defaultuserdatabase.java

这是linux下ssl vpn的实现程序

/*
 *  SSL-Explorer
 *
 *  Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
 *
 *  This program is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU General Public License
 *  as published by the Free Software Foundation; either version 2 of
 *  the License, or (at your option) any later version.
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public
 *  License along with this program; if not, write to the Free Software
 *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
			
package com.sslexplorer.security;

import java.io.File;
import java.sql.ResultSet;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.prefs.Preferences;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.sslexplorer.boot.ContextHolder;
import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.core.CoreUtil;
import com.sslexplorer.jdbc.DBUpgrader;
import com.sslexplorer.jdbc.JDBCDatabaseEngine;
import com.sslexplorer.jdbc.JDBCPreparedStatement;
import com.sslexplorer.properties.DefinitionComparator;

/**
 * Default implementation of a {@link com.sslexplorer.security.UserDatabase}
 * that amongst other things provides the methods for storing user attributes
 * and user attribute definitions in a JDBC database.
 * 
 * @author Brett Smith <a href="mailto: brett@3sp.com">&lt;brett@3sp.com&gt;</a>
 * @version $Revision: 1.17 $
 */
public abstract class DefaultUserDatabase implements UserDatabase {
    static Log log = LogFactory.getLog(DefaultUserDatabase.class);

    // Private instance variables

    private JDBCDatabaseEngine attributesDb;
    protected boolean open;
    protected String description;
    protected boolean supportsAccountCreation;
    protected boolean supportsPasswordChange;
    private int installationPropertyCategory;
    protected Map userAttributeDefinitions;

    /**
     * Constructor.
     * 
     * @param description description
     * @param supportsAccountCreation true if concrete user database supports
     *        account creation
     * @param supportsPasswordChange true if concrete user database supports
     *        password changing
     * @param installationPropertyCategory category ID to use to properties or
     *        -1 for none
     */
    public DefaultUserDatabase(String description, boolean supportsAccountCreation, boolean supportsPasswordChange,
                    int installationPropertyCategory) {
        this.description = description;
        this.supportsAccountCreation = supportsAccountCreation;
        this.supportsPasswordChange = supportsPasswordChange;
        this.installationPropertyCategory = installationPropertyCategory;
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#supportsPasswordChange()
     */
    public boolean supportsPasswordChange() {
        return supportsPasswordChange;
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#supportsAccountCreation()
     */
    public boolean supportsAccountCreation() {
        return supportsAccountCreation;
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#getDatabaseDescription()
     */
    public String getDatabaseDescription() {
        return description;
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.core.Database#open(com.sslexplorer.core.CoreServlet)
     */
    public void open(CoreServlet controllingServlet) throws Exception {
        String dbName = System.getProperty("sslexplorer.userAttributesDatabase.jdbc.dbName", "explorer_configuration");
        controllingServlet.addDatabase(dbName);
        File upgradeDir = new File("install/upgrade");
        String jdbcUser = System.getProperty("sslexplorer.jdbc.username", "sa");
        String jdbcPassword = System.getProperty("sslexplorer.jdbc.password", "");
        String vendorDB = System.getProperty("sslexplorer.jdbc.vendorClass", "com.sslexplorer.jdbc.hsqldb.HSQLDBDatabaseEngine");
        if (log.isInfoEnabled()) {
        	log.info("User Attribute Database is being opened...");
        	log.info("JDBC vendor class implementation is " + vendorDB);
        }
        attributesDb = (JDBCDatabaseEngine) Class.forName(vendorDB).newInstance();
        attributesDb.init("userAttributesDatabase", dbName, jdbcUser, jdbcPassword, null);
        DBUpgrader upgrader = new DBUpgrader(ContextHolder.getContext()
                        .getVersion(), attributesDb, ContextHolder.getContext().getDBDirectory(), upgradeDir);
        upgrader.upgrade();
        loadUserAttributeDefinitions();
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.core.Database#close()
     */
    public void close() throws Exception {
        open = false;
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#changePassword(java.lang.String,
     *      java.lang.String, boolean)
     */
    public void changePassword(String username, String password, boolean forcePasswordChangeAtLogon) throws UserDatabaseException,
                    InvalidLoginCredentialsException {
        if (!supportsPasswordChange()) {
            throw new InvalidLoginCredentialsException("Database doesn't support password change.");
        }
        throw new InvalidLoginCredentialsException(
                        "User database is not read-only, but the changePassword() method has not been implemented");
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#createAccount(java.lang.String,
     *      java.lang.String, java.lang.String, java.lang.String,
     *      com.sslexplorer.security.Role[], java.util.Properties)
     */
    public User createAccount(String username, String password, String email, String fullname, Role[] roles, Properties attributes)
                    throws Exception {
        if (!supportsAccountCreation()) {
            throw new Exception("User database is read-only");
        }
        throw new Exception("User database is not read-only, but the createAccount() method has not been implemented");
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#getUsersInRole(com.sslexplorer.security.Role)
     */
    public User[] getUsersInRole(Role role) throws Exception {
        return CoreUtil.getUsersInRole(role, this);
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#updateAccount(com.sslexplorer.security.User,
     *      java.lang.String, java.lang.String, com.sslexplorer.security.Role[],
     *      java.util.Properties)
     */
    public void updateAccount(User user, String email, String fullname, Role[] roles, Properties attributes) throws Exception {
        if (!supportsAccountCreation()) {
            throw new Exception("User database is read-only");
        }
        throw new Exception("User database is not read-only, but the updateAccount() method has not been implemented");
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#deleteAccount(com.sslexplorer.security.User)
     */
    public void deleteAccount(User user) throws Exception {
        if (!supportsAccountCreation()) {
            throw new Exception("User database is read-only");
        }
        throw new Exception("User database is not read-only, but the deleteAccount() method has not been implemented");
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#createRole(java.lang.String)
     */
    public Role createRole(String rolename) throws Exception {
        if (!supportsAccountCreation()) {
            throw new Exception("User database is read-only");
        }
        throw new Exception("User database is not read-only, but the createRole() method has not been implemented");
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#deleteRole(java.lang.String)
     */
    public void deleteRole(String rolename) throws Exception {
        if (!supportsAccountCreation()) {
            throw new Exception("User database is read-only");
        }
        throw new Exception("User database is not read-only, but the deleteRole() method has not been implemented");
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.core.Database#cleanup()
     */
    public void cleanup() throws Exception {
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#getInstallationPropertyCategory()
     */
    public int getInstallationPropertyCategory() {
        return installationPropertyCategory;
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#isOpen()
     */
    public boolean isOpen() {
        return open;
    }

    /*
     * (non-Javadoc)
     * 
     * @see com.sslexplorer.security.UserDatabase#updateAttributes(java.lang.String,
     *      java.util.Properties)
     */
    public void updateAttributes(String principalName, Properties attributes) throws Exception {
        JDBCPreparedStatement ps = attributesDb.getStatement("updateAttributes.delete");