confirm);
567: }
568:
569: /**
570: * Sets the last access date for this User. This is the last time
571: * that the user object was referenced.
572: */
573: public void setLastAccessDate() {
574: lastAccessDate = new java.util.Date();
575: }
576:
577: /**
578: * Sets the create date for this User. This is the time at which
579: * the user object was created.
580: *
581: * @param date The create date.
582: */
583: public void setCreateDate(java.util.Date date) {
584: createDate = date;
585: }
586:
587: /**
588: * Set the users Email
589: *
590: * @param email The new email.
591: */
592: public void setEmail(String email) {
593: setPerm(User.EMAIL, email);
594: }
595:
596: /**
597: * Set the users First Name
598: *
599: * @param fname The new firstname.
600: */
601: public void setFirstName(String fname) {
602: setPerm(User.FIRST_NAME, fname);
603: }
604:
605: /**
606: * Set last login date/time.
607: *
608: * @param date The last login date.
609: */
610: public void setLastLogin(java.util.Date date) {
611: setPerm(User.LAST_LOGIN, date);
612: }
613:
614: /**
615: * Set the users Last Name
616: * Sets the last name for this user.
617: *
618: * @param lname The new lastname.
619: */
620: public void setLastName(String lname) {
621: setPerm(User.LAST_NAME, lname);
622: }
623:
624: /**
625: * Set password.
626: *
627: * @param password The new password.
628: */
629: public void setPassword(String password) {
630: setPerm(User.PASSWORD, password);
631: }
632:
633: /**
634: * Put an object into permanent storage.
635: *
636: * @param name The object's name.
637: * @param value The object.
638: */
639: public void setPerm(String name, Object value) {
640: permStorage.put(name, value);
641: }
642:
643: /**
644: * This should only be used in the case where we want to save the
645: * data to the database.
646: *
647: * @param stuff A Hashtable.
648: */
649: public void setPermStorage(Hashtable stuff) {
650: this .permStorage = stuff;
651: }
652:
653: /**
654: * This should only be used in the case where we want to save the
655: * data to the database.
656: *
657: * @return A Hashtable.
658: */
659: public Hashtable getTempStorage() {
660: if (this .tempStorage == null) {
661: this .tempStorage = new Hashtable();
662: }
663: return this .tempStorage;
664: }
665:
666: /**
667: * This should only be used in the case where we want to save the
668: * data to the database.
669: *
670: * @param storage A Hashtable.
671: */
672: public void setTempStorage(Hashtable storage) {
673: this .tempStorage = storage;
674: }
675:
676: /**
677: * This gets whether or not someone has logged in. hasLoggedIn()
678: * returns this value as a boolean. This is private because you
679: * should use hasLoggedIn() instead.
680: *
681: * @return True if someone has logged in.
682: */
683: private Boolean getHasLoggedIn() {
684: return (Boolean) getTemp(User.HAS_LOGGED_IN);
685: }
686:
687: /**
688: * This sets whether or not someone has logged in. hasLoggedIn()
689: * returns this value.
690: *
691: * @param value Whether someone has logged in or not.
692: */
693: public void setHasLoggedIn(Boolean value) {
694: setTemp(User.HAS_LOGGED_IN, value);
695: }
696:
697: /**
698: * Put an object into temporary storage.
699: *
700: * @param name The object's name.
701: * @param value The object.
702: */
703: public void setTemp(String name, Object value) {
704: tempStorage.put(name, value);
705: }
706:
707: /**
708: * A User object can have a variable Timeout which is defined in
709: * minutes. If the user has been timed out, then the
710: * hasLoggedIn() value will return false.
711: *
712: * @param time The user's timeout.
713: */
714: public void setTimeout(int time) {
715: this .timeout = time;
716: }
717:
718: /**
719: * Sets the username for this user.
720: *
721: * @param username The user's username.
722: */
723: public void setUserName(String username) {
724: setPerm(User.USERNAME, username);
725: }
726:
727: /**
728: * Updates the last login date in the database.
729: *
730: * @exception Exception a generic exception.
731: */
732: public void updateLastLogin() throws Exception {
733: setPerm(User.LAST_LOGIN, new java.util.Date());
734: }
735:
736: /**
737: * Implement this method if you wish to be notified when the User
738: * has been Bound to the session.
739: *
740: * @param hsbe The HttpSessionBindingEvent.
741: */
742: public void valueBound(HttpSessionBindingEvent hsbe) {
743: // Do not currently need this method.
744: }
745:
746: /**
747: * Implement this method if you wish to be notified when the User
748: * has been Unbound from the session.
749: *
750: * @param hsbe The HttpSessionBindingEvent.
751: */
752: public void valueUnbound(HttpSessionBindingEvent hsbe) {
753: try {
754: if (hasLoggedIn()) {
755: TurbineSecurity.saveUser(this );
756: }
757: } catch (Exception e) {
758: log.error("BaseUser.valueUnbobund(): " + e.getMessage());
759: log.error(e);
760:
761: // To prevent messages being lost in case the logging system
762: // goes away before sessions get unbound on servlet container
763: // shutdown, print the stcktrace to the container's console.
764: ByteArrayOutputStream ostr = new ByteArrayOutputStream();
765:
766: e.printStackTrace(new PrintWriter(ostr, true));
767: String stackTrace = ostr.toString();
768:
769: System.out.println(stackTrace);
770: }
771: }
772:
773: /**
774: * Returns the username for this user. If this is defined, then
775: * the user is considered logged in.
776: *
777: * @return A String with the username.
778: */
779: public String getName() {
780: String tmp = null;
781:
782: tmp = (String) getPerm(User.USERNAME);
783: if (tmp != null && tmp.length() == 0) {
784: tmp = null;
785: }
786: return tmp;
787: }
788:
789: /**
790: * Not implemented.
791: * @param name the name of the User.
792: */
793: public void setName(String name) {
794: }
795:
796: /**
797: * Not implemented.
798: * @return 0
799: */
800: public int getId() {
801: return 0;
802: }
803:
804: /**
805: * Not implemented.
806: * @return null
807: */
808: public Integer getIdAsObj() {
809: return new Integer(0);
810: }
811:
812: /**
813: * Not implemented.
814: *
815: * @param id The id of the User.
816: */
817: public void setId(int id) {
818: }
819:
820: /**
821: * Saves this object to the data store.
822: * @throws Exception if it cannot be saved
823: */
824: public void save() throws Exception {
825: if (TurbineSecurity.accountExists(this )) {
826: TurbineSecurity.saveUser(this );
827: } else {
828: TurbineSecurity.addUser(this , getPassword());
829: }
830: }
831:
832: /**
833: * not implemented
834: *
835: * @param conn the database connection
836: * @throws Exception if there is an error
837: */
838: public void save(Connection conn) throws Exception {
839: throw new Exception("not implemented");
840: }
841:
842: /**
843: * not implemented
844: *
845: * @param dbname the database name
846: * @throws Exception if there is an error
847: */
848: public void save(String dbname) throws Exception {
849: throw new Exception("not implemented");
850: }
851:
852: }
|