passwdmembershipservice.java

JXTA&#8482 is a set of open, generalized peer-to-peer (P2P) protocols that allow any networked devi

        PasswdMembershipService source;
        
        /**
         * The Authentication which was provided to the Apply operation of the
         * membership service.
         **/
        AuthenticationCredential application;
        
        /**
         * the identity which is being claimed
         **/
        String whoami = null;
        
        /**
         * the password for that identity.
         **/
        String password = null;
        
        /**
         * Creates an authenticator for the password MembershipService service. The only method
         * supported is "PasswdAuthentication". Anything entered into the identity info
         * section of the Authentication credential is ignored.
         *
         * @param source The instance of the password membership service which created this
         * authenticator.
         * @param application The Anything entered into the identity info section of the Authentication
         * credential is ignored.
         **/
        PasswdAuthenticator(PasswdMembershipService source, AuthenticationCredential application) {
            this.source = source;
            this.application = application;
            
            // XXX 20010328 bondolo@jxta.org Could do something with the authentication credential here.
        }
        
        /**
         * {@inheritDoc}
         **/
        public MembershipService getSourceService() {
            return (MembershipService) source.getInterface();
        }
        
        /**
         * {@inheritDoc}
         **/
        synchronized public boolean isReadyForJoin() {
            return ((null != password) && (null != whoami));
        }
        
        /**
         * {@inheritDoc}
         **/
        public String getMethodName() {
            return "PasswdAuthentication";
        }
        
        /**
         * {@inheritDoc}
         **/
        public AuthenticationCredential getAuthenticationCredential() {
            return application;
        }
        
        @Override
        public void setAuth1Identity(String who) {
            whoami = who;
        }
        
        @Override
        public String getAuth1Identity() {
            return whoami;
        }
        
        @Override
        public void setAuth2_Password(String secret) {
            password = secret;
        }
        
        @Override
        protected String getAuth2_Password() {
            return password;
        }
    }
        
    /**
     * the peergroup to which this service is associated.
     **/
    private PeerGroup peergroup = null;
    
    /**
     *  the default "nobody" credential
     **/
    private Credential  defaultCredential = null;
    
    /**
     * The current set of principals associated with this peer within this peegroup.
     **/
    private List principals;
    
    /**
     * The set of AuthenticationCredentials which were used to establish the principals.
     **/
    private List authCredentials;
    
    /**
     * The ModuleImplAdvertisement which was used to instantiate this service.
     **/
    private ModuleImplAdvertisement implAdvertisement = null;
    
    /**
     * An internal table containing the identity and password pairs as parsed from the
     * the PeerGroupAdvertisement.
     **/
    private Map logins = null;
    
    /**
     *  property change support
     **/
    private PropertyChangeSupport support;
    
    /**
     *  Default constructor. Normally only called by the peer group.
     **/
    public PasswdMembershipService() throws PeerGroupException {
        principals = new ArrayList();
        authCredentials = new ArrayList();
        
        support = new PropertyChangeSupport(getInterface());
    }
    
    /**
     *  Add a listener
     *
     *  @param listener the listener
     **/
    public void addPropertyChangeListener(PropertyChangeListener listener) {
        support.addPropertyChangeListener(listener);
    }
    
    /**
     *  Add a listener
     *
     *  @param propertyName the property to watch
     *  @param listener the listener
     **/
    public void addPropertyChangeListener(String propertyName, PropertyChangeListener listener) {
        support.addPropertyChangeListener(propertyName, listener);
    }
    
    /**
     *  Remove a listener
     *
     *  @param listener the listener
     **/
    public void removePropertyChangeListener(PropertyChangeListener listener) {
        support.removePropertyChangeListener(listener);
    }
    
    /**
     *  Remove a listener
     *
     *  @param propertyName the property which was watched
     *  @param listener the listener
     **/
    public void removePropertyChangeListener(String propertyName, PropertyChangeListener listener) {
        support.removePropertyChangeListener(propertyName, listener);
    }
    
    /**
     * {@inheritDoc}
     **/
    public void init(PeerGroup group, ID assignedID, Advertisement impl) throws PeerGroupException {
        
        peergroup = group;
        implAdvertisement = (ModuleImplAdvertisement) impl;
        
        if (Logging.SHOW_CONFIG && LOG.isLoggable(Level.CONFIG)) {
            StringBuilder configInfo = new StringBuilder("Configuring Password Membership Service : " + assignedID);

            configInfo.append("\n\tImplementation:");
            configInfo.append("\n\t\tModule Spec ID: " + implAdvertisement.getModuleSpecID());
            configInfo.append("\n\t\tImpl Description : " + implAdvertisement.getDescription());
            configInfo.append("\n\t\tImpl URI : " + implAdvertisement.getUri());
            configInfo.append("\n\t\tImpl Code : " + implAdvertisement.getCode());
            configInfo.append("\n\tGroup Params:");
            configInfo.append("\n\t\tGroup: " + group.getPeerGroupName());
            configInfo.append("\n\t\tGroup ID: " + group.getPeerGroupID());
            configInfo.append("\n\t\tPeer ID: " + group.getPeerID());
            LOG.config(configInfo.toString());
        }
        
        PeerGroupAdvertisement configAdv = group.getPeerGroupAdvertisement();
        
        XMLElement myParam = (XMLElement) configAdv.getServiceParam(assignedID);
        
        logins = new HashMap();
        
        if (null == myParam) {
            throw new PeerGroupException("parameters for group passwords missing");
        }
        
        for (Enumeration allLogins = myParam.getChildren(); allLogins.hasMoreElements();) {
            XMLElement aLogin = (XMLElement) allLogins.nextElement();

            if (aLogin.getName().equals("login")) {
                String etcPasswd = aLogin.getTextValue();
                int nextDelim = etcPasswd.indexOf(':');

                if (-1 == nextDelim) {
                    continue;
                }
                String login = etcPasswd.substring(0, nextDelim).trim();
                int lastDelim = etcPasswd.indexOf(':', nextDelim + 1);
                String passwd = etcPasswd.substring(nextDelim + 1, lastDelim);

                if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
                    LOG.fine("Adding login : \'" + login + "\' with encoded password : \'" + passwd + "\'");
                }
                logins.put(login, passwd);
            }
        }
        
        // FIXME    20010327    bondolo@jxta.org Make up the signed bit.
        
        // We initialise our set of principals to the resigned state.
        resign();
    }
    
    /**
     * {@inheritDoc}
     **/
    public Service getInterface() {
        return this;
    }
    
    /**
     * {@inheritDoc}
     **/
    public Advertisement getImplAdvertisement() {
        return implAdvertisement;
    }
    
    /**
     * {@inheritDoc}
     *
     * <p/>Currently this service starts by itself and does not expect
     * arguments.
     */
    public int startApp(String[] arg) {
        return 0;
    }
    
    /**
     * {@inheritDoc}
     *
     * <p/>This request is currently ignored.
     **/
    public void stopApp() {
        resign();
    }
    
    /**
     * {@inheritDoc}
     **/
    public Authenticator apply(AuthenticationCredential application) throws PeerGroupException, ProtocolNotSupportedException {
        
        String method = application.getMethod();
        
        if ((null != method) && !"StringAuthentication".equals(method) && !"PasswdAuthentication".equals(method)) {
            throw new ProtocolNotSupportedException("Authentication method not recognized");
        }
        
        return new PasswdAuthenticator(this, application);
    }
    
    /**
     * {@inheritDoc}
     **/
    public Credential getDefaultCredential() {
        return defaultCredential;
    }
    
    /**
     * {@inheritDoc}
     **/
    private void setDefaultCredential(Credential newDefault) {
        Credential oldDefault = defaultCredential;

        defaultCredential = newDefault;
        
        support.firePropertyChange("defaultCredential", oldDefault, newDefault);
    }
    
    /**
     * {@inheritDoc}
     **/
    public synchronized Enumeration<Credential> getCurrentCredentials() {
        return Collections.enumeration(principals);
    }
    
    /**
     * {@inheritDoc}
     **/
    public synchronized Enumeration<AuthenticationCredential> getAuthCredentials() {
        return Collections.enumeration(authCredentials);
    }
    
