View Javadoc

1   /*
2    * Copyright 2001-2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.apache.juddi.auth;
17  
18  import java.io.FileInputStream;
19  import java.io.IOException;
20  import java.io.InputStream;
21  import java.util.Enumeration;
22  import java.util.Hashtable;
23  
24  import javax.xml.parsers.ParserConfigurationException;
25  import javax.xml.parsers.SAXParserFactory;
26  
27  import org.apache.commons.logging.Log;
28  import org.apache.commons.logging.LogFactory;
29  import org.apache.juddi.error.RegistryException;
30  import org.apache.juddi.error.UnknownUserException;
31  import org.apache.juddi.util.Config;
32  import org.xml.sax.Attributes;
33  import org.xml.sax.ContentHandler;
34  import org.xml.sax.ErrorHandler;
35  import org.xml.sax.InputSource;
36  import org.xml.sax.SAXException;
37  import org.xml.sax.SAXParseException;
38  import org.xml.sax.XMLReader;
39  
40  /***
41   * This is a simple implementation of jUDDI's Authenticator interface. The credential
42   * store is simply an unencrypted xml document called 'juddi.users' that can be
43   * found in jUDDI's config directory. Below is an example of what you might find
44   * in this document.
45   *
46   *     Example juddi.users document:
47   *     =============================
48   *     <?xml version="1.0" encoding="UTF-8"?>
49   *     <juddi-users>
50   *       <user userid="sviens" password="password" />
51   *       <user userid="griddell" password="password" />
52   *       <user userid="bhablutzel" password="password" />
53   *     </juddi-users>
54   *
55   * @author Steve Viens (sviens@apache.org)
56   */
57  public class XMLDocAuthenticator implements ContentHandler, ErrorHandler, Authenticator
58  {
59    // private reference to the jUDDI logger
60    private static Log log = LogFactory.getLog(XMLDocAuthenticator.class);
61  
62    // static default juddi users file name
63    private static final String FILE_NAME_KEY = "juddi.users";
64    private static final String DEFAULT_FILE_NAME = "juddi-users.xml";
65  
66    // hashtable of UserInfo objects
67    Hashtable userTable;
68  
69    class UserInfo
70    {
71      public String userid;
72      public String password;
73  
74      public String toString()
75      {
76        StringBuffer buff = new StringBuffer(75);
77        buff.append(userid);
78        buff.append(" | ");
79        buff.append(password);
80        return buff.toString();
81      }
82    }
83  
84    /***
85     *
86     */
87    public XMLDocAuthenticator()
88    {
89      init();
90    }
91  
92    /***
93     * Perform auth initialization tasks
94     */
95    public synchronized void init()
96    {
97      // create and populate a Hashtable of UserInfo objects (one per user)
98      try {
99        userTable = new Hashtable();
100 
101       String usersFileName =
102         Config.getStringProperty(FILE_NAME_KEY,DEFAULT_FILE_NAME);
103 
104       log.info("Using jUDDI Users File: "+usersFileName);
105 
106       build(new FileInputStream(usersFileName));
107     }
108     catch (IOException ioex) {
109       ioex.printStackTrace();
110     }
111     catch (SAXException saxex) {
112       saxex.printStackTrace();
113     }
114     catch (ParserConfigurationException pcex) {
115       pcex.printStackTrace();
116     }
117   }
118 
119   /***
120    *
121    */
122   public String authenticate(String userID,String credential)
123     throws RegistryException
124   {
125     // a userID must be specified.
126     if (userID == null)
127       throw new UnknownUserException("Invalid user ID = "+userID);
128 
129     // credential (password) must be specified.
