| 27 |
27 |
import java.io.UnsupportedEncodingException;
|
| 28 |
28 |
import java.net.ConnectException;
|
| 29 |
29 |
import java.security.GeneralSecurityException;
|
|
30 |
import java.util.Enumeration;
|
| 30 |
31 |
import java.util.HashMap;
|
|
32 |
import java.util.Hashtable;
|
| 31 |
33 |
import java.util.List;
|
| 32 |
34 |
import java.util.Random;
|
| 33 |
35 |
import java.util.Vector;
|
| ... | ... | |
| 46 |
48 |
import org.apache.commons.logging.LogFactory;
|
| 47 |
49 |
|
| 48 |
50 |
import edu.ucsb.nceas.metacat.AuthInterface;
|
|
51 |
import edu.ucsb.nceas.metacat.AuthLdap;
|
| 49 |
52 |
import edu.ucsb.nceas.metacat.properties.PropertyService;
|
|
53 |
import edu.ucsb.nceas.metacat.util.SystemUtil;
|
| 50 |
54 |
import edu.ucsb.nceas.utilities.PropertyNotFoundException;
|
| 51 |
55 |
|
| 52 |
56 |
/**
|
| ... | ... | |
| 70 |
74 |
*
|
| 71 |
75 |
*/
|
| 72 |
76 |
public class AuthFile implements AuthInterface {
|
|
77 |
private static final String ORGANIZATION = "UNkown";
|
| 73 |
78 |
private static final String NAME = "name";
|
| 74 |
79 |
private static final String PASSWORD = "password";
|
| 75 |
80 |
private static final String SLASH = "/";
|
| ... | ... | |
| 89 |
94 |
private static Log log = LogFactory.getLog(AuthFile.class);
|
| 90 |
95 |
private static AuthFile authFile = null;
|
| 91 |
96 |
private XMLConfiguration userpassword = null;
|
|
97 |
private String authURI = null;
|
| 92 |
98 |
private static String passwordFilePath = null;
|
| 93 |
99 |
private static char[] masterPass = "enfldsgbnlsngdlksdsgm".toCharArray();
|
| 94 |
100 |
/**
|
| ... | ... | |
| 141 |
147 |
if(password != null && !password.trim().equals("")) {
|
| 142 |
148 |
masterPass = password.toCharArray();
|
| 143 |
149 |
}
|
|
150 |
authURI = SystemUtil.getContextURL();
|
| 144 |
151 |
}catch(PropertyNotFoundException e) {
|
| 145 |
152 |
log.warn("AuthFile.init - can't find the auth.file.pass in the metacat.properties. Metacat will use the default one as password.");
|
| 146 |
153 |
}
|
| ... | ... | |
| 287 |
294 |
@Override
|
| 288 |
295 |
public String getPrincipals(String user, String password)
|
| 289 |
296 |
throws ConnectException {
|
| 290 |
|
// TODO Auto-generated method stub
|
| 291 |
|
return null;
|
|
297 |
StringBuffer out = new StringBuffer();
|
|
298 |
|
|
299 |
out.append("<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n");
|
|
300 |
out.append("<principals>\n");
|
|
301 |
out.append(" <authSystem URI=\"" +authURI
|
|
302 |
+ "\" organization=\"" + ORGANIZATION + "\">\n");
|
|
303 |
|
|
304 |
// get all groups for directory context
|
|
305 |
String[][] groups = getGroups(user, password);
|
|
306 |
String[][] users = getUsers(user, password);
|
|
307 |
int userIndex = 0;
|
|
308 |
|
|
309 |
// for the groups and users that belong to them
|
|
310 |
if (groups != null && users != null && groups.length > 0) {
|
|
311 |
for (int i = 0; i < groups.length; i++) {
|
|
312 |
out.append(" <group>\n");
|
|
313 |
out.append(" <groupname>" + groups[i][0] + "</groupname>\n");
|
|
314 |
if(groups[i].length > 1) {
|
|
315 |
out.append(" <description>" + groups[i][1] + "</description>\n");
|
|
316 |
}
|
|
317 |
String[] usersForGroup = getUsers(user, password, groups[i][0]);
|
|
318 |
if(usersForGroup != null) {
|
|
319 |
for (int j = 0; j < usersForGroup.length; j++) {
|
|
320 |
userIndex = AuthLdap.searchUser(usersForGroup[j], users);
|
|
321 |
out.append(" <user>\n");
|
|
322 |
|
|
323 |
if (userIndex < 0) {
|
|
324 |
out.append(" <username>" + usersForGroup[j]
|
|
325 |
+ "</username>\n");
|
|
326 |
} else {
|
|
327 |
out.append(" <username>" + users[userIndex][0]
|
|
328 |
+ "</username>\n");
|
|
329 |
if(users[userIndex].length >=2) {
|
|
330 |
out.append(" <name>" + users[userIndex][1]
|
|
331 |
+ "</name>\n");
|
|
332 |
}
|
|
333 |
if(users[userIndex].length >=3) {
|
|
334 |
out.append(" <email>" + users[userIndex][2]
|
|
335 |
+ "</email>\n");
|
|
336 |
}
|
|
337 |
|
|
338 |
}
|
|
339 |
|
|
340 |
out.append(" </user>\n");
