001    /*
002      Copyright (C) 2001-2002 Renaud Pawlak <renaud@aopsys.com>
003                              Laurent Martelli <laurent@aopsys.com>
004      
005      This program is free software; you can redistribute it and/or modify
006      it under the terms of the GNU Lesser General Public License as
007      published by the Free Software Foundation; either version 2 of the
008      License, or (at your option) any later version.
009    
010      This program is distributed in the hope that it will be useful,
011      but WITHOUT ANY WARRANTY; without even the implied warranty of
012      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
013      GNU Lesser General Public License for more details.
014    
015      You should have received a copy of the GNU Lesser General Public License
016      along with this program; if not, write to the Free Software
017      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
018    
019    package org.objectweb.jac.aspects.authentication;
020    
021    import java.util.HashSet;
022    import java.util.Set;
023    import org.objectweb.jac.core.AspectComponent;
024    import org.objectweb.jac.core.rtti.ClassItem;
025    import org.objectweb.jac.core.rtti.MethodItem;
026    import org.objectweb.jac.util.ExtArrays;
027    import org.objectweb.jac.util.Log;
028    
029    /**
030     * This AC weaves the authentication aspect.
031     *
032     * <p>The authentication ensures that the authenticated method are
033     * called only when the user is known in the context. An external
034     * controller (such as the one defined by the user aspect) can by used
035     * to actually grant of refuse the access.
036     *
037     * @see AuthenticationWrapper
038     * @see org.objectweb.jac.aspects.user.UserAC */
039    
040    public class AuthenticationAC extends AspectComponent 
041        implements AuthenticationConf {   
042    
043        /** The contextual attribute that contains the authenticated user
044            if any. */
045        public static final String USER = "AuthenticationAC.USER";
046    
047        /** Stores the trusted users. */
048        protected HashSet trustedUsers = new HashSet();
049       
050        /**
051         * Tells if a given user is trusted or not.
052         *
053         * @param username the user's name
054         * @return true if the user has been added to the trusted users
055         * list */
056       
057        public boolean isTrustedUser(String username) 
058        {
059            Log.trace("authentication","isTrustedUser("+username+")");
060            return trustedUsers.contains(username);
061        }
062    
063        /**
064         * Returns all the declared trusted users.
065         *
066         * @see #addTrustedUser(String) */
067    
068        public Set getTrustedUsers() {
069            return trustedUsers;
070        }
071    
072        AuthenticationWrapper wrapper;
073        AuthenticationWrapper getWrapper() {
074            if (wrapper==null) {
075                wrapper = new AuthenticationWrapper(this,authenticator,null);
076                //wrapper.setAspectComponent(ACManager.get().getName(this));
077            }
078            return wrapper;
079        }
080    
081        // AuthenticationConf interface
082    
083        public void addTrustedUser(String username) {
084            Log.trace("authentication","addTrustedUser("+username+")");
085            trustedUsers.add(username);
086        }
087    
088        public void setController(String classes,
089                                  String methods,
090                                  MethodItem controller) {
091            Log.trace("authentication","setController("+
092                      classes+","+methods+","+controller+")");
093            getWrapper().setController(controller);
094            //wrapper.setAspectComponent(ACManager.get().getName(this));
095            pointcut("ALL",classes,methods,
096                     wrapper,null);
097        }
098    
099        public void setDisplayController(MethodItem controller) {
100            setController("org.objectweb.jac.core.Display",
101                          ".*showCustomized.* || .*fullRefresh.*",
102                          controller);
103        }
104    
105        public void setAccessDeniedMessage(String message) {
106            getWrapper().setAccessDeniedMessage(message);
107        }
108    
109        public void addRestrictedMethods(String classes,
110                                         String methods,
111                                         String objects ) {
112            Log.trace("authentication","addRestrictedMethods("+
113                      classes+","+methods+","+objects+")");
114            pointcut(objects,classes,methods,
115                     getWrapper(),null);
116        }
117    
118        public void addRestrictedObjects(String objects) {
119            pointcut(objects,"ALL","ALL",
120                     getWrapper(),null);
121        }
122    
123        public void addRestrictedObjects(String objects, String classes) {
124            pointcut(objects,classes,"ALL",
125                     getWrapper(),null);
126        }
127    
128        Authenticator authenticator;
129    
130        public void setAuthenticator(ClassItem authenticatorClass) {      
131            setAuthenticator(authenticatorClass, ExtArrays.emptyStringArray);
132        }   
133    
134        public void setAuthenticator(ClassItem authenticatorClass, String[] parameters) {
135            Log.trace("authentication","setAuthenticator("+authenticatorClass+")");
136            try {
137                authenticator = (Authenticator)authenticatorClass.newInstance(parameters);
138            } catch(Exception e) {
139                throw new RuntimeException("Failed to instanciate authenticator "+
140                                           authenticatorClass+": "+e);
141            }
142            getWrapper().setAuthenticator(authenticator);
143        }   
144    
145    }