ldapsavingutility.java

一个完整的XACML工程,学习XACML技术的好例子!

/*
* Copyright (c) 2006, University of Kent
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without 
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this 
* list of conditions and the following disclaimer.
* 
* Redistributions in binary form must reproduce the above copyright notice, 
* this list of conditions and the following disclaimer in the documentation 
* and/or other materials provided with the distribution. 
*
* 1. Neither the name of the University of Kent nor the names of its 
* contributors may be used to endorse or promote products derived from this 
* software without specific prior written permission. 
*
* 2. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS  
* IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
* PURPOSE ARE DISCLAIMED. 
*
* 3. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* 4. YOU AGREE THAT THE EXCLUSIONS IN PARAGRAPHS 2 AND 3 ABOVE ARE REASONABLE
* IN THE CIRCUMSTANCES.  IN PARTICULAR, YOU ACKNOWLEDGE (1) THAT THIS
* SOFTWARE HAS BEEN MADE AVAILABLE TO YOU FREE OF CHARGE, (2) THAT THIS
* SOFTWARE IS NOT "PRODUCT" QUALITY, BUT HAS BEEN PRODUCED BY A RESEARCH
* GROUP WHO DESIRE TO MAKE THIS SOFTWARE FREELY AVAILABLE TO PEOPLE WHO WISH
* TO USE IT, AND (3) THAT BECAUSE THIS SOFTWARE IS NOT OF "PRODUCT" QUALITY
* IT IS INEVITABLE THAT THERE WILL BE BUGS AND ERRORS, AND POSSIBLY MORE
* SERIOUS FAULTS, IN THIS SOFTWARE.
*
* 5. This license is governed, except to the extent that local laws
* necessarily apply, by the laws of England and Wales.
*/

/*
* Copyright (c) 2000-2005, University of Salford
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without 
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this 
* list of conditions and the following disclaimer.
* 
* Redistributions in binary form must reproduce the above copyright notice, 
* this list of conditions and the following disclaimer in the documentation 
* and/or other materials provided with the distribution. 
*
* Neither the name of the University of Salford nor the names of its 
* contributors may be used to endorse or promote products derived from this 
* software without specific prior written permission. 
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
* POSSIBILITY OF SUCH DAMAGE.
*/

package issrg.acm.extensions;

import javax.naming.*;
import javax.naming.directory.*;
import javax.swing.*;
import java.awt.*;
import issrg.acm.ACCreationException;
import issrg.acm.EnvironmentalVariables;
import javax.swing.tree.*;
import issrg.utils.LDAP_DIT;
import issrg.utils.ACViewer;
import issrg.ac.AttributeCertificate;
import java.util.Vector;

/**
 * This is the LDAP saving utility.
 *
 * <p>This utility saves the given Attribute Certificate to an LDAP Directory,
 * of which the URL a user can enter in a dialog. The DN to save to is obtained
 * from the AC to save; the DN to load from the user should type in.
 *
 * <p>Simple authentication to the LDAP server is supported.
 *
 * <p>The utility was tested on LDAP v3 only.
 *
 * @author A Otenko
 * @version 1.0
 */

public class LDAPSavingUtility extends issrg.acm.DefaultSavingUtility implements issrg.utils.DITSelectionListener{
  final private static String CONNECT_ACTION="connect";
  /**
   * The variable, containing the name of the configuration variable, representing
   * the LDAP server URI. At the moment it is "LDAPSavingUtility.ProviderURI".
   */
  final public static String LDAP_SAVING_UTILITY_LDAP_PROVIDER = "LDAPSavingUtility.ProviderURI";

  /**
   * The variable, containing the name of the configuration variable, representing
   * the default login for accessing LDAP server. (Usually such authentication is
   * set for writing only.) The user may change this value at run time. At the
   * moment it is "LDAPSavingUtility.Login". Note, that only simple authentication
   * is suported at the moment.
   */
  final public static String LDAP_SAVING_UTILITY_LOGIN = "LDAPSavingUtility.Login";

  /**
   * The variable, containing the name of the configuration variable, representing
   * the default name of the attribute the LDAPSavingUtility will
   * retrieve and store. At the moment it is "LDAPSavingUtility.ACType".
   */
  final public static String LDAP_SAVING_UTILITY_AC_TYPE = "LDAPSavingUtility.ACType";

  /**
   * The variable, containing the name of the attribute the LDAPSavingUtility will
   * retrieve and store. At the moment it is "2.5.4.58;binary".
   * the OID of the attribute is 2.5.4.58.
   */
  final public static String ATTRIBUTE_CERTIFICATE_ATTRIBUTE_NAME = "2.5.4.58;binary";//"x509AttributeCertificate;binary"; //"2.5.4.58";
  final private JTextField URL = new JTextField(20);
  final private JTextField DN = new JTextField(20);
  final private JTextField Login = new JTextField(15);
  final private JPasswordField Password = new JPasswordField(15);
  final private JCheckBox Anonymous = new JCheckBox("Anonymous", false);
  final private JButton connect = new JButton("Connect...");

  private JPanel content = new JPanel();
  private String lastURL = null;
  private String lastDN = null;
  private String lastLogin = null;
  private String acType=ATTRIBUTE_CERTIFICATE_ATTRIBUTE_NAME;
  final private LDAP_DIT ldapDit = new LDAP_DIT();

  final private ACViewer acv = new ACViewer();

  private JPanel scLdap = new JPanel(new BorderLayout());
  private JPanel acvPanel = new JPanel(new BorderLayout());

  public LDAPSavingUtility(){
    super();
    connect.addActionListener(new java.awt.event.ActionListener() {
        public void actionPerformed(java.awt.event.ActionEvent ae){
            if(ae.getActionCommand().equals(CONNECT_ACTION)) {
                try {
                    resetLDAPTree();
                } catch (ACCreationException acce) {
                    issrg.utils.Util.bewail(
                       "Cannot get through the specified LDAP server",
                        acce, dialog);
                }
            }
        }
    });

    ldapDit.setSelectionListener(this);

    content = buildDialog();
  }

  private JPanel buildDialog(){
    // *** Row 1
    JPanel pRow1; // = new JPanel(new BorderLayout());
    JPanel pp4 = new JPanel(new BorderLayout());
    JPanel pCol1= new JPanel(new FlowLayout(FlowLayout.TRAILING));
    JPanel pCol2= new JPanel(new FlowLayout(FlowLayout.TRAILING));
    pCol1.add(new JLabel("LDAP URL:"));
    pCol2.add(new JLabel("DN:"));
    pp4.add(pCol1, BorderLayout.NORTH);
    pp4.add(pCol2,BorderLayout.CENTER);

    JPanel pp3 = new JPanel(new BorderLayout());
    pCol1 = new JPanel(new FlowLayout(FlowLayout.LEADING));
    pCol2 = new JPanel(new FlowLayout(FlowLayout.LEADING));
    pCol1.add(URL);
    pCol2.add(DN);
    pp3.add(pCol1, BorderLayout.NORTH);
    pp3.add(pCol2, BorderLayout.CENTER);

    JPanel jpa = new JPanel(new BorderLayout());
    jpa.add(pp4, BorderLayout.WEST);
    jpa.add(pp3, BorderLayout.CENTER);

    pRow1 = jpa; //.add(jpa, BorderLayout.CENTER);

    // *** Row 3
    JPanel pRow3 = new JPanel(new BorderLayout());

    JPanel pp = new JPanel(new BorderLayout());
    pCol1 = new JPanel(new FlowLayout(FlowLayout.TRAILING));
    pCol1.add(new JLabel("Login:"));

    pCol2 = new JPanel(new FlowLayout(FlowLayout.TRAILING));
    pCol2.add(new JLabel("Password:"));

    pp.add(pCol1, BorderLayout.NORTH);
    pp.add(pCol2, BorderLayout.CENTER);

    pCol1 = new JPanel(new FlowLayout(FlowLayout.LEADING));
    pCol2 = new JPanel(new FlowLayout(FlowLayout.LEADING));
    pCol1.add(this.Login);
    pCol2.add(this.Password);

    JPanel pp1 = new JPanel(new BorderLayout());
    pp1.add(pCol1, BorderLayout.NORTH);
    pp1.add(pCol2, BorderLayout.CENTER);

    JPanel ppp = new JPanel(new BorderLayout());
    ppp.add(pp, BorderLayout.WEST);
    ppp.add(pp1, BorderLayout.CENTER);

    // add "connect"
    pCol1 = new JPanel(new FlowLayout(FlowLayout.TRAILING));
    pCol1.add(connect);
    connect.setActionCommand(CONNECT_ACTION);
    JPanel np1 = new JPanel(new BorderLayout());
    np1.add(pRow1,BorderLayout.CENTER);
    np1.add(pCol1, BorderLayout.SOUTH);

    // add "Anonymous"
    JPanel np2 = new JPanel(new BorderLayout());
    pCol2 = new JPanel(new FlowLayout(FlowLayout.TRAILING));
    pCol2.add(Anonymous);
    JPanel pCol3 = new JPanel(new FlowLayout(FlowLayout.TRAILING));
    pCol3.add(ppp);
    np2.add(pCol3, BorderLayout.CENTER);
    np2.add(pCol2, BorderLayout.SOUTH);

    JPanel npx = new JPanel(new BorderLayout());
    npx.add(np1, BorderLayout.WEST);
    npx.add(np2, BorderLayout.CENTER);

    ldapDit.setPreferredSize(new Dimension(220, 290));
    JPanel lp = new JPanel(new BorderLayout());//new FlowLayout(FlowLayout.TRAILING));
    lp.add(ldapDit, BorderLayout.CENTER);

    scLdap.add(new JLabel("  LDAP Entries:"), BorderLayout.NORTH);
    scLdap.add(lp, BorderLayout.CENTER);

    JPanel jp = new JPanel(new BorderLayout());
    acv.setPreferredSize(new Dimension(375, 290));

    acvPanel.add(new JLabel("  "), BorderLayout.NORTH);

    lp = new JPanel(new BorderLayout());//new FlowLayout(FlowLayout.TRAILING));
    lp.add(acv, BorderLayout.CENTER);
    acvPanel.add(lp, BorderLayout.CENTER);

    JPanel p = new JPanel(new BorderLayout());
    p.add(scLdap, BorderLayout.WEST);
    p.add(acvPanel, BorderLayout.CENTER);

    jp.add(npx,BorderLayout.NORTH);
    jp.add(p, BorderLayout.CENTER);
    return jp;
  }

  public Component getContentPane(java.util.Map env, int dialogMode){
    String dn="";
    dn = (String)env.get(EnvironmentalVariables.HOLDER_NAME_STRING);
    if (dn!=null && dn.intern()==""){
      dn = (String)env.get(EnvironmentalVariables.HOLDER_BCID_STRING);
    }

    initDefaults(env);

    if(lastURL != null)
    {
       try {
         URL.setText(lastURL);