|
|
341 |
}
|
|
342 |
}
|
|
343 |
|
|
344 |
out.append(" </group>\n");
|
|
345 |
}
|
|
346 |
}
|
|
347 |
|
|
348 |
if (users != null) {
|
|
349 |
// for the users not belonging to any grou8p
|
|
350 |
for (int j = 0; j < users.length; j++) {
|
|
351 |
out.append(" <user>\n");
|
|
352 |
out.append(" <username>" + users[j][0] + "</username>\n");
|
|
353 |
if(users[userIndex].length >=2) {
|
|
354 |
out.append(" <name>" + users[j][1] + "</name>\n");
|
|
355 |
}
|
|
356 |
if(users[userIndex].length >=3) {
|
|
357 |
out.append(" <email>" + users[j][2] + "</email>\n");
|
|
358 |
}
|
|
359 |
|
|
360 |
out.append(" </user>\n");
|
|
361 |
}
|
|
362 |
}
|
|
363 |
|
|
364 |
out.append(" </authSystem>\n");
|
|
365 |
|
|
366 |
out.append("</principals>");
|
|
367 |
return out.toString();
|
| 292 |
368 |
}
|
| 293 |
369 |
|
| 294 |
370 |
/**
|
| ... | ... | |
| 324 |
400 |
}
|
| 325 |
401 |
}
|
| 326 |
402 |
}
|
| 327 |
|
userpassword.reload();
|
|
403 |
//userpassword.reload();
|
| 328 |
404 |
}
|
| 329 |
405 |
} else {
|
| 330 |
406 |
throw new AuthenticationException("AuthFile.addUser - can't add the user "+userName+" since it already exists.");
|
| ... | ... | |
| 342 |
418 |
if(!groupExists(groupName)) {
|
| 343 |
419 |
if(userpassword != null) {
|
| 344 |
420 |
userpassword.addProperty(GROUPS+" "+GROUP+AT+NAME, groupName);
|
| 345 |
|
userpassword.reload();
|
|
421 |
//userpassword.reload();
|
| 346 |
422 |
}
|
| 347 |
423 |
} else {
|
| 348 |
424 |
throw new AuthenticationException("AuthFile.addGroup - can't add the group "+groupName+" since it already exists.");
|
| ... | ... | |
| 379 |
455 |
* @param userName the name of the user. the user should already exist
|
| 380 |
456 |
* @param group the name of the group. the group should already exist
|
| 381 |
457 |
*/
|
| 382 |
|
public void addUserToGroup(String userName, String group) {
|
| 383 |
|
|
|
458 |
public void addUserToGroup(String userName, String group) throws AuthenticationException {
|
|
459 |
if(!userExists(userName)) {
|
|
460 |
throw new AuthenticationException("AuthFile.addUserToGroup - the user "+userName+ " doesn't exist.");
|
|
461 |
}
|
|
462 |
if(!groupExists(group)) {
|
|
463 |
throw new AuthenticationException("AuthFile.addUserToGroup - the group "+group+ " doesn't exist.");
|
|
464 |
}
|
|
465 |
List<Object> existingGroups = userpassword.getList(USERS+SLASH+USER+"["+AT+NAME+"='"+userName+"']"+SLASH+GROUP);
|
|
466 |
if(existingGroups.contains(group)) {
|
|
467 |
throw new AuthenticationException("AuthFile.addUserToGroup - the user "+userName+ " already is the memember of the group "+group);
|
|
468 |
}
|
|
469 |
userpassword.addProperty(USERS+SLASH+USER+"["+AT+NAME+"='"+userName+"']"+" "+GROUP, group);
|
| 384 |
470 |
}
|
| 385 |
471 |
|
| 386 |
472 |
/**
|
| ... | ... | |
| 388 |
474 |
* @param userName the name of the user. the user should already exist.
|
| 389 |
475 |
* @param group the name of the group
|
| 390 |
476 |
*/
|
| 391 |
|
public void removeUserFromGroup(String userName, String group) {
|
| 392 |
|
|
|
477 |
public void removeUserFromGroup(String userName, String group) throws AuthenticationException{
|
|
478 |
if(!userExists(userName)) {
|
|
479 |
throw new AuthenticationException("AuthFile.removeUserFromGroup - the user "+userName+ " doesn't exist.");
|
|
480 |
}
|
|
481 |
if(!groupExists(group)) {
|
|
482 |
throw new AuthenticationException("AuthFile.removeUserFromGroup - the group "+group+ " doesn't exist.");
|
|
483 |
}
|
|
484 |
String key = USERS+SLASH+USER+"["+AT+NAME+"='"+userName+"']"+SLASH+GROUP;
|
|
485 |
List<Object> existingGroups = userpassword.getList(key);
|
|
486 |
if(!existingGroups.contains(group)) {
|
|
487 |
throw new AuthenticationException("AuthFile.removeUserFromGroup - the user "+userName+ " isn't the memember of the group "+group);
|
|
488 |
} else {
|
|
489 |
userpassword.clearProperty(key+"[.='"+group+"']");
|
|
490 |
}
|
| 393 |
491 |
}
|
| 394 |
492 |
|
| 395 |
493 |
/**
|
Add the method to get the principals.