    /**
     * {@inheritDoc}
     **/
    public Credential join(Authenticator authenticated) throws PeerGroupException {
        
        if (!(authenticated instanceof PasswdAuthenticator)) {
            throw new ClassCastException("This is not my authenticator!");
        }
        
        if (this != authenticated.getSourceService()) {
            throw new ClassCastException("This is not my authenticator!");
        }
        
        if (!authenticated.isReadyForJoin()) {
            throw new PeerGroupException("Not Ready to join!");
        }
        
        String identity = ((PasswdAuthenticator) authenticated).getAuth1Identity();
        String password = ((PasswdAuthenticator) authenticated).getAuth2_Password();
        
        if (!checkPasswd(identity, password)) {
            throw new PeerGroupException("Incorrect Password!");
        }
        
        // FIXME    20010327    bondolo@jxta.org Make up the signed bit.
        
        Credential newCred;

        synchronized (this) {
            newCred = new PasswdCredential(this, identity, "blah");
            
            principals.add(newCred);
            
            authCredentials.add(authenticated.getAuthenticationCredential());
        }
        
        support.firePropertyChange("addCredential", null, newCred);
        
        if (null == getDefaultCredential()) {
            setDefaultCredential(newCred);
        }
        
        return newCred;
    }
    
    /**
     * {@inheritDoc}
     **/
    public synchronized void resign() {
        Iterator eachCred = Arrays.asList(principals.toArray()).iterator();
        
        synchronized (this) {
            principals.clear();
            authCredentials.clear();
        }
        
        setDefaultCredential(null);
        
        while (eachCred.hasNext()) {
            PasswdCredential aCred = (PasswdCredential) eachCred.next();
            
            aCred.setValid(false);
        }
    }
    
    /**
     * {@inheritDoc}
     **/
    public Credential makeCredential(Element element) throws PeerGroupException, Exception {
        
        return new PasswdCredential(this, element);
    }
    
    /**
     * Given an identity and an encoded password determine if the password is
     * correct.
     *
     * @param identity the identity which the user is trying to claim
     * @param passwd the password guess being tested.
     * @return true if the password was correct for the specified identity
     * otherwise false.
     **/
    private boolean checkPasswd(String identity, String passwd) {
        boolean result;
        
        if (!logins.containsKey(identity)) {
            return false;
        }
        
        String encodedPW = makePsswd(passwd);
        
        if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
            LOG.fine("Password \'" + passwd + "\' encodes as: \'" + encodedPW + "\'");
        }
        
        String mustMatch = (String) logins.get(identity);
        
        // if there is a null password for this identity then match everything.
        if (mustMatch.equals("")) {
            return true;
        }
        
        result = encodedPW.equals(mustMatch);
        
        return result;
    }
    
    /**
     *  This is the method used to make the password strings. We only provide
     *  one way encoding since we can compare the encoded strings.
     *
     *  <p/>FIXME 20010402  bondolo : switch to use the standard
     *  crypt(3) algorithm for encoding the passwords. The current algorithm has
     *  been breakable since ancient times, crypt(3) is also weak, but harder to
     *  break.
     *
     *   @param source  the string to encode
     *   @return String the encoded version of the password.
     *
     **/
    public static String makePsswd(String source) {

        /**
         *
         * A->D  B->Q  C->K  D->W  E->H  F->R  G->T  H->E  I->N  J->O  K->G  L->X  M->C
         * N->V  O->Y  P->S  Q->F  R->J  S->P  T->I  U->L  V->Z  W->A  X->B  Y->M  Z->U
         *
         **/
        
        final String xlateTable = "DQKWHRTENOGXCVYSFJPILZABMU";
        
        StringBuilder work = new StringBuilder(source);
        
        for (int eachChar = work.length() - 1; eachChar >= 0; eachChar--) {
            char aChar = Character.toUpperCase(work.charAt(eachChar));
            
            int replaceIdx = xlateTable.indexOf(aChar);

            if (-1 != replaceIdx) {
                work.setCharAt(eachChar, (char) ('A' + replaceIdx));
            }
        }
        
        return work.toString();
    }
}