Revision 8431
Added by Jing Tao over 10 years ago
AuthFile.java | ||
---|---|---|
27 | 27 |
import java.io.UnsupportedEncodingException; |
28 | 28 |
import java.net.ConnectException; |
29 | 29 |
import java.security.GeneralSecurityException; |
30 |
import java.util.Enumeration; |
|
30 | 31 |
import java.util.HashMap; |
32 |
import java.util.Hashtable; |
|
31 | 33 |
import java.util.List; |
32 | 34 |
import java.util.Random; |
33 | 35 |
import java.util.Vector; |
... | ... | |
46 | 48 |
import org.apache.commons.logging.LogFactory; |
47 | 49 |
|
48 | 50 |
import edu.ucsb.nceas.metacat.AuthInterface; |
51 |
import edu.ucsb.nceas.metacat.AuthLdap; |
|
49 | 52 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
53 |
import edu.ucsb.nceas.metacat.util.SystemUtil; |
|
50 | 54 |
import edu.ucsb.nceas.utilities.PropertyNotFoundException; |
51 | 55 |
|
52 | 56 |
/** |
... | ... | |
70 | 74 |
* |
71 | 75 |
*/ |
72 | 76 |
public class AuthFile implements AuthInterface { |
77 |
private static final String ORGANIZATION = "UNkown"; |
|
73 | 78 |
private static final String NAME = "name"; |
74 | 79 |
private static final String PASSWORD = "password"; |
75 | 80 |
private static final String SLASH = "/"; |
... | ... | |
89 | 94 |
private static Log log = LogFactory.getLog(AuthFile.class); |
90 | 95 |
private static AuthFile authFile = null; |
91 | 96 |
private XMLConfiguration userpassword = null; |
97 |
private String authURI = null; |
|
92 | 98 |
private static String passwordFilePath = null; |
93 | 99 |
private static char[] masterPass = "enfldsgbnlsngdlksdsgm".toCharArray(); |
94 | 100 |
/** |
... | ... | |
141 | 147 |
if(password != null && !password.trim().equals("")) { |
142 | 148 |
masterPass = password.toCharArray(); |
143 | 149 |
} |
150 |
authURI = SystemUtil.getContextURL(); |
|
144 | 151 |
}catch(PropertyNotFoundException e) { |
145 | 152 |
log.warn("AuthFile.init - can't find the auth.file.pass in the metacat.properties. Metacat will use the default one as password."); |
146 | 153 |
} |
... | ... | |
287 | 294 |
@Override |
288 | 295 |
public String getPrincipals(String user, String password) |
289 | 296 |
throws ConnectException { |
290 |
// TODO Auto-generated method stub |
|
291 |
return null; |
|
297 |
StringBuffer out = new StringBuffer(); |
|
298 |
|
|
299 |
out.append("<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n"); |
|
300 |
out.append("<principals>\n"); |
|
301 |
out.append(" <authSystem URI=\"" +authURI |
|
302 |
+ "\" organization=\"" + ORGANIZATION + "\">\n"); |
|
303 |
|
|
304 |
// get all groups for directory context |
|
305 |
String[][] groups = getGroups(user, password); |
|
306 |
String[][] users = getUsers(user, password); |
|
307 |
int userIndex = 0; |
|
308 |
|
|
309 |
// for the groups and users that belong to them |
|
310 |
if (groups != null && users != null && groups.length > 0) { |
|
311 |
for (int i = 0; i < groups.length; i++) { |
|
312 |
out.append(" <group>\n"); |
|
313 |
out.append(" <groupname>" + groups[i][0] + "</groupname>\n"); |
|
314 |
if(groups[i].length > 1) { |
|
315 |
out.append(" <description>" + groups[i][1] + "</description>\n"); |
|
316 |
} |
|
317 |
String[] usersForGroup = getUsers(user, password, groups[i][0]); |
|
318 |
if(usersForGroup != null) { |
|
319 |
for (int j = 0; j < usersForGroup.length; j++) { |
|
320 |
userIndex = AuthLdap.searchUser(usersForGroup[j], users); |
|
321 |
out.append(" <user>\n"); |
|
322 |
|
|
323 |
if (userIndex < 0) { |
|
324 |
out.append(" <username>" + usersForGroup[j] |
|
325 |
+ "</username>\n"); |
|
326 |
} else { |
|
327 |
out.append(" <username>" + users[userIndex][0] |
|
328 |
+ "</username>\n"); |
|
329 |
if(users[userIndex].length >=2) { |
|
330 |
out.append(" <name>" + users[userIndex][1] |
|
331 |
+ "</name>\n"); |
|
332 |
} |
|
333 |
if(users[userIndex].length >=3) { |
|
334 |
out.append(" <email>" + users[userIndex][2] |
|
335 |
+ "</email>\n"); |
|
336 |
} |
|
337 |
|
|
338 |
} |
|
339 |
|
|
340 |
