UserPrincipal xref

View Javadoc

1   /*
2   jGuard is a security framework based on top of jaas (java authentication and authorization security).
3   it is written for web applications, to resolve simply, access control problems.
4   version $Name$
5   http://sourceforge.net/projects/jguard/
6   
7   Copyright (C) 2004  Charles GAY
8   
9   This library is free software; you can redistribute it and/or
10  modify it under the terms of the GNU Lesser General Public
11  License as published by the Free Software Foundation; either
12  version 2.1 of the License, or (at your option) any later version.
13  
14  This library is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  Lesser General Public License for more details.
18  
19  You should have received a copy of the GNU Lesser General Public
20  License along with this library; if not, write to the Free Software
21  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
22  
23  
24  jGuard project home page:
25  http://sourceforge.net/projects/jguard/
26  
27  */
28  package net.sf.jguard.core.principals;
29  import java.io.Serializable;
30  import java.security.Principal;
31  import java.util.Collection;
32  import java.util.HashMap;
33  import java.util.HashSet;
34  import java.util.Iterator;
35  import java.util.Map;
36  import java.util.Set;
37  
38  import javax.security.auth.Subject;
39  
40  import net.sf.jguard.core.authentication.credentials.JGuardCredential;
41  import net.sf.jguard.core.organization.Organization;
42  
43  /**
44   * UserPrincipal is used to resolve ABAC permissions.
45   * @author <a href="mailto:vberetti@users.sourceforge.net">Vincent Beretti</a>
46   * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
47   */
48  public class UserPrincipal implements Principal,Serializable{
49  
50  	
51  	private static final String NO_NAME_FOUND = "NO NAME FOUND";
52  	private static final long serialVersionUID = 9075426017744650798L;
53  	private String name = "NO NAME DEFINED";
54  	private Subject subject;
55  
56  	public UserPrincipal(Subject subject){
57  		this.subject = subject;
58  	}
59          
60  
61  	public void setName(String name) {
62  		this.name = name;
63  		
64  	}
65  
66  	public Map getPrivateCredentials() {
67  		
68  		Set privateCredentials = getSubject().getPrivateCredentials();
69  		Map pCredentials = transformCredentialSetIntoMap(privateCredentials);
70  		return pCredentials;
71  	}
72  
73  	private Map transformCredentialSetIntoMap(Set credentials) {
74  		Map pCredentials = new HashMap();
75  		Iterator privateCIterator = credentials.iterator();
76  		while(privateCIterator.hasNext()){
77  			Object credential = privateCIterator.next();
78  			if(credential instanceof JGuardCredential){
79  				JGuardCredential jcred = (JGuardCredential)credential;
80  				if(!pCredentials.containsKey(jcred.getName())){
81  					Collection values = new HashSet();
82  					values.add(jcred.getValue());
83  					pCredentials.put(jcred.getName(),values);	
84  				}else{
85  					Collection valuesStored = (Collection) pCredentials.get(jcred.getName());
86  					valuesStored.add(jcred.getValue());
87  				}
88  				
89  			}
90  		}
91  		return pCredentials;
92  	}
93  
94  	public Map getPublicCredentials() {
95  		Set publicCredentials = getSubject().getPublicCredentials();
96  		Map pCredentials = transformCredentialSetIntoMap(publicCredentials);
97  		return pCredentials;
98  	}
99  
100 	/**
101 	 * @return the value of a credential present in the public credentials ' set
102 	 * of the Subject, if its 'id' is <i>"name"</i>. 
103 	 * @see net.sf.jguard.core.authentication.credentials.JGuardCredential
104 	 */
105 	public String getName() {
106 		//we cannot add a more significant method to avoid infinite loop
107         return NO_NAME_FOUND;
108 	}
109 	
110 	/**
111 	 * compare two SubjectAsPrincipal objects(compare their Subject).
112 	 * @param subjAsPrincipal
113 	 * @return true if the contained Subject is equals to the one contained
114 	 * in the SubjectAsPrincipal instance as parameter;otherwise, false.
115 	 */
116         @Override
117 	public boolean equals (Object object){
118 		UserPrincipal userPrincipal;
119 		if (object instanceof UserPrincipal) {
120 			userPrincipal = (UserPrincipal) object;
121 			if(getPrincipals().equals(userPrincipal.getPrincipals())){
122 				return true;
123 			}
124 			// we cannot include credentials in this method to avoid class circularity error 
125 		}
126 			return false;
127 		
128 	}
129 
130         @Override
131         public int hashCode() {
132             int hash = 7;
133             hash = 23 * hash + (this.name != null ? this.name.hashCode() : 0);
134             return hash;
135         }
136 	
137 	/**
138 	 * return principals present in the subject except userPrincipals
139 	 * to avoid infinite loop if we look into principals recursively.
140 	 * @return 
141 	 */
142 	protected Map getPrincipals(){
143 		
144 		//we filter userprincipal
145 		Set principals = getSubject().getPrincipals();
146 		Set filteredSet = new HashSet();
147 		Iterator it = principals.iterator();
148 		while(it.hasNext()){
149 			Principal principal = (Principal)it.next();
150 			if (!(principal instanceof UserPrincipal)) {
151 				filteredSet.add(principal);
152 			}
153 		}
154 		
155 		//we transform set into map for jexl
156 		Map ppals = new HashMap();
157 
158 		Iterator itFiletedPrincipals = filteredSet.iterator();
159 		while (itFiletedPrincipals.hasNext()){
160 			Principal principal = (Principal)itFiletedPrincipals.next();
161 			ppals.put(principal.getName(), principal);
162 		}
163 
164 		return ppals;
165 	}	
166 	
167 	
168 	/**
169 	 * return {@link RolePrincipal} present in subject. 
170 	 * @return 
171 	 */
172 	public Map getRoles(){
173 		return getSpecificPrincipals(RolePrincipal.class);
174 	}	
175         
176         /**
177 	 * return {@link RolePrincipal} present in subject. 
178 	 * @return 
179 	 */
180 	public Organization getOrganization(){
181 		 Set organizationSet = getSubject().getPrincipals(Organization.class);
182                  if(organizationSet.size()!=1){
183                      throw new IllegalStateException(" a UserPrincipal object can contains only one organization. if no one is set, the default 'system' organization is used ");
184                  }
185                  return (Organization) organizationSet.iterator().next();
186 	}
187 	
188 	
189 	private Map getSpecificPrincipals(Class principalSubclass){
190 		Set principals = getSubject().getPrincipals(principalSubclass);
191 		
192 		//we transform set into map for jexl
193 		Map ppals = new HashMap();
194 
195 		Iterator itPrincipals = principals.iterator();
196 		while (itPrincipals.hasNext()){
197 			Principal principal = (Principal)itPrincipals.next();
198 			ppals.put(principal.getName(), principal);
199 		}
200 		return ppals;
201 	}
202 
203 	public int compareTo(Object o) {
204 		UserPrincipal principal = (UserPrincipal)o;
205         if (this.equals(o)){
206             return 0;
207         }
208 
209         return this.getName().compareTo(principal.getName());
210 
211 	}
212 
213     @Override
214 	public String toString(){
215 		StringBuffer sb = new StringBuffer();
216 		sb.append("UserPrincipal ");
217 		sb.append(name);
218 		sb.append(this.hashCode());
219 		return sb.toString();
220 	}
221 	
222 	
223     public Subject getSubject() {
224         return subject;
225     }
226 }
227 
228 
229