View Javadoc

1   /* 
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    *
9    *     http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.security.impl;
18  
19  import java.security.Principal;
20  import java.sql.Date;
21  import java.util.ArrayList;
22  import java.util.HashSet;
23  import java.util.LinkedList;
24  import java.util.List;
25  import java.util.Set;
26  
27  import org.apache.jetspeed.security.AuthenticationProvider;
28  import org.apache.jetspeed.security.AuthenticationProviderProxy;
29  import org.apache.jetspeed.security.SecurityException;
30  import org.apache.jetspeed.security.UserPrincipal;
31  
32  /***
33   * @see org.apache.jetspeed.security.AuthenticationProviderProxy
34   * 
35   * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
36   */
37  public class AuthenticationProviderProxyImpl implements AuthenticationProviderProxy
38  {
39  
40      /*** The list of {@link AuthenticationProvider}. */
41      private List authenticationProviders = new ArrayList();
42  
43      /*** The default authentication provider name. */
44      private String defaultAuthenticationProvider = null;
45  
46      
47      /***
48       * <p>
49       * Constructor given a list of {@link AuthenticationProvider}.
50       * </p>
51       * 
52       * @param authenticationProviders The list of {@link AuthenticationProvider}.
53       * @param defaultAuthenticationProvider The default authentication provider name.
54       */
55      public AuthenticationProviderProxyImpl(List authenticationProviders, String defaultAuthenticationProvider)
56      {
57          this.authenticationProviders = authenticationProviders;
58          this.defaultAuthenticationProvider = defaultAuthenticationProvider;
59      }
60      
61      protected AuthenticationProvider getAuthenticationProviderByName(String providerName)
62      {
63          AuthenticationProvider provider = null;
64          
65          for (int i = 0; i < authenticationProviders.size(); i++)
66          {
67              provider = (AuthenticationProvider) authenticationProviders.get(i);
68              if (providerName.equals(provider.getProviderName()))
69              {
70                  break;
71              }
72              else
73              {
74                  provider = null;
75              }
76          }
77          return provider;
78      }
79      
80      /***
81       * @see org.apache.jetspeed.security.AuthenticationProviderProxy#getDefaultAuthenticationProvider()
82       */
83      public String getDefaultAuthenticationProvider()
84      {
85          return this.defaultAuthenticationProvider;
86      }
87      
88      
89      /***
90       * @see org.apache.jetspeed.security.AuthenticationProviderProxy#getAuthenticationProvider(java.lang.String)
91       */
92      public String getAuthenticationProvider(String userName)
93      {
94          AuthenticationProvider authenticationProvider;
95          String providerName = null;
96          
97          for (int i = 0; i < authenticationProviders.size(); i++)
98          {
99              authenticationProvider = (AuthenticationProvider)authenticationProviders.get(i);
100             if (authenticationProvider.getUserSecurityHandler().isUserPrincipal(userName))
101             {
102                 providerName = authenticationProvider.getProviderName();
103                 break;
104             }
105         }
106         return providerName;
107     }    
108     
109     /***
110      * @see org.apache.jetspeed.security.spi.UserSecurityHandler#isUserPrincipal(java.lang.String)
111      */
112     public boolean isUserPrincipal(String userName)
113     {
114         boolean exists = false;
115         
116         for (int i = 0; i < authenticationProviders.size(); i++)
117         {
118             exists = ((AuthenticationProvider)authenticationProviders.get(i)).getUserSecurityHandler().isUserPrincipal(userName);
119             if (exists)
120             {
121                 break;
122             }
123         }
124         return exists;
125     }
126     
127     
128     
129     /***
130      * @see org.apache.jetspeed.security.spi.UserSecurityHandler#getUserPrincipal(java.lang.String)
131      */
132     public Principal getUserPrincipal(String username)
133     {
134         Principal userPrincipal = null;
135         for (int i = 0; i < authenticationProviders.size(); i++)
136         {
137             userPrincipal = ((AuthenticationProvider)authenticationProviders.get(i)).getUserSecurityHandler().getUserPrincipal(username);
138             if (null != userPrincipal)
139             {
140                 break;
141             }
142         }
143         return userPrincipal;
144     }
145 
146     /***
147      * @see org.apache.jetspeed.security.spi.UserSecurityHandler#getUserPrincipals(java.lang.String)
148      */
149     public List getUserPrincipals(String filter)
150     {
151         List userPrincipals = new LinkedList();
152         for (int i = 0; i < authenticationProviders.size(); i++)
153         {
154             userPrincipals.addAll(((AuthenticationProvider)authenticationProviders.get(i)).getUserSecurityHandler().getUserPrincipals(filter));
155         }
156         return userPrincipals;
157     }
158 
159     /***
160      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#addUserPrincipal(org.apache.jetspeed.security.UserPrincipal,
161      *      java.lang.String)
162      */
163     public void addUserPrincipal(UserPrincipal userPrincipal, String authenticationProvider) throws SecurityException
164     {
165         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
166         if ( provider != null )
167         {
168             provider.getUserSecurityHandler().addUserPrincipal(userPrincipal);
169         }
170         else
171         {
172             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
173         }
174     }
175 
176     /***
