001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.catalina.authenticator;
018:
019: import java.security.Principal;
020:
021: import org.apache.catalina.Session;
022: import org.apache.catalina.authenticator.Constants;
023:
024: /**
025: * A class that represents entries in the cache of authenticated users.
026: * This is necessary to make it available to
027: * <code>AuthenticatorBase</code> subclasses that need it in order to perform
028: * reauthentications when SingleSignOn is in use.
029: *
030: * @author B Stansberry, based on work by Craig R. McClanahan
031: * @version $Revision: 500629 $
032: *
033: * @see SingleSignOn
034: * @see AuthenticatorBase#reauthenticateFromSSO
035: */
036: public class SingleSignOnEntry {
037: // ------------------------------------------------------ Instance Fields
038:
039: protected String authType = null;
040:
041: protected String password = null;
042:
043: protected Principal principal = null;
044:
045: protected Session sessions[] = new Session[0];
046:
047: protected String username = null;
048:
049: protected boolean canReauthenticate = false;
050:
051: // --------------------------------------------------------- Constructors
052:
053: /**
054: * Creates a new SingleSignOnEntry
055: *
056: * @param principal the <code>Principal</code> returned by the latest
057: * call to <code>Realm.authenticate</code>.
058: * @param authType the type of authenticator used (BASIC, CLIENT_CERT,
059: * DIGEST or FORM)
060: * @param username the username (if any) used for the authentication
061: * @param password the password (if any) used for the authentication
062: */
063: public SingleSignOnEntry(Principal principal, String authType,
064: String username, String password) {
065: super ();
066: updateCredentials(principal, authType, username, password);
067: }
068:
069: public SingleSignOnEntry() {
070: }
071:
072: // ------------------------------------------------------- Package Methods
073:
074: /**
075: * Adds a <code>Session</code> to the list of those associated with
076: * this SSO.
077: *
078: * @param sso The <code>SingleSignOn</code> valve that is managing
079: * the SSO session.
080: * @param session The <code>Session</code> being associated with the SSO.
081: */
082: public synchronized void addSession(SingleSignOn sso,
083: Session session) {
084: for (int i = 0; i < sessions.length; i++) {
085: if (session == sessions[i])
086: return;
087: }
088: Session results[] = new Session[sessions.length + 1];
089: System.arraycopy(sessions, 0, results, 0, sessions.length);
090: results[sessions.length] = session;
091: sessions = results;
092: session.addSessionListener(sso);
093: }
094:
095: /**
096: * Removes the given <code>Session</code> from the list of those
097: * associated with this SSO.
098: *
099: * @param session the <code>Session</code> to remove.
100: */
101: public synchronized void removeSession(Session session) {
102: Session[] nsessions = new Session[sessions.length - 1];
103: for (int i = 0, j = 0; i < sessions.length; i++) {
104: if (session == sessions[i])
105: continue;
106: nsessions[j++] = sessions[i];
107: }
108: sessions = nsessions;
109: }
110:
111: /**
112: * Returns the <code>Session</code>s associated with this SSO.
113: */
114: public synchronized Session[] findSessions() {
115: return (this .sessions);
116: }
117:
118: /**
119: * Gets the name of the authentication type originally used to authenticate
120: * the user associated with the SSO.
121: *
122: * @return "BASIC", "CLIENT_CERT", "DIGEST", "FORM" or "NONE"
123: */
124: public String getAuthType() {
125: return (this .authType);
126: }
127:
128: /**
129: * Gets whether the authentication type associated with the original
130: * authentication supports reauthentication.
131: *
132: * @return <code>true</code> if <code>getAuthType</code> returns
133: * "BASIC" or "FORM", <code>false</code> otherwise.
134: */
135: public boolean getCanReauthenticate() {
136: return (this .canReauthenticate);
137: }
138:
139: /**
140: * Gets the password credential (if any) associated with the SSO.
141: *
142: * @return the password credential associated with the SSO, or
143: * <code>null</code> if the original authentication type
144: * does not involve a password.
145: */
146: public String getPassword() {
147: return (this .password);
148: }
149:
150: /**
151: * Gets the <code>Principal</code> that has been authenticated by
152: * the SSO.
153: */
154: public Principal getPrincipal() {
155: return (this .principal);
156: }
157:
158: /**
159: * Gets the username provided by the user as part of the authentication
160: * process.
161: */
162: public String getUsername() {
163: return (this .username);
164: }
165:
166: /**
167: * Updates the SingleSignOnEntry to reflect the latest security
168: * information associated with the caller.
169: *
170: * @param principal the <code>Principal</code> returned by the latest
171: * call to <code>Realm.authenticate</code>.
172: * @param authType the type of authenticator used (BASIC, CLIENT_CERT,
173: * DIGEST or FORM)
174: * @param username the username (if any) used for the authentication
175: * @param password the password (if any) used for the authentication
176: */
177: public void updateCredentials(Principal principal, String authType,
178: String username, String password) {
179:
180: this.principal = principal;
181: this.authType = authType;
182: this.username = username;
183: this.password = password;
184: this.canReauthenticate = (Constants.BASIC_METHOD
185: .equals(authType) || Constants.FORM_METHOD
186: .equals(authType));
187: }
188:
189: }
|