Project

General

Profile

« Previous | Next » 

Revision 725

Added by bojilova over 23 years ago

Included back getting the list of users and groups stored in auth scheme
through new action="getprincipals". No extra parameters are needed.
Any logged in users are able to get this information

View differences:

src/edu/ucsb/nceas/metacat/AuthLdap.java
165 165
          NamingEnumeration enum1 = attrs.getAll(); // only "uid" attr
166 166
          while (enum1.hasMore()) {
167 167
            Attribute attr = (Attribute)enum1.next();
168
            System.out.print(attr.getID() + "=");
169
            System.out.println((String)attr.get());
168
            //System.out.print(attr.getID() + "=");
169
            //System.out.println((String)attr.get());
170 170
            uvec.add(attr.get());
171 171
          }
172 172
        }
......
243 243
          NamingEnumeration enum1 = attrs.getAll(); // only "uid" attr
244 244
          while (enum1.hasMore()) {
245 245
            Attribute attr = (Attribute)enum1.next();
246
            System.out.print(attr.getID() + "=");
247
            System.out.println((String)attr.get());
246
            //System.out.print(attr.getID() + "=");
247
            //System.out.println((String)attr.get());
248 248
            uvec.add(attr.get());
249 249
          }
250 250
        }
......
323 323
          NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr
324 324
          while (enum1.hasMore()) {
325 325
            Attribute attr = (Attribute)enum1.next();
326
            System.out.print(attr.getID() + "=");
327
            System.out.println((String)attr.get());
326
            //System.out.print(attr.getID() + "=");
327
            //System.out.println((String)attr.get());
328 328
            uvec.add(attr.get());
329 329
          }
330 330
        }
......
401 401
          NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr
402 402
          while (enum1.hasMore()) {
403 403
            Attribute attr = (Attribute)enum1.next();
404
            System.out.print(attr.getID() + "=");
405
            System.out.println((String)attr.get());
404
            //System.out.print(attr.getID() + "=");
405
            //System.out.println((String)attr.get());
406 406
            uvec.add(attr.get());
407 407
          }
408 408
        }
......
581 581
  }
582 582

  
583 583
  /**
584
   * Get list of all groups and users from authentication scheme.
585
   * The output is formatted in XML.
586
   */
587
  private String getPrincipals(String user, String password)
588
                throws ConnectException
589
  {
590
    StringBuffer out = new StringBuffer();
591
    String[] groups = getGroups(user, password);
592
    
593
    out.append("<?xml version=\"1.0\"?>\n");
594
    out.append("<principals>\n");
595
    
596
    // for the groups and users that belong to them
597
    if ( groups.length > 0 ) {
598
      for (int i=0; i < groups.length; i++ ) {
599
        out.append("  <group>\n");
600
        out.append("    <groupname>" + groups[i] + "<groupname>\n");
601
        String[] usersForGroup = getUsers(user,password,groups[i]);
602
        for (int j=0; j <= usersForGroup.length; j++ ) {
603
          out.append("    <user>\n");
604
          out.append("      <username>" + usersForGroup[j] + "<username>\n");
605
          out.append("    </user>\n");
606
        }
607
        out.append("</group>\n");
608
      }
609
    // for the users only when there are no any groups defined
610
    } else {
611
      String[] users = getUsers(user, password);
612
      for (int j=0; j < users.length; j++ ) {
613
        out.append("  <user>\n");
614
        out.append("    <username>" + users[j] + "<username>\n");
615
        out.append("  </user>\n");
616
      }
617
    }
618
    
619
    out.append("</principals>");
620
    return out.toString();
621
  }
622

  
623
  /**
584 624
   * Test method for the class
585 625
   */
586 626
  public static void main(String[] args) {
......
600 640
      } else {
601 641
        System.out.println("Authentication failed for: " + user);
602 642
      }
603
/*
643

  
604 644
      if (isValid) {
605 645
        HashMap userInfo = authservice.getAttributes(user, password, user);
606 646

