passwdmembershipservice.java

jxta_src_2.41b jxta 2.41b 最新版源码 from www.jxta.org

/*
 * Copyright (c) 2001 Sun Microsystems, Inc.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. The end-user documentation included with the redistribution,
 *    if any, must include the following acknowledgment:
 *       "This product includes software developed by the
 *       Sun Microsystems, Inc. for Project JXTA."
 *    Alternately, this acknowledgment may appear in the software itself,
 *    if and wherever such third-party acknowledgments normally appear.
 *
 * 4. The names "Sun", "Sun Microsystems, Inc.", "JXTA" and "Project JXTA"
 *    must not be used to endorse or promote products derived from this
 *    software without prior written permission. For written
 *    permission, please contact Project JXTA at http://www.jxta.org.
 *
 * 5. Products derived from this software may not be called "JXTA",
 *    nor may "JXTA" appear in their name, without prior written
 *    permission of Sun.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL SUN MICROSYSTEMS OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * ====================================================================
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of Project JXTA.  For more
 * information on Project JXTA, please see
 * <http://www.jxta.org/>.
 *
 * This license is based on the BSD license adopted by the Apache Foundation.
 *
 * $Id: PasswdMembershipService.java,v 1.3 2004/09/28 00:09:27 bondolo Exp $
 */

package net.jxta.impl.membership.passwd;

import java.beans.PropertyChangeListener;
import java.beans.PropertyChangeSupport;
import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.HashMap;

import java.net.URISyntaxException;

import org.apache.log4j.Logger;
import org.apache.log4j.Level;

import net.jxta.credential.AuthenticationCredential;
import net.jxta.credential.Credential;
import net.jxta.credential.CredentialPCLSupport;
import net.jxta.document.Advertisement;
import net.jxta.document.Attribute;
import net.jxta.document.Attributable;
import net.jxta.document.Element;
import net.jxta.document.XMLDocument;
import net.jxta.document.XMLElement;
import net.jxta.document.MimeMediaType;
import net.jxta.document.StructuredDocument;
import net.jxta.document.StructuredDocumentFactory;
import net.jxta.protocol.PeerGroupAdvertisement;
import net.jxta.protocol.ModuleImplAdvertisement;
import net.jxta.id.ID;
import net.jxta.id.IDFactory;
import net.jxta.membership.Authenticator;
import net.jxta.membership.MembershipService;
import net.jxta.peer.PeerID;
import net.jxta.peergroup.PeerGroup;
import net.jxta.platform.ModuleSpecID;
import net.jxta.service.Service;

import net.jxta.exception.JxtaError;
import net.jxta.exception.ProtocolNotSupportedException;
import net.jxta.exception.PeerGroupException;

/**
 *  The passwd membership service provides a Membership Service implementation
 *  which is based on a password scheme similar to the unix
 *  <code>/etc/passwd</code> system.</code>
 *
 * <p/><strong>This implementation is intended as an example of a
 *  simple Membership Service and <em>NOT</em> as a practical secure
 *  Membership Service.<strong>
 *
 * @see net.jxta.membership.MembershipService
 *
 **/
public class PasswdMembershipService implements MembershipService {
    
    /**
     *  Log4J Logger
     **/
    private static final Logger LOG = Logger.getLogger(PasswdMembershipService.class.getName());
    
    /**
     * Well known service specification identifier: password membership
     */
    public static final ModuleSpecID passwordMembershipSpecID = (ModuleSpecID)
    ID.create( URI.create( "urn:jxta:uuid-DeadBeefDeafBabaFeedBabe000000050206" ) );
    
    /**
     * This class provides the sub-class of Credential which is associated
     * with the password membership service.
     **/
    public final static class PasswdCredential implements Credential, CredentialPCLSupport {
        
        /**
         * The MembershipService service which generated this credential.
         **/
        PasswdMembershipService source;
        
        /**
         * The identity associated with this credential
         **/
        String whoami;
        
        /**
         * The peerid associated with this credential.
         **/
        ID peerid;
        
        /**
         * The peerid which has been "signed" so that the identity may be verified.
         **/
        String signedPeerID;
        
        /**
         *  property change support
         **/
        private PropertyChangeSupport support = new PropertyChangeSupport(this);
        
        /**
         *  Whether the credential is valid.
         **/
        boolean valid = true;
        
        protected PasswdCredential( PasswdMembershipService source, String whoami, String signedPeerID ) {
            
            this.source = source;
            this.whoami = whoami;
            this.peerid = source.peergroup.getPeerID();
            this.signedPeerID = signedPeerID;
        }
        
        protected PasswdCredential( PasswdMembershipService source, Element root ) throws PeerGroupException {
            
            this.source = source;
            
            initialize( root );
        }
        
        /**
         *  Add a listener
         *
         *  @param listener the listener
         **/
        public void addPropertyChangeListener( PropertyChangeListener listener ) {
            support.addPropertyChangeListener(listener );
        }
        
        /**
         *  Add a listener
         *
         *  @param propertyName the property to watch
         *  @param listener the listener
         **/
        public void addPropertyChangeListener( String propertyName, PropertyChangeListener listener ) {
            support.addPropertyChangeListener( propertyName, listener );
        }
        
        /**
         *  Remove a listener
         *
         *  @param listener the listener
         **/
        public void removePropertyChangeListener( PropertyChangeListener listener ) {
            support.removePropertyChangeListener( listener );
        }
        
        /**
         *  Remove a listener
         *
         *  @param propertyName the property which was watched
         *  @param listener the listener
         **/
        public void removePropertyChangeListener( String propertyName, PropertyChangeListener listener ) {
            support.removePropertyChangeListener( propertyName, listener );
        }
        
        /**
         * {@inheritDoc}
         **/
        public ID getPeerGroupID() {
            return source.peergroup.getPeerGroupID();
        }
        
        /**
         * {@inheritDoc}
         **/
        public ID getPeerID() {
            return peerid;
        }
        
        /**
         *  Set the peerid for this credential.
         *
         *  @param  peerid   the peerid for this credential
         **/
        private void setPeerID( PeerID peerid ) {
            this.peerid = peerid;
        }
        
        /**
         * {@inheritDoc}
         *
         * <p/>PasswdCredential never expire.
         **/
        public boolean isExpired() {
            return false;
        }
        
        /**
         * {@inheritDoc}
         *
         * <p/>PasswdCredential are almost always valid.
         **/
        public boolean isValid() {
            return valid;
        }
        
        /**
         * {@inheritDoc}
         *
         * <p/>PasswdCredential are always valid except after resign.
         **/
        private void setValid( boolean valid ) {
            boolean oldValid = isValid();
            this.valid = valid;
            
            if( oldValid != valid ) {
                support.firePropertyChange( "valid", oldValid, valid );
            }
        }
        
        /**
         * {@inheritDoc}
         **/
        public Object getSubject() {
            return whoami;
        }
        
        /**
         *  Sets the subject for this Credential
         *
         *  @param  subject The subject for this credential.
         **/
        private void setSubject( String subject ) {
            whoami = subject;
        }
        
        /**
         * {@inheritDoc}
         **/
        public Service getSourceService() {
            return source;
        }
        
        /**
         * {@inheritDoc}
         **/
        public StructuredDocument getDocument(MimeMediaType as) throws Exception {
            StructuredDocument doc = StructuredDocumentFactory.newStructuredDocument( as, "jxta:Cred" );
            
            if( doc instanceof XMLDocument ) {
                ((Attributable)doc).addAttribute( "xmlns:jxta", "http://jxta.org" );
                ((Attributable)doc).addAttribute( "xml:space", "preserve" );
            }
            
            if( doc instanceof Attributable ) {
                ((Attributable)doc).addAttribute( "type", "jxta:PasswdCred" );
            }
            
            Element e = doc.createElement( "PeerGroupID", getPeerGroupID().toString() );
            doc.appendChild( e );
            
            e = doc.createElement( "PeerID", getPeerID().toString() );
            doc.appendChild( e );
            
            e = doc.createElement( "Identity", whoami );
            doc.appendChild( e );
            