out.append(" </user>\n"); |
|
341 |
} |
|
342 |
} |
|
343 |
|
|
344 |
out.append(" </group>\n"); |
|
345 |
} |
|
346 |
} |
|
347 |
|
|
348 |
if (users != null) { |
|
349 |
// for the users not belonging to any grou8p |
|
350 |
for (int j = 0; j < users.length; j++) { |
|
351 |
out.append(" <user>\n"); |
|
352 |
out.append(" <username>" + users[j][0] + "</username>\n"); |
|
353 |
if(users[userIndex].length >=2) { |
|
354 |
out.append(" <name>" + users[j][1] + "</name>\n"); |
|
355 |
} |
|
356 |
if(users[userIndex].length >=3) { |
|
357 |
out.append(" <email>" + users[j][2] + "</email>\n"); |
|
358 |
} |
|
359 |
|
|
360 |
out.append(" </user>\n"); |
|
361 |
} |
|
362 |
} |
|
363 |
|
|
364 |
out.append(" </authSystem>\n"); |
|
365 |
|
|
366 |
out.append("</principals>"); |
|
367 |
return out.toString(); |
|
292 | 368 |
} |
293 | 369 |
|
294 | 370 |
/** |
... | ... | |
324 | 400 |
} |
325 | 401 |
} |
326 | 402 |
} |
327 |
userpassword.reload(); |
|
403 |
//userpassword.reload();
|
|
328 | 404 |
} |
329 | 405 |
} else { |
330 | 406 |
throw new AuthenticationException("AuthFile.addUser - can't add the user "+userName+" since it already exists."); |
... | ... | |
342 | 418 |
if(!groupExists(groupName)) { |
343 | 419 |
if(userpassword != null) { |
344 | 420 |
userpassword.addProperty(GROUPS+" "+GROUP+AT+NAME, groupName); |
345 |
userpassword.reload(); |
|
421 |
//userpassword.reload();
|
|
346 | 422 |
} |
347 | 423 |
} else { |
348 | 424 |
throw new AuthenticationException("AuthFile.addGroup - can't add the group "+groupName+" since it already exists."); |
... | ... | |
379 | 455 |
* @param userName the name of the user. the user should already exist |
380 | 456 |
* @param group the name of the group. the group should already exist |
381 | 457 |
*/ |
382 |
public void addUserToGroup(String userName, String group) { |
|
383 |
|
|
458 |
public void addUserToGroup(String userName, String group) throws AuthenticationException { |
|
459 |
if(!userExists(userName)) { |
|
460 |
throw new AuthenticationException("AuthFile.addUserToGroup - the user "+userName+ " doesn't exist."); |
|
461 |
} |
|
462 |
if(!groupExists(group)) { |
|
463 |
throw new AuthenticationException("AuthFile.addUserToGroup - the group "+group+ " doesn't exist."); |
|
464 |
} |
|
465 |
List<Object> existingGroups = userpassword.getList(USERS+SLASH+USER+"["+AT+NAME+"='"+userName+"']"+SLASH+GROUP); |
|
466 |
if(existingGroups.contains(group)) { |
|
467 |
throw new AuthenticationException("AuthFile.addUserToGroup - the user "+userName+ " already is the memember of the group "+group); |
|
468 |
} |
|
469 |
userpassword.addProperty(USERS+SLASH+USER+"["+AT+NAME+"='"+userName+"']"+" "+GROUP, group); |
|
384 | 470 |
} |
385 | 471 |
|
386 | 472 |
/** |
... | ... | |
388 | 474 |
* @param userName the name of the user. the user should already exist. |
389 | 475 |
* @param group the name of the group |
390 | 476 |
*/ |
391 |
public void removeUserFromGroup(String userName, String group) { |
|
392 |
|
|
477 |
public void removeUserFromGroup(String userName, String group) throws AuthenticationException{ |
|
478 |
if(!userExists(userName)) { |
|
479 |
throw new AuthenticationException("AuthFile.removeUserFromGroup - the user "+userName+ " doesn't exist."); |
|
480 |
} |
|
481 |
if(!groupExists(group)) { |
|
482 |
throw new AuthenticationException("AuthFile.removeUserFromGroup - the group "+group+ " doesn't exist."); |
|
483 |
} |
|
484 |
String key = USERS+SLASH+USER+"["+AT+NAME+"='"+userName+"']"+SLASH+GROUP; |
|
485 |
List<Object> existingGroups = userpassword.getList(key); |
|
486 |
if(!existingGroups.contains(group)) { |
|
487 |
throw new AuthenticationException("AuthFile.removeUserFromGroup - the user "+userName+ " isn't the memember of the group "+group); |
|
488 |
} else { |
|
489 |
userpassword.clearProperty(key+"[.='"+group+"']"); |
|
490 |
} |
|
393 | 491 |
} |
394 | 492 |
|
395 | 493 |
/** |
Also available in: Unified diff
Add the method to get the principals.