| %line | %branch | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| org.apache.jetspeed.security.spi.impl.LdapCredentialHandler |
|
|
| 1 | /* |
|
| 2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
| 3 | * contributor license agreements. See the NOTICE file distributed with |
|
| 4 | * this work for additional information regarding copyright ownership. |
|
| 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
| 6 | * (the "License"); you may not use this file except in compliance with |
|
| 7 | * the License. You may obtain a copy of the License at |
|
| 8 | * |
|
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
| 10 | * |
|
| 11 | * Unless required by applicable law or agreed to in writing, software |
|
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
| 14 | * See the License for the specific language governing permissions and |
|
| 15 | * limitations under the License. |
|
| 16 | */ |
|
| 17 | package org.apache.jetspeed.security.spi.impl; |
|
| 18 | ||
| 19 | import java.sql.Date; |
|
| 20 | import java.util.HashSet; |
|
| 21 | import java.util.Set; |
|
| 22 | ||
| 23 | import javax.naming.NamingException; |
|
| 24 | ||
| 25 | import org.apache.commons.lang.StringUtils; |
|
| 26 | import org.apache.commons.logging.Log; |
|
| 27 | import org.apache.commons.logging.LogFactory; |
|
| 28 | import org.apache.jetspeed.security.PasswordCredential; |
|
| 29 | import org.apache.jetspeed.security.SecurityException; |
|
| 30 | import org.apache.jetspeed.security.spi.CredentialHandler; |
|
| 31 | import org.apache.jetspeed.security.spi.impl.ldap.LdapUserCredentialDao; |
|
| 32 | import org.apache.jetspeed.security.spi.impl.ldap.LdapUserCredentialDaoImpl; |
|
| 33 | ||
| 34 | /** |
|
| 35 | * @see org.apache.jetspeed.security.spi.CredentialHandler |
|
| 36 | * |
|
| 37 | * @author <a href="mailto:mike.long@dataline.com">Mike Long</a> |
|
| 38 | */ |
|
| 39 | public class LdapCredentialHandler implements CredentialHandler |
|
| 40 | { |
|
| 41 | /** The logger. */ |
|
| 42 | 0 | private static final Log LOG = LogFactory.getLog(LdapCredentialHandler.class); |
| 43 | ||
| 44 | /** The {@link LdapUserCredentialDao}. */ |
|
| 45 | private LdapUserCredentialDao ldap; |
|
| 46 | ||
| 47 | /** |
|
| 48 | * <p> |
|
| 49 | * Default constructor. |
|
| 50 | * </p> |
|
| 51 | */ |
|
| 52 | public LdapCredentialHandler() throws NamingException, SecurityException |
|
| 53 | { |
|
| 54 | 0 | this(new LdapUserCredentialDaoImpl()); |
| 55 | 0 | } |
| 56 | ||
| 57 | /** |
|
| 58 | * <p> |
|
| 59 | * Constructor given a {@link LdapUserCredentialDao}. |
|
| 60 | * </p> |
|
| 61 | * |
|
| 62 | * @param ldap The {@link LdapUserCredentialDao}. |
|
| 63 | * @throws NamingException A {@link NamingException}. |
|
| 64 | * @throws SecurityException A {@link SecurityException}. |
|
| 65 | */ |
|
| 66 | public LdapCredentialHandler(LdapUserCredentialDao ldap) throws NamingException, SecurityException |
|
| 67 | 0 | { |
| 68 | 0 | this.ldap = ldap; |
| 69 | 0 | } |
| 70 | ||
| 71 | /** |
|
| 72 | * @see org.apache.jetspeed.security.spi.CredentialHandler#getPublicCredentials(java.lang.String) |
|
| 73 | */ |
|
| 74 | public Set getPublicCredentials(String username) |
|
| 75 | { |
|
| 76 | 0 | return new HashSet(); |
| 77 | } |
|
| 78 | ||
| 79 | /** |
|
| 80 | * @see org.apache.jetspeed.security.spi.CredentialHandler#getPrivateCredentials(java.lang.String) |
|
| 81 | */ |
|
| 82 | public Set getPrivateCredentials(String uid) |
|
| 83 | { |
|
| 84 | 0 | Set privateCredentials = new HashSet(); |
| 85 | ||
| 86 | try |
|
| 87 | { |
|
| 88 | 0 | privateCredentials.add(new DefaultPasswordCredentialImpl(uid, ldap.getPassword(uid))); |
| 89 | } |
|
| 90 | 0 | catch (SecurityException e) |
| 91 | { |
|
| 92 | 0 | logSecurityException(e, uid); |
| 93 | 0 | } |
| 94 | ||
| 95 | 0 | return privateCredentials; |
| 96 | } |
|
| 97 | ||
| 98 | private void logSecurityException(SecurityException e, String uid) |