  
......
617 657
        }
618 658

  
619 659
      }
620
*/
660

  
661
/*
621 662
      // get the whole list of users
622 663
      if (isValid) {
623 664
        String[] users = authservice.getUsers(user, password);
......
625 666
          System.out.println(users[i]);          
626 667
        }
627 668
      }
669
*/
628 670
/*
629 671
      // get the whole list of users for a group
630 672
      if (isValid) {
......
635 677
        }
636 678
      }
637 679
*/
680
/*      // get the whole list groups and users in XML format
681
      if (isValid) {
682
        String out = authservice.getPrincipals(user, password);
683
        java.io.File f = new java.io.File("principals.txt");
684
        java.io.FileWriter fw = new java.io.FileWriter(f);
685
        java.io.BufferedWriter buff = new java.io.BufferedWriter(fw);
686
        buff.write(out);
687
        buff.flush();
688
        buff.close();
689
        fw.close();
690
      }
691
*/
638 692
    } catch (ConnectException ce) {
639 693
      System.err.println("Error connecting to LDAP server in authldap.main");
694
    } catch (java.io.IOException ioe) {
695
      System.err.println("I/O Error writing to file principals.txt");
640 696
    }
641 697
  }
642 698
}
src/edu/ucsb/nceas/metacat/AuthSession.java
65 65
   * @param password the password entered when login
66 66
   */
67 67
  public boolean authenticate(HttpServletRequest request, 
68
                        String username, String password)  {
68
                              String username, String password)  {
69 69
                          
70 70
    String message = null;
71 71
 
72 72
    try { 
73 73
      if ( authService.authenticate(username, password) ) {
74
        this.session = getSession(request, username, password);
74
        String[] groups = authService.getGroups(username,password,username);
75
        this.session = getSession(request, username, password, groups);
75 76
        message = "Authentication successful for user: " + username;
76 77
        this.statusMessage = formatOutput("login", message);
77 78
        return true;
......
93 94

  
94 95
  /** Get new HttpSession and store username & password in it */
95 96
  private HttpSession getSession(HttpServletRequest request, 
96
                            String username, String password)  
97
                                throws IllegalStateException {
97
                                 String username, String password,
98
                                 String[] groups)  
99
                      throws IllegalStateException {
98 100

  
99 101
    // get the current session object, create one if necessary
100 102
    HttpSession session = request.getSession(true);
......
104 106
      session.invalidate();
105 107
      session = request.getSession(true);
106 108
    }
107
    // store username & password in the session for later use, especially by
108
    // the authenticate() method
109
    // store the username, password, and groupname (the first only)
110
    // in the session obj for use on subsequent calls to Metacat servlet
109 111
    session.setMaxInactiveInterval(-1);
110 112
    session.setAttribute("username", username);
111 113
    session.setAttribute("password", password);
114
    if ( groups.length > 0 ) {
115
      session.setAttribute("groupname", groups[0]);
116
    }
112 117
    
113 118
    return session;
114 119
  }
......
122 127
    return this.statusMessage;
123 128
  }
124 129

  
125
/* NOT NEEDED
126 130
  /**
127
   * Determine if the session has been successfully authenticated
128
   * @returns boolean true if authentication was successful, false otherwise
131
   * Get list of all groups and users from authentication scheme.
132
   * The output is formatted in XML.
129 133
   */
130
/*
131
  public boolean isAuthenticated() 
134
  public String getPrincipals(String user, String password)
135
                throws ConnectException
132 136
  {
133
    return this.isAuthenticated;
137
    StringBuffer out = new StringBuffer();
138
    String[] groups = authService.getGroups(user, password);
139
    
140
    out.append("<?xml version=\"1.0\"?>\n");
141
    out.append("<principals>\n");
142
    
