session.java

java开源的企业总线.xmlBlaster

package org.xmlBlaster.authentication.plugins.ldap;

import org.xmlBlaster.authentication.plugins.CryptDataHolder;
import org.xmlBlaster.authentication.plugins.DataHolder;
import org.xmlBlaster.authentication.plugins.I_Manager;
import org.xmlBlaster.authentication.plugins.I_Session;
import org.xmlBlaster.authentication.plugins.I_Subject;
import org.xmlBlaster.authentication.plugins.I_SecurityQos;
import org.xmlBlaster.authentication.plugins.SessionHolder;
import org.xmlBlaster.util.XmlBlasterException;
import org.xmlBlaster.util.def.MethodName;
import org.xmlBlaster.util.def.ErrorCode;
import org.xmlBlaster.util.MsgUnitRaw;
import java.util.logging.Logger;
import java.util.logging.Level;


/**
 * This implements the session AND the subject interface in the same class. 
 *
 * @author <a href="mailto:xmlBlaster@marcelruff.info">Marcel Ruff</a>.
 * @see org.xmlBlaster.authentication.plugins.ldap.LdapGateway
 */
public class Session implements I_Session, I_Subject {
   private static final String ME = "Session";

   protected final Manager secMgr;
   private static Logger log = Logger.getLogger(Session.class.getName());
   protected String sessionId;
   protected boolean authenticated = false;

   protected final LdapGateway ldap;

   protected String loginName;

   public Session(Manager sm, String sessionId) throws XmlBlasterException {
      this.secMgr = sm;

      this.sessionId = sessionId;
      final String serverUrl = sm.getGlobal().getProperty().get("ldap.serverUrl", "ldap://localhost:389/o=xmlBlaster,c=ORG");
      final String rootDN = sm.getGlobal().getProperty().get("ldap.rootDN", "cn=Manager,o=xmlBlaster,c=ORG");
      final String rootPwd =  sm.getGlobal().getProperty().get("ldap.rootPwd", "secret");
      final String loginFieldName = sm.getGlobal().getProperty().get("ldap.loginFieldName", "cn");

      log.info("Initializing LDAP access on ldap.serverUrl='" + serverUrl + "' with rootdn='" + rootDN  + "'. The unique uid field name in ldap should be '" + loginFieldName + "'.");
      ldap = new LdapGateway(this.secMgr.getGlobal(), serverUrl, rootDN, rootPwd, loginFieldName);
   }

   public String init(String xmlQoS_literal) throws XmlBlasterException {
      return init(new SecurityQos(this.secMgr.getGlobal(), xmlQoS_literal));
   }

   public String init(I_SecurityQos securityQos) throws XmlBlasterException {
      authenticated = false;

      this.loginName = securityQos.getUserId();
      String passwd = securityQos.getCredential();

      if (log.isLoggable(Level.FINE)) log.fine("Checking password ...");
      authenticated = ldap.checkPassword(this.loginName, passwd);
      if (log.isLoggable(Level.FINE)) log.fine("The password" /*+ passwd */+ " for cn=" + this.loginName + " is " + ((authenticated)?"":" NOT ") + " valid.");

      if (authenticated == false)
         throw new XmlBlasterException(this.secMgr.getGlobal(), ErrorCode.USER_SECURITY_AUTHENTICATION_ACCESSDENIED, ME,
                    "Authentication of user " + getName() + " failed, no authentication from LDAP server.");

      return null; // no extra information
   }

   /**
    * @see I_Session#verify(I_SecurityQos)
    */
   public boolean verify(I_SecurityQos securityQos) {
      if (!this.authenticated)
         return false;

      try {
         return ldap.checkPassword(securityQos.getUserId(), securityQos.getCredential());
      }
      catch (XmlBlasterException e) {
         return false;
      }
   }

   public String getName() {
      return this.loginName;
   }

   public boolean isAuthorized(SessionHolder sessionHolder, DataHolder dataHolder) {
      if (authenticated == false) {
         log.warning("Authentication of user " + getName() + " failed");
         return false;
      }
      
      MethodName action = dataHolder.getAction();
      String key = dataHolder.getKeyOid();

      log.warning("No authorization check for action='" + action + "' on key='" +key + "' is implemented, access generously granted.");
      return true;
   }

   public void changeSecretSessionId(String sessionId) throws XmlBlasterException {
      if(this.sessionId.endsWith(sessionId)) return;
      synchronized(sessionId) {
         this.secMgr.changeSecretSessionId(this.sessionId, sessionId);
         this.sessionId = sessionId;
      }
   }

   public String getSecretSessionId() {
      return sessionId;
   }

   public I_Subject getSubject() {
      return this;
   }

   public I_Manager getManager() {
      return this.secMgr;
   }

   public MsgUnitRaw importMessage(CryptDataHolder dataHolder) throws XmlBlasterException {
      return dataHolder.getMsgUnitRaw();
   }

   public MsgUnitRaw exportMessage(CryptDataHolder dataHolder) throws XmlBlasterException {
      return dataHolder.getMsgUnitRaw();
   }
}