130     if (credential == null)
131       throw new UnknownUserException("Invalid credentials");
132 
133     if (userTable.containsKey(userID))
134     {
135       UserInfo userInfo = (UserInfo)userTable.get(userID);
136       if ((userInfo.password == null) || (!credential.equals(userInfo.password)))
137          throw new UnknownUserException("Invalid credentials");
138     }
139     else
140       throw new UnknownUserException("Invalid user ID: "+userID);
141 
142     return userID;
143   }
144 
145   /***
146    *
147    */
148   public String toString()
149   {
150     StringBuffer buff = new StringBuffer(100);
151 
152     Enumeration e = userTable.keys();
153     while (e.hasMoreElements())
154     {
155       UserInfo userInfo = (UserInfo)userTable.get(e.nextElement());
156       buff.append(userInfo.toString()+"\n");
157     }
158 
159     return buff.toString();
160   }
161 
162   /***
163    *
164    */
165   Hashtable build(InputStream istream)
166     throws ParserConfigurationException,SAXException,IOException
167   {
168     SAXParserFactory spf = SAXParserFactory.newInstance();
169     spf.setNamespaceAware(true);
170 
171     XMLReader xr = spf.newSAXParser().getXMLReader();
172     xr.setContentHandler(this);
173     xr.setErrorHandler(this);
174     xr.parse(new InputSource(istream));
175 
176     return (Hashtable)this.getObject();
177   }
178 
179   /***
180    * handle setDocumentLocator event
181    */
182   public void setDocumentLocator(org.xml.sax.Locator locator)
183   {
184   }
185 
186   /***
187    * handle startDocument event
188    */
189   public void startDocument()
190     throws SAXException
191   {
192   }
193 
194   /***
195    * handle endDocument event
196    */
197   public void endDocument()
198     throws SAXException
199   {
200   }
201 
202   /***
203    * handle startElement event
204    */
205   public void startElement(String uri,String name,String qName,Attributes attributes)
206     throws SAXException
207   {
208     if (name.equalsIgnoreCase("user"))
209     {
210       UserInfo userInfo = new UserInfo();
211 
212       for(int i=0; i<attributes.getLength(); i++)
213       {
214         if (attributes.getQName(i).equalsIgnoreCase("userid"))
215           userInfo.userid = attributes.getValue(i);
216         else if (attributes.getQName(i).equalsIgnoreCase("password"))
217           userInfo.password = attributes.getValue(i);
218       }
219 
220       userTable.put(userInfo.userid,userInfo);
221     }
222   }
223 
224   /***
225    * handle endElement event
226    */
227   public void endElement(String name,String string2,String string3)
228     throws SAXException
229   {
230   }
231 
232   /***
233    * handle characters event
234    */
235   public void characters(char[] chars,int int1, int int2)
236     throws SAXException
237   {
238   }
239 
240   /***
241    * handle ignorableWhitespace event
242    */
243   public void ignorableWhitespace(char[] chars,int int1, int int2)
244     throws SAXException
245   {
246   }
247 
248   /***
249    * handle processingInstruction event
250    */
251   public void processingInstruction(String string1,String string2)
252     throws SAXException
253   {
254   }
255 
256   /***
257    * handle startPrefixMapping event
258    */
259   public void startPrefixMapping(String string1,String string2)
260     throws SAXException
261   {
262   }
263 
264   /***
265    * handle endPrefixMapping event
266    */
267   public void endPrefixMapping(String string)
268     throws SAXException
269   {
270   }
271 
272   /***
273    * handle skippedEntity event
274    */
275   public void skippedEntity(String string)
276     throws SAXException
277   {
278   }
279 
280   /***
281    * handle warning event
282    */
283   public void warning(SAXParseException spex)
284     throws SAXException
285   {
286   }
287 
288   /***
289    * handle error event
290    */
291   public void error(SAXParseException spex)
292     throws SAXException
293   {
294   }
295 
296   /***
297    * handle fatalError event
298    */
299   public void fatalError(SAXParseException spex)
300     throws SAXException
301   {
302   }
303 
304   /***
305    * Retrieve the object built by the handling of SAX events.
306    */
307   Object getObject()
308   {
309     return this.userTable;
310   }
311 
312 
313   /****************************************************************************/
314   /****************************** TEST DRIVER *********************************/
315   /****************************************************************************/
316 
317 
318   public static void main(String[] args)
319     throws Exception
320   {
321     Authenticator auth = new XMLDocAuthenticator();
322 
323     try {
324       System.out.print("anou_mana/password: ");
325       auth.authenticate("anou_mana","password");
326       System.out.println("successfully authenticated");
327     }
328     catch(Exception ex) {
329       System.out.println(ex.getMessage());
330     }
331 
332     try {
333       System.out.print("anou_mana/badpass: ");
334       auth.authenticate("anou_mana","badpass");
335       System.out.println("successfully authenticated");
336     }
337     catch(Exception ex) {
338       System.out.println(ex.getMessage());
339     }
340 
341     try {
342       System.out.print("bozo/clown: ");
343       auth.authenticate("bozo","clown");
344       System.out.println("successfully authenticated");
345     }
346     catch(Exception ex) {
347       System.out.println(ex.getMessage());
348     }
349 
350     try {
351       System.out.print("sviens/password: ");
352       auth.authenticate("sviens","password");
353       System.out.println("successfully authenticated");
354     }
355     catch(Exception ex) {
356       System.out.println(ex.getMessage());
357     }
358   }
359 }