143
    // for the groups and users that belong to them
144
    if ( groups.length > 0 ) {
145
      for (int i=0; i < groups.length; i++ ) {
146
        out.append("  <group>\n");
147
        out.append("    <groupname>" + groups[i] + "<groupname>\n");
148
        String[] usersForGroup = authService.getUsers(user,password,groups[i]);
149
        for (int j=0; j <= usersForGroup.length; j++ ) {
150
          out.append("    <user>\n");
151
          out.append("      <username>" + usersForGroup[j] + "<username>\n");
152
          out.append("    </user>\n");
153
        }
154
        out.append("</group>\n");
155
      }
156
    // for the users only when there are no any groups defined
157
    } else {
158
      String[] users = authService.getUsers(user, password);
159
      for (int j=0; j < users.length; j++ ) {
160
        out.append("  <user>\n");
161
        out.append("    <username>" + users[j] + "<username>\n");
162
        out.append("  </user>\n");
163
      }
164
    }
165
    
166
    out.append("</principals>");
167
    return out.toString();
134 168
  }
135
*/
136 169

  
137
/* NOT NEEDED
138
  /**
139
   * Invalidate this HTTPSession object. 
140
   * All objects stored in the session are unbound.
141
   */
142
/*
143
  private void invalidate(String message)
144
  {
145
    this.isAuthenticated = false;
146
    this.session.setAttribute("isAuthenticated", new Boolean(isAuthenticated));
147
    this.statusMessage = formatOutput("error", message);
148
    this.session.setAttribute("statusMessage", this.statusMessage);
149
    this.session.invalidate();
150
  }    
151
*/
152 170
  /* 
153 171
   * format the output in xml for processing from client applications
154 172
   *
src/edu/ucsb/nceas/metacat/MetaCatServlet.java
96 96
 * action=getdoctypes -- retrieve all doctypes (publicID)<br>
97 97
 * action=getdtdschema -- retrieve a DTD or Schema file<br>
98 98
 * action=getdataguide -- retrieve a Data Guide<br>
99
 * action=getprincipals -- retrieve a list of principals in XML<br>
99 100
 * datadoc -- data document name (id)<br>
100 101
 * <p>
101 102
 * The particular combination of parameters that are valid for each 
......
246 247
    // by looking up the current session information for all actions
247 248
    // other than "login" and "logout"
248 249
    String username = null;
250
    String password = null;
249 251
    String groupname = null;
250 252
    String sess_id = null;
251 253

  
......
269 271
        sess.setAttribute("username", username);
270 272
      } else {
271 273
        username = (String)sess.getAttribute("username");
274
        password = (String)sess.getAttribute("password");
272 275
        groupname = (String)sess.getAttribute("groupname");
273 276
        try
274 277
        {
......
377 380
    } else if (action.equals("getdataguide")) {
378 381
      PrintWriter out = response.getWriter();
379 382
      handleGetDataGuideAction(out, params, response);  
383
    } else if (action.equals("getprincipals")) {
384
      PrintWriter out = response.getWriter();
385
      handleGetPrincipalsAction(out, username, password);  
380 386
    } else if (action.equals("login") || action.equals("logout")) {
381 387
    } else if (action.equals("protocoltest")) {
382 388
      String testURL = "metacat://dev.nceas.ucsb.edu/NCEAS.897766.9";
......
1696 1702
    
1697 1703
  }
1698 1704

  
1705
  /** 
1706
   * Handle the "getprincipals" action.
1707
   * Read all principals from authentication scheme in XML format
1708
   */
1709
  private void handleGetPrincipalsAction(PrintWriter out, String user,
1710
                                         String password) {
1711

  
1712
    Connection conn = null;
1713

  
1714
    try {
1715

  
1716
        // get connection from the pool
1717
        AuthSession auth = new AuthSession();
1718
        String principals = auth.getPrincipals(user, password);
1719
        out.println(principals);
1720

  
1721
    } catch (Exception e) {
1722
      out.println("<?xml version=\"1.0\"?>");
1723
      out.println("<error>");
1724
      out.println(e.getMessage());
1725
      out.println("</error>");
1726
    } finally {
1727
      util.returnConnection(conn);
1728
    }  
1729
    
1730
  }
1731

  
1699 1732
}

Also available in: Unified diff