passwdmembershipservice.java

jxta_src_2.41b jxta 2.41b 最新版源码 from www.jxta.org

         * membership service.
         **/
        AuthenticationCredential application;
        
        /**
         * the identity which is being claimed
         **/
        String whoami = null;
        
        /**
         * the password for that identity.
         **/
        String password = null;
        
        /**
         * Creates an authenticator for the password MembershipService service. The only method
         * supported is "PasswdAuthentication". Anything entered into the identity info
         * section of the Authentication credential is ignored.
         *
         * @param source The instance of the password membership service which created this
         * authenticator.
         * @param application The Anything entered into the identity info section of the Authentication
         * credential is ignored.
         **/
        PasswdAuthenticator( PasswdMembershipService source, AuthenticationCredential application ) {
            this.source = source;
            this.application = application;
            
            // XXX 20010328 bondolo@jxta.org Could do something with the authentication credential here.
        }
        
        /**
         * {@inheritDoc}
         **/
        public MembershipService getSourceService() {
            return (MembershipService) source.getInterface();
        }
        
        /**
         * {@inheritDoc}
         **/
        synchronized public boolean isReadyForJoin() {
            return ( (null != password) && (null != whoami) );
        }
        
        /**
         * {@inheritDoc}
         **/
        public String getMethodName() {
            return "PasswdAuthentication";
        }
        
        /**
         * {@inheritDoc}
         **/
        public AuthenticationCredential getAuthenticationCredential() {
            return application;
        }
        
        public void setAuth1Identity( String who ) {
            whoami = who;
        }
        
        public String getAuth1Identity() {
            return whoami;
        }
        
        public void setAuth2_Password( String secret ) {
            password = secret;
        }
        
        protected String getAuth2_Password() {
            return password;
        }
    }
        
    /**
     * the peergroup to which this service is associated.
     **/
    private PeerGroup peergroup = null;
    
    /**
     *  the default "nobody" credential
     **/
    private Credential  defaultCredential = null;
    
    /**
     * The current set of principals associated with this peer within this peegroup.
     **/
    private List principals;
    
    /**
     * The set of AuthenticationCredentials which were used to establish the principals.
     **/
    private List authCredentials;
    
    /**
     * The ModuleImplAdvertisement which was used to instantiate this service.
     **/
    private ModuleImplAdvertisement implAdvertisement = null;
    
    /**
     * An internal table containing the identity and password pairs as parsed from the
     * the PeerGroupAdvertisement.
     **/
    private Map logins = null;
    
    /**
     *  property change support
     **/
    private PropertyChangeSupport support;
    
    /**
     *  Default constructor. Normally only called by the peer group.
     **/
    public PasswdMembershipService() throws PeerGroupException {
        principals = new ArrayList();
        authCredentials = new ArrayList();
        
        support = new PropertyChangeSupport(getInterface());
    }
    
    /**
     *  Add a listener
     *
     *  @param listener the listener
     **/
    public void addPropertyChangeListener( PropertyChangeListener listener ) {
        support.addPropertyChangeListener(listener );
    }
    
    /**
     *  Add a listener
     *
     *  @param propertyName the property to watch
     *  @param listener the listener
     **/
    public void addPropertyChangeListener( String propertyName, PropertyChangeListener listener ) {
        support.addPropertyChangeListener( propertyName, listener );
    }
    
    /**
     *  Remove a listener
     *
     *  @param listener the listener
     **/
    public void removePropertyChangeListener( PropertyChangeListener listener ) {
        support.removePropertyChangeListener( listener );
    }
    
    /**
     *  Remove a listener
     *
     *  @param propertyName the property which was watched
     *  @param listener the listener
     **/
    public void removePropertyChangeListener( String propertyName, PropertyChangeListener listener ) {
        support.removePropertyChangeListener( propertyName, listener );
    }
    
    /**
     * {@inheritDoc}
     **/
    public void init(PeerGroup group, ID assignedID, Advertisement impl) throws PeerGroupException {
        
        peergroup = group;
        implAdvertisement = (ModuleImplAdvertisement) impl;
        
        if (LOG.isEnabledFor(Level.INFO)) {
            StringBuffer configInfo = new StringBuffer( "Configuring Password Membership Service : " + assignedID );
            
            configInfo.append( "\n\tImplementation:" );
            configInfo.append("\n\t\tModule Spec ID: " + implAdvertisement.getModuleSpecID());
            configInfo.append("\n\t\tImpl Description : " + implAdvertisement.getDescription());
            configInfo.append("\n\t\tImpl URI : " + implAdvertisement.getUri());
            configInfo.append("\n\t\tImpl Code : " + implAdvertisement.getCode());
            
            configInfo.append( "\n\tGroup Params:" );
            configInfo.append( "\n\t\tGroup: " + group.getPeerGroupName() );
            configInfo.append( "\n\t\tGroup ID: " + group.getPeerGroupID() );
            configInfo.append( "\n\t\tPeer ID: " + group.getPeerID() );
            
            LOG.info( configInfo );
        }
        
        PeerGroupAdvertisement configAdv = (PeerGroupAdvertisement)
        group.getPeerGroupAdvertisement();
        
        XMLElement myParam = (XMLElement) configAdv.getServiceParam(assignedID);
        
        logins = new HashMap();
        
        if( null == myParam ) {
            throw new PeerGroupException( "parameters for group passwords missing" );
        }
        
        for( Enumeration allLogins = myParam.getChildren(); allLogins.hasMoreElements(); ) {
            XMLElement aLogin = (XMLElement) allLogins.nextElement();
            
            if( aLogin.getName().equals( "login" ) ) {
                String etcPasswd = (String) aLogin.getTextValue( );
                
                int nextDelim = etcPasswd.indexOf( ':' );
                if( -1 == nextDelim ) {
                    continue;
                }
                
                String login = etcPasswd.substring( 0, nextDelim ).trim();
                int lastDelim = etcPasswd.indexOf( ':', nextDelim + 1 );
                String passwd = etcPasswd.substring( nextDelim + 1, lastDelim );
                
                if (LOG.isEnabledFor(Level.DEBUG)) {
                    LOG.debug( "Adding login : '" + login + "' with encoded password : '" + passwd + "'" );
                }
                
                logins.put( login, passwd );
            }
        }
        
        // FIXME    20010327    bondolo@jxta.org Make up the signed bit.
        
        // We initialise our set of principals to the resigned state.
        resign();
    }
    
    /**
     * {@inheritDoc}
     **/
    public Service getInterface() {
        return this;
    }
    
    /**
     * {@inheritDoc}
     **/
    public Advertisement getImplAdvertisement() {
        return implAdvertisement;
    }
    
    /**
     * {@inheritDoc}
     *
     * <p/>Currently this service starts by itself and does not expect
     * arguments.
     */
    public int startApp(String[] arg) {
        return 0;
    }
    
    /**
     * {@inheritDoc}
     *
     * <p/>This request is currently ignored.
     **/
    public void stopApp() {
        resign();
    }
    
    /**
     * {@inheritDoc}
     **/
    public Authenticator apply(AuthenticationCredential application) throws PeerGroupException, ProtocolNotSupportedException {
        
        String method = application.getMethod();
        
        if( (null != method)  && !"StringAuthentication".equals( method ) && !"PasswdAuthentication".equals( method ) ) {
            throw new ProtocolNotSupportedException( "Authentication method not recognized" );
        }
        
        return new PasswdAuthenticator( this, application );
    }
    
    /**
     * {@inheritDoc}
     **/
    public Credential getDefaultCredential() {
        return defaultCredential;
    }
    
    /**
     * {@inheritDoc}
     **/
    private void setDefaultCredential( Credential newDefault ) {
        Credential oldDefault = defaultCredential;
        defaultCredential = newDefault;
        
        support.firePropertyChange( "defaultCredential", oldDefault, newDefault );
    }
    
    /**
     * {@inheritDoc}
     **/
    public synchronized Enumeration getCurrentCredentials() {
        return Collections.enumeration(principals);
    }
    
    /**
     * {@inheritDoc}
     **/
    public synchronized Enumeration getAuthCredentials() {
        return Collections.enumeration(authCredentials);
    }
    