            // FIXME 20010327   Do some kind of signing here based on password.
            e = doc.createElement( "ReallyInsecureSignature", signedPeerID );
            doc.appendChild( e );
            
            return doc;
        }
        
        /**
         *  Process an individual element from the document.
         *
         *  @param elem the element to be processed.
         *  @return true if the element was recognized, otherwise false.
         **/
        protected boolean handleElement( XMLElement elem ) {
            if( elem.getName().equals("PeerGroupID")) {
                try {
                    URI gID = new URI( elem.getTextValue() );
                    ID pgid = IDFactory.fromURI( gID );
                    if( !pgid.equals( getPeerGroupID() ) ) {
                        throw new IllegalArgumentException( "Operation is from a different group. " + pgid + " != " + getPeerGroupID() );
                    }
                } catch ( URISyntaxException badID ) {
                    throw new IllegalArgumentException( "Bad PeerGroupID in advertisement: " + elem.getTextValue() );
                }
                return true;
            }
            
            if( elem.getName().equals("PeerID")) {
                try {
                    URI pID = new URI( elem.getTextValue() );
                    ID pid = IDFactory.fromURI( pID );
                    setPeerID( (PeerID) pid );
                } catch ( URISyntaxException badID ) {
                    throw new IllegalArgumentException( "Bad Peer ID in advertisement: " + elem.getTextValue() );
                } catch ( ClassCastException badID ) {
                    throw new IllegalArgumentException( "Id is not a peer id: " + elem.getTextValue() );
                }
                return true;
            }
            
            if( elem.getName().equals("Identity")) {
                setSubject( elem.getTextValue() );
                return true;
            }
            
            if( elem.getName().equals("ReallyInsecureSignature")) {
                signedPeerID = elem.getTextValue();
                return true;
            }
            
            // element was not handled
            return false;
        }
        
        /**
         *  Intialize from a portion of a structured document.
         **/
        protected void initialize( Element root ) {
            
            if( !XMLElement.class.isInstance( root ) ) {
                throw new IllegalArgumentException( getClass().getName() + " only supports XMLElement" );
            }
            
            XMLElement doc = (XMLElement) root;
            
            String typedoctype = "";
            Attribute itsType = ((Attributable)root).getAttribute( "type" );
            if( null != itsType ) {
                typedoctype = itsType.getValue();
            }
            
            String doctype = doc.getName();
            
            if( !doctype.equals("jxta:PasswdCred") && !typedoctype.equals("jxta:PasswdCred") ) {
                throw new IllegalArgumentException( "Could not construct : "
                + getClass().getName() + "from doc containing a " + doctype );
            }
            
            Enumeration elements = doc.getChildren();
            
            while (elements.hasMoreElements()) {
                XMLElement elem = (XMLElement) elements.nextElement();
                
                if( !handleElement( elem ) ) {
                    if (LOG.isEnabledFor(Level.WARN)) {
                        LOG.warn("Unhandleded element '" + elem.getName() + "' in " + doc.getName() );
                    }
                };
            }
            
            // sanity check time!
            
            if( null == getSubject() ) {
                throw new IllegalArgumentException( "subject was never initialized." );
            }
            
            if( null == getPeerID() ) {
                throw new IllegalArgumentException( "peer id was never initialized." );
            }
            
            if( null == signedPeerID ) {
                throw new IllegalArgumentException( "signed peer id was never initialized." );
            }
            
            // FIXME bondolo@jxta.org 20030409 should check for duplicate elements and for peergroup element
        }
    }
    
    /**
     * Creates an authenticator for the passwd membership service. Anything
     *  entered into the identity info section of the Authentication
     *  credential is ignored.
     *
     *  <p/><strong>HACK ALERT!</strong> THE INHERITANCE FROM
     *  <code>net.jxta.impl.membership.PasswdMembershipService.PasswdAuthenticator</code>
     *  IS A TOTAL HACK FOR BACKWARDS COMPATIBILITY.
     *
     *  @param source The instance of the passwd membership service which
     *  created this authenticator.
     *  @param application Anything entered into the identity info section of
     *  the Authentication credential is ignored.
     **/
    public final static class PasswdAuthenticator extends net.jxta.impl.membership.PasswdMembershipService.PasswdAuthenticator {
        
        /**
         * The Membership Service which generated this authenticator.
         **/
        PasswdMembershipService source;
        
        /**
         * The Authentication which was provided to the Apply operation of the