177      * @see org.apache.jetspeed.security.spi.UserSecurityHandler#addUserPrincipal(org.apache.jetspeed.security.UserPrincipal)
178      */
179     public void addUserPrincipal(UserPrincipal userPrincipal) throws SecurityException
180     {
181         String providerName = getAuthenticationProvider(userPrincipal.getName());
182         if ( providerName == null )
183         {
184             addUserPrincipal(userPrincipal, defaultAuthenticationProvider);
185         }
186         else
187         {
188             addUserPrincipal(userPrincipal, providerName);
189         }
190     }
191 
192     /***
193      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#updateUserPrincipal(org.apache.jetspeed.security.UserPrincipal,
194      *      java.lang.String)
195      */
196     public void updateUserPrincipal(UserPrincipal userPrincipal, String authenticationProvider) throws SecurityException
197     {
198         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
199         if ( provider != null )
200         {
201             provider.getUserSecurityHandler().updateUserPrincipal(userPrincipal);
202         }
203         else
204         {
205             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
206         }
207     }
208 
209     /***
210      * @see org.apache.jetspeed.security.spi.UserSecurityHandler#updateUserPrincipal(org.apache.jetspeed.security.UserPrincipal)
211      */
212     public void updateUserPrincipal(UserPrincipal userPrincipal) throws SecurityException
213     {
214         String providerName = getAuthenticationProvider(userPrincipal.getName());
215         if ( providerName != null )
216         {
217             updateUserPrincipal(userPrincipal, providerName);
218         }
219         else
220         {
221             throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userPrincipal.getName()));
222         }
223     }
224 
225     /***
226      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#removeUserPrincipal(org.apache.jetspeed.security.UserPrincipal,
227      *      java.lang.String)
228      */
229     public void removeUserPrincipal(UserPrincipal userPrincipal, String authenticationProvider) throws SecurityException
230     {
231         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
232         if ( provider != null )
233         {
234             provider.getUserSecurityHandler().removeUserPrincipal(userPrincipal);
235         }
236         else
237         {
238             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
239         }
240     }
241 
242     /***
243      * @see org.apache.jetspeed.security.spi.UserSecurityHandler#removeUserPrincipal(org.apache.jetspeed.security.UserPrincipal)
244      */
245     public void removeUserPrincipal(UserPrincipal userPrincipal) throws SecurityException
246     {
247         String providerName = getAuthenticationProvider(userPrincipal.getName());
248         if ( providerName != null )
249         {
250             removeUserPrincipal(userPrincipal, providerName);
251         }
252     }
253 
254     /***
255      * @see org.apache.jetspeed.security.spi.CredentialHandler#getPublicCredentials(java.lang.String)
256      */
257     public Set getPublicCredentials(String username)
258     {
259         Set publicCredentials = new HashSet();
260         String providerName = getAuthenticationProvider(username);
261         if ( providerName != null )
262         {
263             AuthenticationProvider provider = getAuthenticationProviderByName(providerName);
264             publicCredentials.addAll(provider.getCredentialHandler().getPublicCredentials(username));
265         }
266         return publicCredentials;
267     }
268 
269     /***
270      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#setPassword(String, String, String, String)
271      */
272     public void setPassword(String userName, String oldPassword, String newPassword, String authenticationProvider) throws SecurityException
273     {
274         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
275         if ( provider != null )
276         {
277             provider.getCredentialHandler().setPassword(userName,oldPassword,newPassword);
278         }
279         else
280         {
281             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
282         }
283     }
284 
285     /***
286      * @see org.apache.jetspeed.security.spi.CredentialHandler#setPassword(java.lang.String,java.lang.String,java.lang.String)
287      */
288     public void setPassword(String userName, String oldPassword, String newPassword) throws SecurityException
289     {
290         String providerName = getAuthenticationProvider(userName);
291         if ( providerName != null )
292         {
293             setPassword(userName, oldPassword, newPassword, providerName);
294         }
295         else
296         {
297             throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userName));
298         }
299     }
300 
301     
302     /***
303      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#importPassword(String, String, String, String)
304      */
305     public void importPassword(String userName, String newPassword, String authenticationProvider) throws SecurityException
306     {
307         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
308         if ( provider != null )
309         {
310             provider.getCredentialHandler().importPassword(userName,newPassword);
311         }
312         else
313         {
314             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
315         }
316     }
317 
318     /***
319      * @see org.apache.jetspeed.security.spi.CredentialHandler#importPassword(java.lang.String,java.lang.String,java.lang.String)
320      */
321     public void importPassword(String userName, String newPassword) throws SecurityException
322     {
323         String providerName = getAuthenticationProvider(userName);
324         if ( providerName != null )
325         {
326             importPassword(userName, newPassword, providerName);