    /**
     * {@inheritDoc}
     **/
    public  Credential join(Authenticator authenticated) throws PeerGroupException {
        
        if( !(authenticated instanceof PasswdAuthenticator) ) {
            throw new ClassCastException( "This is not my authenticator!" );
        }
        
        if( this != authenticated.getSourceService() ) {
            throw new ClassCastException( "This is not my authenticator!" );
        }
        
        if( !authenticated.isReadyForJoin() ) {
            throw new PeerGroupException( "Not Ready to join!" );
        }
        
        String identity = ((PasswdAuthenticator)authenticated).getAuth1Identity();
        String password = ((PasswdAuthenticator)authenticated).getAuth2_Password();
        
        if( !checkPasswd( identity, password ) ) {
            throw new PeerGroupException( "Incorrect Password!" );
        }
        
        // FIXME    20010327    bondolo@jxta.org Make up the signed bit.
        
        Credential newCred;
        synchronized( this ) {
            newCred = new PasswdCredential( this, identity, "blah" );
            
            principals.add( newCred );
            
            authCredentials.add( authenticated.getAuthenticationCredential() );
        }
        
        support.firePropertyChange( "addCredential", null, newCred );
        
        if( null == getDefaultCredential() ) {
            setDefaultCredential( newCred );
        }
        
        return newCred;
    }
    
    /**
     * {@inheritDoc}
     **/
    public synchronized void resign() {
        Iterator eachCred = Arrays.asList( principals.toArray() ).iterator();
        
        synchronized( this ) {
            principals.clear();
            authCredentials.clear();
        }
        
        setDefaultCredential( null );
        
        while( eachCred.hasNext() ) {
            PasswdCredential aCred = (PasswdCredential) eachCred.next();
            
            aCred.setValid( false );
        }
    }
    
    /**
     * {@inheritDoc}
     **/
    public Credential makeCredential(Element element) throws PeerGroupException, Exception {
        
        return new PasswdCredential( this, element );
    }
    
    /**
     * Given an identity and an encoded password determine if the password is
     * correct.
     *
     * @param identity the identity which the user is trying to claim
     * @param passwd the password guess being tested.
     * @return true if the password was correct for the specified identity
     * otherwise false.
     **/
    private boolean checkPasswd( String identity, String passwd ) {
        boolean result;
        
        if( !logins.containsKey( identity ) ) {
            return false;
        }
        
        String encodedPW = makePsswd( passwd );
        
        if (LOG.isEnabledFor(Level.DEBUG)) {
            LOG.debug("Password '" + passwd + "' encodes as: '" + encodedPW + "'");
        }
        
        String mustMatch = (String) logins.get( identity );
        
        // if there is a null password for this identity then match everything.
        if( mustMatch.equals( "" ) ) {
            return true;
        }
        
        result = encodedPW.equals(mustMatch);
        
        return result;
    }
    
    /**
     *  This is the method used to make the password strings. We only provide
     *  one way encoding since we can compare the encoded strings.
     *
     *  <p/>FIXME 20010402  bondolo : switch to use the standard
     *  crypt(3) algorithm for encoding the passwords. The current algorithm has
     *  been breakable since ancient times, crypt(3) is also weak, but harder to
     *  break.
     *
     *   @param source  the string to encode
     *   @return String the encoded version of the password.
     *
     **/
    public static String makePsswd( String source ) {
        /**
         *
         * A->D  B->Q  C->K  D->W  E->H  F->R  G->T  H->E  I->N  J->O  K->G  L->X  M->C
         * N->V  O->Y  P->S  Q->F  R->J  S->P  T->I  U->L  V->Z  W->A  X->B  Y->M  Z->U
         *
         **/
        
        final String xlateTable = "DQKWHRTENOGXCVYSFJPILZABMU";
        
        StringBuffer work = new StringBuffer( source );
        
        for( int eachChar = work.length() - 1; eachChar >=0; eachChar-- ) {
            char aChar = Character.toUpperCase( work.charAt(eachChar) );
            
            int replaceIdx = xlateTable.indexOf( aChar );
            if( -1 != replaceIdx ) {
                work.setCharAt( eachChar, (char) ('A' + replaceIdx) );
            }
        }
        
        return work.toString();
    }
}