View Javadoc

1   /*
2   jGuard is a security framework based on top of jaas (java authentication and authorization security).
3   it is written for web applications, to resolve simply, access control problems.
4   version $Name$
5   http://sourceforge.net/projects/jguard/
6   
7   Copyright (C) 2004  Charles GAY
8   
9   This library is free software; you can redistribute it and/or
10  modify it under the terms of the GNU Lesser General Public
11  License as published by the Free Software Foundation; either
12  version 2.1 of the License, or (at your option) any later version.
13  
14  This library is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  Lesser General Public License for more details.
18  
19  You should have received a copy of the GNU Lesser General Public
20  License along with this library; if not, write to the Free Software
21  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
22  
23  
24  jGuard project home page:
25  http://sourceforge.net/projects/jguard/
26  
27  */
28  package net.sf.jguard.core.principals;
29  
30  
31  import java.lang.reflect.Constructor;
32  import java.lang.reflect.InvocationTargetException;
33  import java.security.Principal;
34  import java.util.HashSet;
35  import java.util.Iterator;
36  import java.util.Set;
37  import java.util.logging.Level;
38  import org.slf4j.Logger;
39  import org.slf4j.LoggerFactory;
40  
41  
42  /**
43   * Utility class to instantiate a PersistedPrincipal implementation.
44   * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
45   */
46  public class PrincipalUtils {
47  
48  	private static final Logger logger = LoggerFactory.getLogger(PrincipalUtils.class.getName());
49  
50     
51  	/**
52  	 * instantiate PersistedPrincipal implementations.
53  	 * @param className implementation class
54  	 * @param name
55  	 * @return PersistedPrincipal implementation instance
56  	 */
57  	public static Principal getPrincipal(String className, String name){
58  		Principal ppal = null;
59  		Class clazz = null;
60  
61  		try {
62  			clazz = Class.forName(className);
63  		} catch (ClassNotFoundException e) {
64  			logger.error("",e);
65  		}
66  
67  		Constructor constructor = null;
68  		try {
69  			constructor = clazz.getConstructor(new Class[]{String.class});
70  		} catch (SecurityException e) {
71  			logger.error("",e);
72  		} catch (NoSuchMethodException e) {
73  			logger.error("",e);
74  		}
75  
76  		if(constructor!= null){
77  			try {
78  				ppal = (Principal)constructor.newInstance(new Object[]{name});
79  			} catch (IllegalArgumentException e) {
80  				logger.error("",e);
81  			} catch (InstantiationException e) {
82  				logger.error("",e);
83  			} catch (IllegalAccessException e) {
84  				logger.error("",e);
85  			} catch (InvocationTargetException e) {
86  				logger.error("",e);
87  			}
88  		}else{
89  			throw new IllegalArgumentException(" the provided Class="+className+" has'nt got any constructor with a String argument ");
90  		}
91  
92  		return ppal;
93  	}
94          
95         
96  
97  
98  	/**
99  	 * instantiate PersistedPrincipal implementations
100 	 * @param clazz implementation class
101 	 * @param parameterTypes
102 	 * @param parameterValues
103 	 * @return instantiated principal
104 	 */
105 	public static Principal getPrincipal(Class clazz,Class[] parameterTypes, Object[] parameterValues){
106 		Principal ppal = null;
107 
108 		Constructor constructor = null;
109 		try {
110 			constructor = clazz.getConstructor(parameterTypes);
111 		} catch (SecurityException e) {
112 			logger.error("",e);
113 		} catch (NoSuchMethodException e) {
114 			logger.error("",e);
115 		}
116 
117 		if(constructor!= null){
118 			try {
119 				ppal = (Principal)constructor.newInstance(parameterValues);
120 			} catch (IllegalArgumentException e) {
121 				logger.error("",e);
122 			} catch (InstantiationException e) {
123 				logger.error("",e);
124 			} catch (IllegalAccessException e) {
125 				logger.error("",e);
126 			} catch (InvocationTargetException e) {
127 				logger.error("",e);
128 			}
129 		}
130 
131 		return ppal;
132 	}
133         
134          /**
135           * clone deeply a set of {@link BasePrincipal} subclasses instances. 
136           */
137          public static Set clonePrincipalsSet(Set principals) throws CloneNotSupportedException{
138             Set clonedPrincipals = new HashSet();
139             Iterator principalsIterator = principals.iterator();
140             while(principalsIterator.hasNext()){
141                 BasePrincipal ppal = (BasePrincipal)principalsIterator.next();
142                 clonedPrincipals.add(ppal.clone());
143             }
144             return clonedPrincipals;
145         }
146          
147          	/**
148 	 * check principal Set against global Permissions.
149 	 * @param globalPermissions
150 	 * @param principals
151 	 */
152 	public static void checkPrincipals(Set globalPermissions, Set principals) {
153 		Iterator itPrincipals = principals.iterator();
154            while(itPrincipals.hasNext()){
155         	   RolePrincipal tempPrincipal = (RolePrincipal)itPrincipals.next();
156                Set permissionsFromTemplate =  tempPrincipal.getAllPermissions();
157                if(!globalPermissions.containsAll(permissionsFromTemplate)){
158             	   //we remove this principal which contains permissions not present in globalPermissions
159                    logger.warn(" principal called "+tempPrincipal.getLocalName()+" has been removed from the SubjectTemplate ");
160                    logger.warn(" because it contains permissions not owned by this organization throw its Principals ");
161             	   itPrincipals.remove();
162                }
163 
164            }
165 	}
166 }