|
| 99 | { |
|
| 100 | 0 | if (LOG.isErrorEnabled()) |
| 101 | { |
|
| 102 | 0 | LOG.error("Failure creating a PasswordCredential for InternalCredential uid:" + uid, e); |
| 103 | } |
|
| 104 | 0 | } |
| 105 | ||
| 106 | ||
| 107 | /** |
|
| 108 | * @see org.apache.jetspeed.security.spi.CredentialHandler#importPassword(java.lang.String,java.lang.String) |
|
| 109 | */ |
|
| 110 | public void importPassword(String uid, String newPassword) throws SecurityException |
|
| 111 | { |
|
| 112 | 0 | ldap.changePassword(uid, newPassword); |
| 113 | 0 | } |
| 114 | ||
| 115 | /** |
|
| 116 | * <p> |
|
| 117 | * Adds or updates a private password credential. <br> |
|
| 118 | * If <code>oldPassword</code> is not null, the oldPassword will first be |
|
| 119 | * checked (authenticated). <br> |
|
| 120 | * </p> |
|
| 121 | * |
|
| 122 | * @param uid The LDAP uid attribute. |
|
| 123 | * @param oldPassword The old {@link PasswordCredential}. |
|
| 124 | * @param newPassword The new {@link PasswordCredential}. |
|
| 125 | * @throws SecurityException when the lookup fails because the user does not |
|
| 126 | * exist or the non-null password is not correct. Throws a |
|
| 127 | * {@link SecurityException}. |
|
| 128 | */ |
|
| 129 | public void setPassword(String uid, String oldPassword, String newPassword) throws SecurityException |
|
| 130 | { |
|
| 131 | 0 | validate(uid, newPassword); |
| 132 | ||
| 133 | 0 | if (!StringUtils.isEmpty(oldPassword)) |
| 134 | { |
|
| 135 | 0 | ldap.authenticate(uid, oldPassword); |
| 136 | } |
|
| 137 | ||
| 138 | 0 | ldap.changePassword(uid, newPassword); |
| 139 | 0 | } |
| 140 | ||
| 141 | /** |
|
| 142 | * @see org.apache.jetspeed.security.spi.CredentialHandler#setPasswordEnabled(java.lang.String, |
|
| 143 | * boolean) |
|
| 144 | */ |
|
| 145 | public void setPasswordEnabled(String userName, boolean enabled) throws SecurityException |
|
| 146 | { |
|
| 147 | // TODO Implement this. |
|
| 148 | 0 | } |
| 149 | ||
| 150 | /** |
|
| 151 | * @see org.apache.jetspeed.security.spi.CredentialHandler#setPasswordUpdateRequired(java.lang.String, |
|
| 152 | * boolean) |
|
| 153 | */ |
|
| 154 | public void setPasswordUpdateRequired(String userName, boolean updateRequired) throws SecurityException |
|
| 155 | { |
|
| 156 | // TODO Implement this. |
|
| 157 | 0 | } |
| 158 | ||
| 159 | /** |
|
| 160 | * @see org.apache.jetspeed.security.spi.CredentialHandler#setPasswordExpiration(java.lang.String, java.sql.Date) |
|
| 161 | */ |
|
| 162 | public void setPasswordExpiration(String userName, Date expirationDate) throws SecurityException |
|
| 163 | { |
|
| 164 | // TODO Implement this |
|
| 165 | ||
| 166 | 0 | } |
| 167 | ||
| 168 | /** |
|
| 169 | * @see org.apache.jetspeed.security.spi.CredentialHandler#authenticate(java.lang.String, java.lang.String) |
|
| 170 | */ |
|
| 171 | public boolean authenticate(String uid, String password) throws SecurityException |
|
| 172 | { |
|
| 173 | 0 | validate(uid, password); |
| 174 | ||
| 175 | 0 | return ldap.authenticate(uid, password); |
| 176 | } |
|
| 177 | ||
| 178 | /** |
|
| 179 | * <p> |
|
| 180 | * Validates the uid. |
|
| 181 | * </p> |
|
| 182 | * |
|
| 183 | * @param uid The uid. |
|
| 184 | * @param password The password. |
|
| 185 | * @throws SecurityException Throws a {@link SecurityException}. |
|
| 186 | */ |
|
| 187 | private void validate(String uid, String password) throws SecurityException |
|
| 188 | { |
|
| 189 | 0 | if (StringUtils.isEmpty(password)) |
| 190 | { |
|
| 191 | 0 | throw new SecurityException(SecurityException.EMPTY_PARAMETER.create("password")); |
| 192 | } |
|
| 193 | ||
| 194 | 0 | if (StringUtils.isEmpty(uid)) |
| 195 | { |
|
| 196 | 0 | throw new SecurityException(SecurityException.EMPTY_PARAMETER.create("uid")); |
| 197 | } |
|
| 198 | 0 | } |
| 199 | } |
| This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |