Revision 509
Added by bojilova over 23 years ago
| src/edu/ucsb/nceas/metacat/AuthSession.java | ||
|---|---|---|
| 25 | 25 |
public class AuthSession {
|
| 26 | 26 |
|
| 27 | 27 |
private String authClass = null; |
| 28 |
|
|
| 29 | 28 |
private HttpSession session = null; |
| 30 | 29 |
private AuthInterface authService = null; |
| 31 |
private boolean isAuthenticated = false; |
|
| 32 | 30 |
private String statusMessage = null; |
| 33 | 31 |
|
| 34 | 32 |
/** |
| 35 | 33 |
* Construct an AuthSession |
| 36 |
* |
|
| 37 |
* @param request the request made from the client |
|
| 38 |
* @param username the username entered when login |
|
| 39 |
* @param password the password entered when login |
|
| 40 | 34 |
*/ |
| 41 |
public AuthSession(HttpServletRequest request, |
|
| 42 |
String username, String password) |
|
| 43 |
throws IllegalStateException {
|
|
| 35 |
public AuthSession() throws Exception {
|
|
| 44 | 36 |
|
| 45 |
// Initialize attributes |
|
| 46 |
isAuthenticated = false; |
|
| 47 |
|
|
| 48 | 37 |
// Determine our session authentication method and |
| 49 | 38 |
// create an instance of the auth class |
| 50 | 39 |
MetaCatUtil util = new MetaCatUtil(); |
| 51 | 40 |
authClass = util.getOption("authclass");
|
| 52 | 41 |
authService = (AuthInterface)createObject(authClass); |
| 53 |
|
|
| 54 |
// get the current session object, create one if necessary |
|
| 55 |
session = request.getSession(true); |
|
| 56 |
|
|
| 57 |
// if it is still in use invalidate and get a new one |
|
| 58 |
if ( !session.isNew() ) {
|
|
| 59 |
session.invalidate(); |
|
| 60 |
session = request.getSession(true); |
|
| 61 |
} |
|
| 62 |
// store username & password in the session for later use, especially by |
|
| 63 |
// the authenticate() method |
|
| 64 |
session.setMaxInactiveInterval(-1); |
|
| 65 |
session.setAttribute("username", username);
|
|
| 66 |
session.setAttribute("password", password);
|
|
| 67 |
session.setAttribute("isAuthenticated", new Boolean(isAuthenticated));
|
|
| 42 |
|
|
| 68 | 43 |
} |
| 69 | 44 |
|
| 70 | 45 |
/** |
| 71 | 46 |
* determine if the credentials for this session are valid by |
| 72 | 47 |
* authenticating them using the authService configured for this session. |
| 73 |
* Data for authenticating is derived from the attributes stored in |
|
| 74 |
* the session object. |
|
| 48 |
* |
|
| 49 |
* @param request the request made from the client |
|
| 50 |
* @param username the username entered when login |
|
| 51 |
* @param password the password entered when login |
|
| 75 | 52 |
*/ |
| 76 |
public boolean authenticate() |
|
| 77 |
{
|
|
| 78 |
String out = null; |
|
| 79 |
String username = (String)session.getAttribute("username");
|
|
| 80 |
String password = (String)session.getAttribute("password");
|
|
| 53 |
public boolean authenticate(HttpServletRequest request, |
|
| 54 |
String username, String password) {
|
|
| 55 |
|
|
| 56 |
String message = null; |
|
| 81 | 57 |
|
| 82 | 58 |
try {
|
| 83 | 59 |
if ( authService.authenticate(username, password) ) {
|
| 84 |
this.isAuthenticated = true; |
|
| 85 |
this.session.setAttribute("isAuthenticated",
|
|
| 86 |
new Boolean(isAuthenticated)); |
|
| 87 |
String message = "User Authentication successful"; |
|
| 60 |
this.session = getSession(request, username, password); |
|
| 61 |
message = "User Authentication successful"; |
|
| 88 | 62 |
this.statusMessage = formatOutput("success", message);
|
| 63 |
return true; |
|
| 89 | 64 |
} else {
|
| 90 |
String message = "Authentication failed for user: " + username; |
|
| 91 |
invalidate(message); |
|
| 65 |
message = "Authentication failed for user: " + username; |
|
| 92 | 66 |
} |
| 93 | 67 |
} catch ( ConnectException ce ) {
|
| 94 |
String message = "Connection to the authentication service failed. "
|
|
| 68 |
message = "Connection to the authentication service failed. " |
|
| 95 | 69 |
+ ce.getMessage(); |
| 96 |
invalidate(message); |
|
| 70 |
} catch ( IllegalStateException ise ) {
|
|
| 71 |
message = ise.getMessage(); |
|
| 97 | 72 |
} |
| 98 |
return this.isAuthenticated; |
|
| 73 |
|
|
| 74 |
this.statusMessage = formatOutput("error", message);
|
|
| 75 |
return false; |
|
| 99 | 76 |
} |
| 100 | 77 |
|
| 78 |
/** Get new HttpSession and store username & password in it */ |
|
| 79 |
private HttpSession getSession(HttpServletRequest request, |
|
| 80 |
String username, String password) |
|
| 81 |
throws IllegalStateException {
|
|
| 82 |
|
|
| 83 |
// get the current session object, create one if necessary |
|
| 84 |
HttpSession session = request.getSession(true); |
|
| 85 |
|
|
| 86 |
// if it is still in use invalidate and get a new one |
|
| 87 |
if ( !session.isNew() ) {
|
|
| 88 |
session.invalidate(); |
|
| 89 |
session = request.getSession(true); |
|
| 90 |
} |
|
| 91 |
// store username & password in the session for later use, especially by |
|
| 92 |
// the authenticate() method |
|
| 93 |
session.setMaxInactiveInterval(-1); |
|
| 94 |
session.setAttribute("username", username);
|
|
| 95 |
session.setAttribute("password", password);
|
|
| 96 |
|
|
| 97 |
return session; |
|
| 98 |
} |
|
| 99 |
|
|
| 101 | 100 |
/** |
| 102 | 101 |
* Get the message associated with authenticating this session. The |
| 103 | 102 |
* message is formatted in XML. |
| ... | ... | |
| 107 | 106 |
return this.statusMessage; |
| 108 | 107 |
} |
| 109 | 108 |
|
| 109 |
/* NOT NEEDED |
|
| 110 | 110 |
/** |
| 111 | 111 |
* Determine if the session has been successfully authenticated |
| 112 | 112 |
* @returns boolean true if authentication was successful, false otherwise |
| 113 | 113 |
*/ |
| 114 |
/* |
|
| 114 | 115 |
public boolean isAuthenticated() |
| 115 | 116 |
{
|
| 116 | 117 |
return this.isAuthenticated; |
| 117 | 118 |
} |
| 119 |
*/ |
|
| 118 | 120 |
|
| 121 |
/* NOT NEEDED |
|
| 119 | 122 |
/** |
| 120 | 123 |
* Invalidate this HTTPSession object. |
| 121 | 124 |
* All objects stored in the session are unbound. |
| 122 | 125 |
*/ |
| 126 |
/* |
|
| 123 | 127 |
private void invalidate(String message) |
| 124 | 128 |
{
|
| 125 | 129 |
this.isAuthenticated = false; |
| ... | ... | |
| 128 | 132 |
this.session.setAttribute("statusMessage", this.statusMessage);
|
| 129 | 133 |
this.session.invalidate(); |
| 130 | 134 |
} |
| 131 |
|
|
| 135 |
*/ |
|
| 132 | 136 |
/* |
| 133 | 137 |
* format the output in xml for processing from client applications |
| 134 | 138 |
* |
| ... | ... | |
| 158 | 162 |
* |
| 159 | 163 |
* @param className the fully qualified name of the class to instantiate |
| 160 | 164 |
*/ |
| 161 |
private static Object createObject(String className) |
|
| 162 |
{
|
|
| 165 |
private static Object createObject(String className) throws Exception {
|
|
| 166 |
|
|
| 163 | 167 |
Object object = null; |
| 164 | 168 |
try {
|
| 165 | 169 |
Class classDefinition = Class.forName(className); |
| 166 | 170 |
object = classDefinition.newInstance(); |
| 167 | 171 |
} catch (InstantiationException e) {
|
| 168 |
System.out.println(e);
|
|
| 172 |
throw e;
|
|
| 169 | 173 |
} catch (IllegalAccessException e) {
|
| 170 |
System.out.println(e);
|
|
| 174 |
throw e;
|
|
| 171 | 175 |
} catch (ClassNotFoundException e) {
|
| 172 |
System.out.println(e);
|
|
| 176 |
throw e;
|
|
| 173 | 177 |
} |
| 174 | 178 |
return object; |
| 175 | 179 |
} |
| src/edu/ucsb/nceas/metacat/MetaCatServlet.java | ||
|---|---|---|
| 210 | 210 |
params.put(name,value); |
| 211 | 211 |
} |
| 212 | 212 |
|
| 213 |
//if the user clicked on the input images, decode which image |
|
| 214 |
//was clicked then set the action. |
|
| 213 | 215 |
String action = ((String[])params.get("action"))[0];
|
| 214 | 216 |
util.debugMessage("Line 213: Action is: " + action);
|
| 215 |
//if the user clicked on the input images, decode which image |
|
| 216 |
//was clicked then set the action. |
|
| 217 |
|
|
| 217 | 218 |
//MBJELIMINATE String action = decodeMouseAction(params); |
| 218 | 219 |
//if(action.equals("error"))
|
| 219 | 220 |
//{
|
| 220 |
// util.debugMessage("Line 218: Action is: " + action);
|
|
| 221 |
//util.debugMessage("Line 218: Action is: " + action);
|
|
| 221 | 222 |
//action = ((String[])params.get("action"))[0];
|
| 222 | 223 |
//} |
| 223 | 224 |
|
| 224 | 225 |
// This block handles session management for the servlet |
| 225 | 226 |
// by looking up the current session information for all actions |
| 226 |
// other than "Login" and "Logout" |
|
| 227 |
// handle login action |
|
| 227 |
// other than "login" and "logout" |
|
| 228 | 228 |
String username = null; |
| 229 | 229 |
String groupname = null; |
| 230 |
if (action.equals("Login") || action.equals("Login Client")) {
|
|
| 230 |
|
|
| 231 |
// handle login action |
|
| 232 |
if (action.equals("login")) {
|
|
| 233 |
|
|
| 231 | 234 |
handleLoginAction(response.getWriter(), params, request, response); |
| 235 |
|
|
| 232 | 236 |
// handle logout action |
| 233 |
} else if (action.equals("Logout") || action.equals("Logout Client")) {
|
|
| 234 |
HttpSession sess = request.getSession(false); |
|
| 235 |
if (sess != null) { sess.invalidate(); }
|
|
| 236 |
if (action.equals("Logout Client")) {
|
|
| 237 |
PrintWriter out = response.getWriter(); |
|
| 238 |
out.println("<?xml version=\"1.0\"?>");
|
|
| 239 |
out.println("<success>");
|
|
| 240 |
out.println("User logout.");
|
|
| 241 |
out.println("</success>");
|
|
| 242 |
return; |
|
| 243 |
} |
|
| 237 |
} else if (action.equals("logout")) {
|
|
| 244 | 238 |
|
| 245 |
response.sendRedirect(htmlpath + "/index.html");
|
|
| 239 |
handleLogoutAction(response.getWriter(), params, request, response);
|
|
| 246 | 240 |
|
| 247 | 241 |
// aware of session expiration on every request |
| 248 | 242 |
} else {
|
| 243 |
|
|
| 249 | 244 |
HttpSession sess = request.getSession(true); |
| 250 | 245 |
if (sess.isNew()) {
|
| 251 | 246 |
// session expired or has not been stored b/w user requests |
| 252 |
// redirect to default page for query only access |
|
| 253 |
// response.sendRedirect(htmlpath + "/sexpire.html"); |
|
| 254 | 247 |
username = "public"; |
| 255 | 248 |
} else {
|
| 256 | 249 |
username = (String)sess.getAttribute("username");
|
| ... | ... | |
| 298 | 291 |
} |
| 299 | 292 |
else if (action.equals("insert") || action.equals("update")) {
|
| 300 | 293 |
PrintWriter out = response.getWriter(); |
| 301 |
if ( !username.equals("public") && (username != null) ) {
|
|
| 294 |
if ( (username != null) && !username.equals("public") ) {
|
|
| 302 | 295 |
handleInsertOrUpdateAction(out, params, response, username, groupname); |
| 303 | 296 |
} else {
|
| 304 | 297 |
out.println("Permission denied for " + action);
|
| 305 | 298 |
} |
| 306 | 299 |
} else if (action.equals("delete")) {
|
| 307 | 300 |
PrintWriter out = response.getWriter(); |
| 308 |
if ( !username.equals("public") && (username != null) ) {
|
|
| 301 |
if ( (username != null) && !username.equals("public") ) {
|
|
| 309 | 302 |
handleDeleteAction(out, params, response, username, groupname); |
| 310 | 303 |
} else {
|
| 311 | 304 |
out.println("Permission denied for " + action);
|
| ... | ... | |
| 332 | 325 |
} else if (action.equals("getdataguide")) {
|
| 333 | 326 |
PrintWriter out = response.getWriter(); |
| 334 | 327 |
handleGetDataGuideAction(out, params, response); |
| 335 |
} else if (action.equals("Login") || action.equals("Login Client")) {
|
|
| 328 |
} else if (action.equals("login") || action.equals("logout")) {
|
|
| 336 | 329 |
} else {
|
| 337 | 330 |
PrintWriter out = response.getWriter(); |
| 338 | 331 |
out.println("Error: action not registered. Please report this error.");
|
| ... | ... | |
| 379 | 372 |
} |
| 380 | 373 |
|
| 381 | 374 |
/** |
| 382 |
* Handle the Login request. Create a new session object.
|
|
| 375 |
* Handle the login request. Create a new session object.
|
|
| 383 | 376 |
* Do user authentication through the session. |
| 384 | 377 |
*/ |
| 385 | 378 |
private void handleLoginAction(PrintWriter out, Hashtable params, |
| ... | ... | |
| 389 | 382 |
String un = ((String[])params.get("username"))[0];
|
| 390 | 383 |
String pw = ((String[])params.get("password"))[0];
|
| 391 | 384 |
String action = ((String[])params.get("action"))[0];
|
| 385 |
String qformat = ((String[])params.get("qformat"))[0];
|
|
| 392 | 386 |
|
| 393 | 387 |
try {
|
| 394 |
sess = new AuthSession(request, un, pw);
|
|
| 388 |
sess = new AuthSession(); |
|
| 395 | 389 |
} catch (Exception e) {
|
| 396 | 390 |
out.println(e.getMessage()); |
| 391 |
return; |
|
| 397 | 392 |
} |
| 398 | 393 |
|
| 399 |
String output = null;
|
|
| 400 |
boolean isValid = sess.authenticate(); |
|
| 401 |
if (action.equals("Login Client")) {
|
|
| 402 |
out.println(sess.getMessage());
|
|
| 403 |
} else {
|
|
| 394 |
boolean isValid = sess.authenticate(request, un, pw);
|
|
| 395 |
|
|
| 396 |
// format and transform the output
|
|
| 397 |
if (qformat.equals("html")) {
|
|
| 398 |
Connection conn = null;
|
|
| 404 | 399 |
try {
|
| 400 |
conn = util.getConnection(); |
|
| 401 |
DBTransform trans = new DBTransform(conn); |
|
| 402 |
response.setContentType("text/html");
|
|
| 403 |
// user authentication successful |
|
| 405 | 404 |
if (isValid) {
|
| 406 |
if (un.equals("public")) {
|
|
| 407 |
response.sendRedirect( |
|
| 408 |
response.encodeRedirectUrl(htmlpath + "/index.html")); |
|
| 409 |
} else {
|
|
| 410 |
response.sendRedirect( |
|
| 405 |
// trans.transformXMLDocument(sess.getMessage(), "-//NCEAS//login//EN", |
|
| 406 |
// "-//W3C//HTML//EN", out); |
|
| 407 |
response.sendRedirect( |
|
| 411 | 408 |
response.encodeRedirectUrl(htmlpath + "/metacat.html")); |
| 412 |
} |
|
| 409 |
|
|
| 410 |
// unsuccessful user authentication |
|
| 413 | 411 |
} else {
|
| 414 |
response.sendRedirect( |
|
| 415 |
response.encodeRedirectUrl(htmlpath + "/login.html")); |
|
| 412 |
// trans.transformXMLDocument(sess.getMessage(), "-//NCEAS//nologin//EN", |
|
| 413 |
// "-//W3C//HTML//EN", out); |
|
| 414 |
response.sendRedirect(htmlpath + "/login.html"); |
|
| 416 | 415 |
} |
| 417 |
} catch ( java.io.IOException ioe) {
|
|
| 418 |
String message = "handleLoginAction() - " + |
|
| 419 |
"Error on redirect of HttpServletResponse: " + |
|
| 420 |
ioe.getMessage(); |
|
| 421 |
out.println(message); |
|
| 422 |
} |
|
| 416 |
util.returnConnection(conn); |
|
| 417 |
} catch(Exception e) {
|
|
| 418 |
util.returnConnection(conn); |
|
| 419 |
} |
|
| 420 |
|
|
| 421 |
// any output is returned |
|
| 422 |
} else {
|
|
| 423 |
response.setContentType("text/xml");
|
|
| 424 |
out.println(sess.getMessage()); |
|
| 423 | 425 |
} |
| 426 |
|
|
| 427 |
// if (action.equals("Login Client")) {
|
|
| 428 |
// out.println(sess.getMessage()); |
|
| 429 |
// } else {
|
|
| 430 |
// try {
|
|
| 431 |
// if (isValid) {
|
|
| 432 |
// if (un.equals("public")) {
|
|
| 433 |
// response.sendRedirect( |
|
| 434 |
// response.encodeRedirectUrl(htmlpath + "/index.html")); |
|
| 435 |
// } else {
|
|
| 436 |
// response.sendRedirect( |
|
| 437 |
// response.encodeRedirectUrl(htmlpath + "/metacat.html")); |
|
| 438 |
// } |
|
| 439 |
// } else {
|
|
| 440 |
// response.sendRedirect(htmlpath + "/login.html"); |
|
| 441 |
// } |
|
| 442 |
// } catch ( java.io.IOException ioe) {
|
|
| 443 |
// String message = "handleLoginAction() - " + |
|
| 444 |
// "Error on redirect of HttpServletResponse: " + |
|
| 445 |
// ioe.getMessage(); |
|
| 446 |
// out.println(message); |
|
| 447 |
// } |
|
| 448 |
// } |
|
| 424 | 449 |
} |
| 450 |
|
|
| 451 |
/** |
|
| 452 |
* Handle the logout request. Close the connection. |
|
| 453 |
*/ |
|
| 454 |
private void handleLogoutAction(PrintWriter out, Hashtable params, |
|
| 455 |
HttpServletRequest request, HttpServletResponse response) {
|
|
| 456 |
|
|
| 457 |
String qformat = ((String[])params.get("qformat"))[0];
|
|
| 458 |
|
|
| 459 |
// close the connection |
|
| 460 |
HttpSession sess = request.getSession(false); |
|
| 461 |
if (sess != null) { sess.invalidate(); }
|
|
| 462 |
|
|
| 463 |
// produce output |
|
| 464 |
StringBuffer output = new StringBuffer(); |
|
| 465 |
output.append("<?xml version=\"1.0\"?>");
|
|
| 466 |
output.append("<success>");
|
|
| 467 |
output.append("User logout.");
|
|
| 468 |
output.append("</success>");
|
|
| 469 |
|
|
| 470 |
//format and transform the output |
|
| 471 |
if (qformat.equals("html")) {
|
|
| 472 |
Connection conn = null; |
|
| 473 |
try {
|
|
| 474 |
conn = util.getConnection(); |
|
| 475 |
DBTransform trans = new DBTransform(conn); |
|
| 476 |
response.setContentType("text/html");
|
|
| 477 |
//trans.transformXMLDocument(output, "-//NCEAS//logout//EN", |
|
| 478 |
// "-//W3C//HTML//EN", out); |
|
| 479 |
response.sendRedirect(htmlpath + "/index.html"); |
|
| 480 |
util.returnConnection(conn); |
|
| 481 |
} catch(Exception e) {
|
|
| 482 |
util.returnConnection(conn); |
|
| 483 |
} |
|
| 484 |
// any output is returned |
|
| 485 |
} else {
|
|
| 486 |
response.setContentType("text/xml");
|
|
| 487 |
out.println(output.toString()); |
|
| 488 |
} |
|
| 489 |
|
|
| 490 |
} |
|
| 491 |
|
|
| 425 | 492 |
|
| 426 | 493 |
/** |
| 427 | 494 |
* Retreive the squery xml, execute it and display it |
| src/edu/ucsb/nceas/metacat/AuthMcat.java | ||
|---|---|---|
| 1 |
/** |
|
| 2 |
* '$RCSfile$' |
|
| 3 |
* Purpose: An implementation of the AuthInterface interface that |
|
| 4 |
* allows Metacat to use the SRB/MCAT for authentication |
|
| 5 |
* Copyright: 2000 Regents of the University of California and the |
|
| 6 |
* National Center for Ecological Analysis and Synthesis |
|
| 7 |
* Authors: Jivka Bojilova |
|
| 8 |
* Release: @release@ |
|
| 9 |
* |
|
| 10 |
* '$Author$' |
|
| 11 |
* '$Date$' |
|
| 12 |
* '$Revision$' |
|
| 13 |
*/ |
|
| 14 |
|
|
| 15 |
package edu.ucsb.nceas.metacat; |
|
| 16 |
|
|
| 17 |
import java.net.ConnectException; |
|
| 18 |
|
|
| 19 |
import java.util.Iterator; |
|
| 20 |
import java.util.HashMap; |
|
| 21 |
import java.util.Hashtable; |
|
| 22 |
import java.util.Set; |
|
| 23 |
import java.util.Vector; |
|
| 24 |
import java.rmi.*; |
|
| 25 |
import SrbJavaGlueInterface; |
|
| 26 |
import RMIControllerInterface; |
|
| 27 |
import java.util.PropertyResourceBundle; |
|
| 28 |
|
|
| 29 |
/** |
|
| 30 |
* An implementation of the AuthInterface interface that |
|
| 31 |
* allows Metacat to use the SRB/MCAT for authentication. |
|
| 32 |
* The SRB/MCAT authentication service is used to determine if a user |
|
| 33 |
* is authenticated, and whether they are a member of a particular group. |
|
| 34 |
*/ |
|
| 35 |
class AuthMcat implements AuthInterface {
|
|
| 36 |
|
|
| 37 |
String username = null; |
|
| 38 |
String password = null; |
|
| 39 |
|
|
| 40 |
// DCS-ATTRIBUTE-INDEX |
|
| 41 |
// They are from mdasC_db2_externs.h. |
|
| 42 |
final static int USER_NAME = 7; |
|
| 43 |
final static int USER_GROUP_NAME = 3; |
|
| 44 |
|
|
| 45 |
// JNI (Java Native Interface) routines for SRB |
|
| 46 |
static String srbHost; |
|
| 47 |
static String srbPort; |
|
| 48 |
static String RMIhost; |
|
| 49 |
static RMIControllerInterface rmicon; |
|
| 50 |
static SrbJavaGlueInterface srbJG; |
|
| 51 |
static {
|
|
| 52 |
try {
|
|
| 53 |
PropertyResourceBundle SRBProps = null; |
|
| 54 |
// SRB properties that tells about the location of SRB RMI Server |
|
| 55 |
// srbProps.properties should reside on metacat server |
|
| 56 |
SRBProps = (PropertyResourceBundle) |
|
| 57 |
PropertyResourceBundle.getBundle("edu.ucsb.nceas.metacat.srbProps");
|
|
| 58 |
srbHost = (String)SRBProps.handleGetObject("host");
|
|
| 59 |
srbPort = (String)SRBProps.handleGetObject("port");
|
|
| 60 |
// should handle missing RMIhost name here |
|
| 61 |
RMIhost = (String)SRBProps.handleGetObject("RMIhost");
|
|
| 62 |
String name = "//" + RMIhost + "/RMIController"; |
|
| 63 |
rmicon = (RMIControllerInterface)Naming.lookup(name); |
|
| 64 |
name = "//" + RMIhost + "/SrbJavaGlue"; |
|
| 65 |
srbJG = (SrbJavaGlueInterface)Naming.lookup(name); |
|
| 66 |
} catch (Exception e) {
|
|
| 67 |
System.err.println("AuthMcat static: " + e.getMessage());
|
|
| 68 |
} |
|
| 69 |
} |
|
| 70 |
|
|
| 71 |
|
|
| 72 |
/** |
|
| 73 |
* Determine if a user/password are valid according to the authentication |
|
| 74 |
* service. |
|
| 75 |
* |
|
| 76 |
* @param user the name of the principal to authenticate |
|
| 77 |
* @param password the password to use for authentication |
|
| 78 |
* @returns boolean true if authentication successful, false otherwise |
|
| 79 |
*/ |
|
| 80 |
public boolean authenticate(String user, String password) |
|
| 81 |
throws ConnectException |
|
| 82 |
{
|
|
| 83 |
try {
|
|
| 84 |
// make connection to SRB. |
|
| 85 |
int srbconn = srbConnect(user, password); |
|
| 86 |
if ( srbconn > 0 ) {
|
|
| 87 |
// disconnect from SRB |
|
| 88 |
srbDisconnect(srbconn); |
|
| 89 |
return true; |
|
| 90 |
} |
|
| 91 |
|
|
| 92 |
} catch ( RemoteException re) {
|
|
| 93 |
throw new ConnectException(re.getMessage()); |
|
| 94 |
} |
|
| 95 |
|
|
| 96 |
return false; |
|
| 97 |
} |
|
| 98 |
|
|
| 99 |
/** |
|
| 100 |
* Get all users from the authentication service |
|
| 101 |
*/ |
|
| 102 |
public String[] getUsers(String user, String password) |
|
| 103 |
throws ConnectException |
|
| 104 |
{
|
|
| 105 |
|
|
| 106 |
try {
|
|
| 107 |
// make connection to SRB. |
|
| 108 |
int srbconn = srbConnect(user, password); |
|
| 109 |
if ( srbconn > 0 ) {
|
|
| 110 |
// get all users |
|
| 111 |
String[] userlist = getUsernames(srbconn); |
|
| 112 |
// disconnect from SRB |
|
| 113 |
srbDisconnect(srbconn); |
|
| 114 |
return userlist; |
|
| 115 |
} |
|
| 116 |
|
|
| 117 |
} catch ( RemoteException re) {
|
|
| 118 |
throw new ConnectException(re.getMessage()); |
|
| 119 |
} |
|
| 120 |
|
|
| 121 |
return null; |
|
| 122 |
} |
|
| 123 |
|
|
| 124 |
/** |
|
| 125 |
* Get the users for a particular group from the authentication service |
|
| 126 |
*/ |
|
| 127 |
public String[] getUsers(String user, String password, String group) |
|
| 128 |
throws ConnectException |
|
| 129 |
{
|
|
| 130 |
try {
|
|
| 131 |
// make connection to SRB. |
|
| 132 |
int srbconn = srbConnect(user, password); |
|
| 133 |
if ( srbconn > 0 ) {
|
|
| 134 |
// get users for @group |
|
| 135 |
String[] userlist = getUsernames(srbconn, group); |
|
| 136 |
// disconnect from SRB |
|
| 137 |
srbDisconnect(srbconn); |
|
| 138 |
return userlist; |
|
| 139 |
} |
|
| 140 |
|
|
| 141 |
} catch ( RemoteException re) {
|
|
| 142 |
throw new ConnectException(re.getMessage()); |
|
| 143 |
} |
|
| 144 |
|
|
| 145 |
return null; |
|
| 146 |
} |
|
| 147 |
|
|
| 148 |
/** |
|
| 149 |
* Get all groups from the authentication service |
|
| 150 |
*/ |
|
| 151 |
public String[] getGroups(String user, String password) |
|
| 152 |
throws ConnectException |
|
| 153 |
{
|
|
| 154 |
try {
|
|
| 155 |
// make connection to SRB. |
|
| 156 |
int srbconn = srbConnect(user, password); |
|
| 157 |
if ( srbconn > 0 ) {
|
|
| 158 |
// get all group |
|
| 159 |
String[] userlist = getGroupnames(srbconn); |
|
| 160 |
// disconnect from SRB |
|
| 161 |
srbDisconnect(srbconn); |
|
| 162 |
return userlist; |
|
| 163 |
} |
|
| 164 |
|
|
| 165 |
} catch ( RemoteException re) {
|
|
| 166 |
throw new ConnectException(re.getMessage()); |
|
| 167 |
} |
|
| 168 |
|
|
| 169 |
return null; |
|
| 170 |
} |
|
| 171 |
|
|
| 172 |
/** |
|
| 173 |
* Get the groups for a particular user from the authentication service |
|
| 174 |
*/ |
|
| 175 |
public String[] getGroups(String user, String password, String foruser) |
|
| 176 |
throws ConnectException |
|
| 177 |
{
|
|
| 178 |
try {
|
|
| 179 |
// make connection to SRB. |
|
| 180 |
int srbconn = srbConnect(user, password); |
|
| 181 |
if ( srbconn > 0 ) {
|
|
| 182 |
// get groups for @foruser |
|
| 183 |
String[] userlist = getGroupnames(srbconn, foruser); |
|
| 184 |
// disconnect from SRB |
|
| 185 |
srbDisconnect(srbconn); |
|
| 186 |
return userlist; |
|
| 187 |
} |
|
| 188 |
|
|
| 189 |
} catch ( RemoteException re) {
|
|
| 190 |
throw new ConnectException(re.getMessage()); |
|
| 191 |
} |
|
| 192 |
|
|
| 193 |
return null; |
|
| 194 |
} |
|
| 195 |
|
|
| 196 |
/** |
|
| 197 |
* Get attributes describing a user or group |
|
| 198 |
* |
|
| 199 |
* @param user the user for which the attribute list is requested |
|
| 200 |
* @returns HashMap a map of attribute name to a Vector of values |
|
| 201 |
*/ |
|
| 202 |
public HashMap getAttributes(String user) |
|
| 203 |
throws ConnectException |
|
| 204 |
{
|
|
| 205 |
return getAttributes(user, null, null); |
|
| 206 |
} |
|
| 207 |
|
|
| 208 |
/** |
|
| 209 |
* Get attributes describing a user or group |
|
| 210 |
* |
|
| 211 |
* @param user the user for which the attribute list is requested |
|
| 212 |
* @param authuser the user for authenticating against the service |
|
| 213 |
* @param password the password for authenticating against the service |
|
| 214 |
* @returns HashMap a map of attribute name to a Vector of values |
|
| 215 |
*/ |
|
| 216 |
public HashMap getAttributes(String user, String authuser, String password) |
|
| 217 |
throws ConnectException |
|
| 218 |
{
|
|
| 219 |
// NOT IMPLEMENTED YET |
|
| 220 |
return null; |
|
| 221 |
} |
|
| 222 |
|
|
| 223 |
/** |
|
| 224 |
* Get SRB RMI Connection |
|
| 225 |
*/ |
|
| 226 |
private int srbConnect(String username, String password) |
|
| 227 |
throws RemoteException {
|
|
| 228 |
|
|
| 229 |
int srbconn = 0; |
|
| 230 |
|
|
| 231 |
// look up for SRBJavaGlue |
|
| 232 |
try {
|
|
| 233 |
String name = "//" + RMIhost + "/SrbJavaGlue"; |
|
| 234 |
srbJG = (SrbJavaGlueInterface)Naming.lookup(name); |
|
| 235 |
} catch (Exception e) {
|
|
| 236 |
try {
|
|
| 237 |
rmicon.restart(); |
|
| 238 |
} catch (Exception rmie) {}
|
|
| 239 |
// The SRB server is not running or it is busy now |
|
| 240 |
throw new |
|
| 241 |
RemoteException("AuthMcat look up for SrbJavaGlue failed");
|
|
| 242 |
} |
|
| 243 |
|
|
| 244 |
// try SRB RMI Connection |
|
| 245 |
// integer value of the SBR Connection ID is returned only |
|
| 246 |
try {
|
|
| 247 |
srbconn = srbJG.rmiConnectJ( srbHost, srbPort, password, username ); |
|
| 248 |
} catch (RemoteException e) {
|
|
| 249 |
try {
|
|
| 250 |
rmicon.restart(); |
|
| 251 |
} catch (Exception rmie) {}
|
|
| 252 |
throw new RemoteException("AuthMcat.userAuth() - " +
|
|
| 253 |
"Error on rmiConnectJ(): " + e.getMessage()); |
|
| 254 |
} |
|
| 255 |
|
|
| 256 |
// check if successfull |
|
| 257 |
if ( srbconn == 0 ) {
|
|
| 258 |
throw new RemoteException("The SRB Server is not running or it is busy now");
|
|
| 259 |
} else if ( srbconn < 0 ) {
|
|
| 260 |
try {
|
|
| 261 |
rmicon.restart(); |
|
| 262 |
} catch (Exception rmie) {}
|
|
| 263 |
return srbconn; |
|
| 264 |
} |
|
| 265 |
|
|
| 266 |
return srbconn; |
|
| 267 |
|
|
| 268 |
} |
|
| 269 |
|
|
| 270 |
/** |
|
| 271 |
* Close SRB RMI Connection |
|
| 272 |
*/ |
|
| 273 |
private void srbDisconnect(int srbconn) throws RemoteException |
|
| 274 |
{
|
|
| 275 |
try {
|
|
| 276 |
int err = srbJG.rmiFinishJ( srbconn ); |
|
| 277 |
} catch (RemoteException e) {}
|
|
| 278 |
|
|
| 279 |
} |
|
| 280 |
|
|
| 281 |
// get the names of groups for given user |
|
| 282 |
private String[] getGroupnames (int conn, String username) |
|
| 283 |
throws RemoteException {
|
|
| 284 |
String[] qval; |
|
| 285 |
int[] qvalInx; |
|
| 286 |
int[] selVal; |
|
| 287 |
|
|
| 288 |
qval = new String [2]; |
|
| 289 |
qval[0] = new String (" not like '%$deleted%'");
|
|
| 290 |
qval[1] = new String (" = '" + username + "'");
|
|
| 291 |
// qval[2] = new String (" <> 'public'");
|
|
| 292 |
|
|
| 293 |
qvalInx = new int[2]; |
|
| 294 |
qvalInx[0] = USER_NAME; |
|
| 295 |
qvalInx[1] = USER_NAME; |
|
| 296 |
// qvalInx[2] = USER_GROUP_NAME; |
|
| 297 |
|
|
| 298 |
selVal = new int[1]; |
|
| 299 |
selVal[0] = USER_GROUP_NAME; |
|
| 300 |
|
|
| 301 |
// generate a query and get the resultset |
|
| 302 |
String[] selRes = getGenQueResult (conn, qval, qvalInx, selVal); |
|
| 303 |
return selRes; |
|
| 304 |
} |
|
| 305 |
|
|
| 306 |
// get the names of all groups |
|
| 307 |
private String[] getGroupnames (int conn) |
|
| 308 |
throws RemoteException {
|
|
| 309 |
String[] qval; |
|
| 310 |
int[] qvalInx; |
|
| 311 |
int[] selVal; |
|
| 312 |
|
|
| 313 |
qval = new String [1]; |
|
| 314 |
qval[0] = new String (" not like '%$deleted%'");
|
|
| 315 |
// qval[1] = new String (" <> 'public'");
|
|
| 316 |
|
|
| 317 |
qvalInx = new int[1]; |
|
| 318 |
qvalInx[0] = USER_NAME; |
|
| 319 |
// qvalInx[1] = USER_GROUP_NAME; |
|
| 320 |
|
|
| 321 |
selVal = new int[1]; |
|
| 322 |
selVal[0] = USER_GROUP_NAME; |
|
| 323 |
|
|
| 324 |
// generate a query and get the resultset |
|
| 325 |
String[] selRes = getGenQueResult (conn, qval, qvalInx, selVal); |
|
| 326 |
return selRes; |
|
| 327 |
} |
|
| 328 |
|
|
| 329 |
// get the names of users for given group |
|
| 330 |
private String[] getUsernames (int conn, String groupname) |
|
| 331 |
throws RemoteException {
|
|
| 332 |
String[] qval; |
|
| 333 |
int[] qvalInx; |
|
| 334 |
int[] selVal; |
|
| 335 |
|
|
| 336 |
qval = new String [2]; |
|
| 337 |
qval[0] = new String (" not like '%$deleted%'");
|
|
| 338 |
qval[1] = new String (" = '" + groupname + "'");
|
|
| 339 |
// qval[2] = new String (" <> 'public'");
|
|
| 340 |
|
|
| 341 |
qvalInx = new int[2]; |
|
| 342 |
qvalInx[0] = USER_NAME; |
|
| 343 |
qvalInx[1] = USER_GROUP_NAME; |
|
| 344 |
// qvalInx[2] = USER_GROUP_NAME; |
|
| 345 |
|
|
| 346 |
selVal = new int[1]; |
|
| 347 |
selVal[0] = USER_NAME; |
|
| 348 |
|
|
| 349 |
// generate a query and get the resultset |
|
| 350 |
String[] selRes = getGenQueResult (conn, qval, qvalInx, selVal); |
|
| 351 |
return selRes; |
|
| 352 |
} |
|
| 353 |
|
|
| 354 |
// get the names of all users |
|
| 355 |
private String[] getUsernames (int conn) |
|
| 356 |
throws RemoteException {
|
|
| 357 |
String[] qval; |
|
| 358 |
int[] qvalInx; |
|
| 359 |
int[] selVal; |
|
| 360 |
|
|
| 361 |
qval = new String [1]; |
|
| 362 |
qval[0] = new String (" not like '%$deleted%'");
|
|
| 363 |
// qval[1] = new String (" <> 'public'");
|
|
| 364 |
|
|
| 365 |
qvalInx = new int[1]; |
|
| 366 |
qvalInx[0] = USER_NAME; |
|
| 367 |
// qvalInx[1] = USER_GROUP_NAME; |
|
| 368 |
|
|
| 369 |
selVal = new int[1]; |
|
| 370 |
selVal[0] = USER_NAME; |
|
| 371 |
|
|
| 372 |
// generate a query and get the resultset |
|
| 373 |
String[] selRes = getGenQueResult (conn, qval, qvalInx, selVal); |
|
| 374 |
return selRes; |
|
| 375 |
} |
|
| 376 |
|
|
| 377 |
|
|
| 378 |
// try to generate query and run and retrieve all rows |
|
| 379 |
private String[] getGenQueResult(int conn, String[] qval, |
|
| 380 |
int qvalInx[], int selVal[]) |
|
| 381 |
throws RemoteException {
|
|
| 382 |
|
|
| 383 |
int inx = 0; |
|
| 384 |
int queResultCount = 0; |
|
| 385 |
int queResultIndex = 0; |
|
| 386 |
int selLen = selVal.length; |
|
| 387 |
String[] queResult = new String[selLen]; |
|
| 388 |
String[] resultset; |
|
| 389 |
|
|
| 390 |
try {
|
|
| 391 |
queResultCount = srbJG.srbGenQuery( conn, 0, qval, qvalInx, selVal); |
|
| 392 |
resultset = new String[queResultCount]; |
|
| 393 |
|
|
| 394 |
// get first rows |
|
| 395 |
for (int i = 0; i < queResultCount; i++) {
|
|
| 396 |
for (int j = 0; j < selLen; j++) {
|
|
| 397 |
queResult[j] = srbJG.getGenQueResultJ(j, queResultIndex); |
|
| 398 |
} |
|
| 399 |
resultset[inx++] = queResult[0]; |
|
| 400 |
queResultIndex++; |
|
| 401 |
} |
|
| 402 |
|
|
| 403 |
// get next rows |
|
| 404 |
while (queResult != null) {
|
|
| 405 |
if ( queResultIndex >= queResultCount ) {
|
|
| 406 |
queResultIndex = 0; |
|
| 407 |
queResultCount = srbJG.getMoreGenQueRowsJ(conn, 0); |
|
| 408 |
if (queResultCount <= 0) {
|
|
| 409 |
return resultset; |
|
| 410 |
} |
|
| 411 |
} |
|
| 412 |
|
|
| 413 |
for (int i = 0; i < selLen; i++) {
|
|
| 414 |
queResult[i] = srbJG.getGenQueResultJ(i, queResultIndex); |
|
| 415 |
} |
|
| 416 |
resultset[inx++] = queResult[0]; |
|
| 417 |
queResultIndex++; |
|
| 418 |
} |
|
| 419 |
|
|
| 420 |
} catch (RemoteException re) {
|
|
| 421 |
throw re; |
|
| 422 |
} |
|
| 423 |
|
|
| 424 |
return resultset; |
|
| 425 |
} |
|
| 426 |
|
|
| 427 |
/** |
|
| 428 |
* Test method for the class |
|
| 429 |
*/ |
|
| 430 |
public static void main(String[] args) {
|
|
| 431 |
|
|
| 432 |
// Provide a user, such as: "cn=Matt Jones" |
|
| 433 |
String user = args[0]; |
|
| 434 |
String password = args[1]; |
|
| 435 |
|
|
| 436 |
AuthMcat authservice = new AuthMcat(); |
|
| 437 |
|
|
| 438 |
boolean isValid = false; |
|
| 439 |
try {
|
|
| 440 |
// isValid = authservice.authenticate(user, password); |
|
| 441 |
if (isValid) {
|
|
| 442 |
System.out.println("Authentication successful for: " + user );
|
|
| 443 |
System.out.println(" ");
|
|
| 444 |
} else {
|
|
| 445 |
System.out.println("Authentication failed for: " + user);
|
|
| 446 |
} |
|
| 447 |
|
|
| 448 |
String[] userlist = authservice.getUsers(user, password); |
|
| 449 |
for (int i = 0; i < userlist.length; i++) {
|
|
| 450 |
System.out.println(userlist[i]); |
|
| 451 |
} |
|
| 452 |
System.out.println("All Users: " + userlist.length);
|
|
| 453 |
|
|
| 454 |
/* |
|
| 455 |
if (isValid) {
|
|
| 456 |
HashMap userInfo = authservice.getAttributes(user); |
|
| 457 |
|
|
| 458 |
// Print all of the attributes |
|
| 459 |
Iterator attList = (Iterator)(((Set)userInfo.keySet()).iterator()); |
|
| 460 |
while (attList.hasNext()) {
|
|
| 461 |
String att = (String)attList.next(); |
|
| 462 |
Vector values = (Vector)userInfo.get(att); |
|
| 463 |
System.out.println(att + ": " ); |
|
| 464 |
Iterator attvalues = values.iterator(); |
|
| 465 |
while (attvalues.hasNext()) {
|
|
| 466 |
String value = (String)attvalues.next(); |
|
| 467 |
System.out.println(" value: " + value);
|
|
| 468 |
} |
|
| 469 |
} |
|
| 470 |
} |
|
| 471 |
*/ |
|
| 472 |
} catch (ConnectException ce) {
|
|
| 473 |
System.err.println(ce.getMessage()); |
|
| 474 |
} |
|
| 475 |
} |
|
| 476 |
} |
|
| 0 | 477 | |
| src/edu/ucsb/nceas/metacat/AuthInterface.java | ||
|---|---|---|
| 34 | 34 |
* @returns boolean true if authentication successful, false otherwise |
| 35 | 35 |
*/ |
| 36 | 36 |
public boolean authenticate(String user, String password) |
| 37 |
throws ConnectException;
|
|
| 37 |
throws ConnectException; |
|
| 38 | 38 |
|
| 39 | 39 |
/** |
| 40 | 40 |
* Get all users from the authentication service |
| 41 | 41 |
*/ |
| 42 |
public String[] getUsers() throws ConnectException; |
|
| 42 |
public String[] getUsers(String user, String password) |
|
| 43 |
throws ConnectException; |
|
| 43 | 44 |
|
| 44 | 45 |
/** |
| 45 | 46 |
* Get the users for a particular group from the authentication service |
| 46 | 47 |
*/ |
| 47 |
public String[] getUsers(String group) throws ConnectException; |
|
| 48 |
public String[] getUsers(String user, String password, String group) |
|
| 49 |
throws ConnectException; |
|
| 48 | 50 |
|
| 49 | 51 |
/** |
| 50 | 52 |
* Get all groups from the authentication service |
| 51 | 53 |
*/ |
| 52 |
public String[] getGroups() throws ConnectException; |
|
| 54 |
public String[] getGroups(String user, String password) |
|
| 55 |
throws ConnectException; |
|
| 53 | 56 |
|
| 54 | 57 |
/** |
| 55 | 58 |
* Get the groups for a particular user from the authentication service |
| 56 | 59 |
*/ |
| 57 |
public String[] getGroups(String user) throws ConnectException; |
|
| 60 |
public String[] getGroups(String user, String password, String foruser) |
|
| 61 |
throws ConnectException; |
|
| 58 | 62 |
|
| 59 | 63 |
/** |
| 60 | 64 |
* Get attributes describing a user or group |
Also available in: Unified diff
AuthMcat
- new class for authentication through MCA; implements AuthInterface
AuthSession
- assigning HttpSession obj only after successful athentication;
- cleared isAuthenticated field - not needed
- cleared invalidate() method - not needed
AuthInterface
- added input parameters: user and password for getGroups() and getUsers() interfaces
needed for making connection to the auth server
MetaCatServlet
- changed the values of action paramet to "login" and "logout"
- added handleLogoutAction() method