Package org.xmlBlaster.authentication.plugins.ldap

Source Code of org.xmlBlaster.authentication.plugins.ldap.Session

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
package org.xmlBlaster.authentication.plugins.ldap;

import org.xmlBlaster.authentication.plugins.CryptDataHolder;
import org.xmlBlaster.authentication.plugins.DataHolder;
import org.xmlBlaster.authentication.plugins.I_Manager;
import org.xmlBlaster.authentication.plugins.I_Session;
import org.xmlBlaster.authentication.plugins.I_Subject;
import org.xmlBlaster.authentication.plugins.I_SecurityQos;
import org.xmlBlaster.authentication.plugins.SessionHolder;
import org.xmlBlaster.engine.qos.ConnectQosServer;
import org.xmlBlaster.util.XmlBlasterException;
import org.xmlBlaster.util.def.MethodName;
import org.xmlBlaster.util.def.ErrorCode;
import org.xmlBlaster.util.MsgUnitRaw;

import java.util.Map;
import java.util.logging.Logger;
import java.util.logging.Level;


/**
* This implements the session AND the subject interface in the same class.
*
* @author <a href="mailto:xmlBlaster@marcelruff.info">Marcel Ruff</a>.
* @see org.xmlBlaster.authentication.plugins.ldap.LdapGateway
*/
public class Session implements I_Session, I_Subject {
   private static final String ME = "Session";

   protected final Manager secMgr;
   private static Logger log = Logger.getLogger(Session.class.getName());
   protected String sessionId;
   protected boolean authenticated = false;

   protected final LdapGateway ldap;

   protected String loginName;

   public Session(Manager sm, String sessionId) throws XmlBlasterException {
      this.secMgr = sm;

      this.sessionId = sessionId;
      final String serverUrl = sm.getGlobal().getProperty().get("ldap.serverUrl", "ldap://localhost:389/o=xmlBlaster,c=ORG");
      final String rootDN = sm.getGlobal().getProperty().get("ldap.rootDN", "cn=Manager,o=xmlBlaster,c=ORG");
      final String rootPwd =  sm.getGlobal().getProperty().get("ldap.rootPwd", "secret");
      final String loginFieldName = sm.getGlobal().getProperty().get("ldap.loginFieldName", "cn");

      log.info("Initializing LDAP access on ldap.serverUrl='" + serverUrl + "' with rootdn='" + rootDN  + "'. The unique uid field name in ldap should be '" + loginFieldName + "'.");
      ldap = new LdapGateway(this.secMgr.getGlobal(), serverUrl, rootDN, rootPwd, loginFieldName);
   }

   /**
  * @see I_Session#init(ConnectQosServer, Map)
  */
   public ConnectQosServer init(ConnectQosServer connectQos, Map map) throws XmlBlasterException {
      //this.connectQos = connectQos;
      return connectQos;
   }

   public String init(I_SecurityQos securityQos) throws XmlBlasterException {
      authenticated = false;

      this.loginName = securityQos.getUserId();
      String passwd = securityQos.getCredential();

      if (log.isLoggable(Level.FINE)) log.fine("Checking password ...");
      authenticated = ldap.checkPassword(this.loginName, passwd);
      if (log.isLoggable(Level.FINE)) log.fine("The password" /*+ passwd */+ " for cn=" + this.loginName + " is " + ((authenticated)?"":" NOT ") + " valid.");

      if (authenticated == false)
         throw new XmlBlasterException(this.secMgr.getGlobal(), ErrorCode.USER_SECURITY_AUTHENTICATION_ACCESSDENIED, ME,
                    "Authentication of user " + getName() + " failed, no authentication from LDAP server.");

      return null; // no extra information
   }

   /**
    * @see I_Session#verify(I_SecurityQos)
    */
   public boolean verify(I_SecurityQos securityQos) {
      if (!this.authenticated)
         return false;

      try {
         return ldap.checkPassword(securityQos.getUserId(), securityQos.getCredential());
      }
      catch (XmlBlasterException e) {
         return false;
      }
   }

   public String getName() {
      return this.loginName;
   }

   public boolean isAuthorized(SessionHolder sessionHolder, DataHolder dataHolder) {
      if (authenticated == false) {
         log.warning("Authentication of user " + getName() + " failed");
         return false;
      }
     
      MethodName action = dataHolder.getAction();
      String key = dataHolder.getKeyOid();

      log.warning("No authorization check for action='" + action + "' on key='" +key + "' is implemented, access generously granted.");
      return true;
   }

   public void changeSecretSessionId(String sessionId) throws XmlBlasterException {
      if(this.sessionId.endsWith(sessionId)) return;
      synchronized(sessionId) {
         this.secMgr.changeSecretSessionId(this.sessionId, sessionId);
         this.sessionId = sessionId;
      }
   }

   public String getSecretSessionId() {
      return sessionId;
   }

   public I_Subject getSubject() {
      return this;
   }

   public I_Manager getManager() {
      return this.secMgr;
   }

   public MsgUnitRaw importMessage(CryptDataHolder dataHolder) throws XmlBlasterException {
      return dataHolder.getMsgUnitRaw();
   }

   public MsgUnitRaw exportMessage(CryptDataHolder dataHolder) throws XmlBlasterException {
      return dataHolder.getMsgUnitRaw();
   }
}
TOP

Related Classes of org.xmlBlaster.authentication.plugins.ldap.Session

  • org.xmlBlaster.util.def.MethodName
  • org.xmlBlaster.util.XmlBlasterException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.