327         }
328         else
329         {
330             throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userName));
331         }
332     }
333     
334     
335     /***
336      * @see org.apache.jetspeed.security.spi.CredentialHandler#getPrivateCredentials(java.lang.String)
337      */
338     public Set getPrivateCredentials(String username)
339     {
340         Set privateCredentials = new HashSet();
341         String providerName = getAuthenticationProvider(username);
342         if ( providerName != null )
343         {
344             AuthenticationProvider provider = getAuthenticationProviderByName(providerName);
345             privateCredentials.addAll(provider.getCredentialHandler().getPrivateCredentials(username));
346         }
347         return privateCredentials;
348     }    
349     
350     /***
351      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#setPasswordEnabled(java.lang.String, boolean, java.lang.String)
352      */
353     public void setPasswordEnabled(String userName, boolean enabled, String authenticationProvider)
354             throws SecurityException
355     {
356         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
357         if ( provider != null )
358         {
359             provider.getCredentialHandler().setPasswordEnabled(userName,enabled);
360         }
361         else
362         {
363             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
364         }
365     }
366 
367     /***
368      * @see org.apache.jetspeed.security.spi.CredentialHandler#setPasswordEnabled(java.lang.String, boolean)
369      */
370     public void setPasswordEnabled(String userName, boolean enabled) throws SecurityException
371     {
372         String providerName = getAuthenticationProvider(userName);
373         if ( providerName != null )
374         {
375             setPasswordEnabled(userName, enabled, providerName);
376         }
377         else
378         {
379             throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userName));
380         }
381     }
382 
383     /***
384      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#setPasswordUpdateRequired(java.lang.String, boolean, java.lang.String)
385      */
386     public void setPasswordUpdateRequired(String userName, boolean updateRequired, String authenticationProvider)
387             throws SecurityException
388     {
389         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
390         if ( provider != null )
391         {
392             provider.getCredentialHandler().setPasswordUpdateRequired(userName,updateRequired);
393         }
394         else
395         {
396             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
397         }
398     }
399 
400     /***
401      * @see org.apache.jetspeed.security.spi.CredentialHandler#setPasswordUpdateRequired(java.lang.String, boolean)
402      */
403     public void setPasswordUpdateRequired(String userName, boolean updateRequired) throws SecurityException
404     {
405         String providerName = getAuthenticationProvider(userName);
406         if ( providerName != null )
407         {
408             setPasswordUpdateRequired(userName, updateRequired, providerName);
409         }
410         else
411         {
412             throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userName));
413         }
414     }
415 
416     /***
417      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#setPasswordExpiration(java.lang.String, java.sql.Date, java.lang.String)
418      */
419     public void setPasswordExpiration(String userName, Date expirationDate, String authenticationProvider) throws SecurityException
420     {
421         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
422         if ( provider != null )
423         {
424             provider.getCredentialHandler().setPasswordExpiration(userName,expirationDate);
425         }
426         else
427         {
428             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
429         }
430     }
431 
432     /***
433      * @see org.apache.jetspeed.security.spi.CredentialHandler#setPasswordExpiration(java.lang.String, java.sql.Date)
434      */
435     public void setPasswordExpiration(String userName, Date expirationDate) throws SecurityException
436     {
437         String providerName = getAuthenticationProvider(userName);
438         if ( providerName != null )
439         {
440             setPasswordExpiration(userName, expirationDate, providerName);
441         }
442         else
443         {
444             throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userName));
445         }
446     }
447 
448     /***
449      * @see org.apache.jetspeed.security.AuthenticationProviderProxy#authenticate(String, String, String)
450      */
451     public boolean authenticate(String userName, String password, String authenticationProvider) throws SecurityException
452     {
453         AuthenticationProvider provider = getAuthenticationProviderByName(authenticationProvider);
454         if ( provider != null )
455         {
456             return provider.getCredentialHandler().authenticate(userName, password);
457         }
458         else
459         {
460             throw new SecurityException(SecurityException.INVALID_AUTHENTICATION_PROVIDER.create(authenticationProvider));
461         }
462     }
463 
464     /***
465      * @see org.apache.jetspeed.security.spi.CredentialHandler#authenticate(java.lang.String, java.lang.String)
466      */
467     public boolean authenticate(String userName, String password) throws SecurityException
468     {
469         String providerName = getAuthenticationProvider(userName);
470         if ( providerName != null )
471         {
472             return authenticate(userName, password, providerName);
473         }
474         else
475         {
476             throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(userName));
477         }
478     }
479 }