001 /* 002 Copyright (C) 2001-2002 Renaud Pawlak <renaud@aopsys.com> 003 Laurent Martelli <laurent@aopsys.com> 004 005 This program is free software; you can redistribute it and/or modify 006 it under the terms of the GNU Lesser General Public License as 007 published by the Free Software Foundation; either version 2 of the 008 License, or (at your option) any later version. 009 010 This program is distributed in the hope that it will be useful, 011 but WITHOUT ANY WARRANTY; without even the implied warranty of 012 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 013 GNU Lesser General Public License for more details. 014 015 You should have received a copy of the GNU Lesser General Public License 016 along with this program; if not, write to the Free Software 017 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ 018 019 package org.objectweb.jac.aspects.authentication; 020 021 import java.util.HashSet; 022 import java.util.Set; 023 import org.objectweb.jac.core.AspectComponent; 024 import org.objectweb.jac.core.rtti.ClassItem; 025 import org.objectweb.jac.core.rtti.MethodItem; 026 import org.objectweb.jac.util.ExtArrays; 027 import org.objectweb.jac.util.Log; 028 029 /** 030 * This AC weaves the authentication aspect. 031 * 032 * <p>The authentication ensures that the authenticated method are 033 * called only when the user is known in the context. An external 034 * controller (such as the one defined by the user aspect) can by used 035 * to actually grant of refuse the access. 036 * 037 * @see AuthenticationWrapper 038 * @see org.objectweb.jac.aspects.user.UserAC */ 039 040 public class AuthenticationAC extends AspectComponent 041 implements AuthenticationConf { 042 043 /** The contextual attribute that contains the authenticated user 044 if any. */ 045 public static final String USER = "AuthenticationAC.USER"; 046 047 /** Stores the trusted users. */ 048 protected HashSet trustedUsers = new HashSet(); 049 050 /** 051 * Tells if a given user is trusted or not. 052 * 053 * @param username the user's name 054 * @return true if the user has been added to the trusted users 055 * list */ 056 057 public boolean isTrustedUser(String username) 058 { 059 Log.trace("authentication","isTrustedUser("+username+")"); 060 return trustedUsers.contains(username); 061 } 062 063 /** 064 * Returns all the declared trusted users. 065 * 066 * @see #addTrustedUser(String) */ 067 068 public Set getTrustedUsers() { 069 return trustedUsers; 070 } 071 072 AuthenticationWrapper wrapper; 073 AuthenticationWrapper getWrapper() { 074 if (wrapper==null) { 075 wrapper = new AuthenticationWrapper(this,authenticator,null); 076 //wrapper.setAspectComponent(ACManager.get().getName(this)); 077 } 078 return wrapper; 079 } 080 081 // AuthenticationConf interface 082 083 public void addTrustedUser(String username) { 084 Log.trace("authentication","addTrustedUser("+username+")"); 085 trustedUsers.add(username); 086 } 087 088 public void setController(String classes, 089 String methods, 090 MethodItem controller) { 091 Log.trace("authentication","setController("+ 092 classes+","+methods+","+controller+")"); 093 getWrapper().setController(controller); 094 //wrapper.setAspectComponent(ACManager.get().getName(this)); 095 pointcut("ALL",classes,methods, 096 wrapper,null); 097 } 098 099 public void setDisplayController(MethodItem controller) { 100 setController("org.objectweb.jac.core.Display", 101 ".*showCustomized.* || .*fullRefresh.*", 102 controller); 103 } 104 105 public void setAccessDeniedMessage(String message) { 106 getWrapper().setAccessDeniedMessage(message); 107 } 108 109 public void addRestrictedMethods(String classes, 110 String methods, 111 String objects ) { 112 Log.trace("authentication","addRestrictedMethods("+ 113 classes+","+methods+","+objects+")"); 114 pointcut(objects,classes,methods, 115 getWrapper(),null); 116 } 117 118 public void addRestrictedObjects(String objects) { 119 pointcut(objects,"ALL","ALL", 120 getWrapper(),null); 121 } 122 123 public void addRestrictedObjects(String objects, String classes) { 124 pointcut(objects,classes,"ALL", 125 getWrapper(),null); 126 } 127 128 Authenticator authenticator; 129 130 public void setAuthenticator(ClassItem authenticatorClass) { 131 setAuthenticator(authenticatorClass, ExtArrays.emptyStringArray); 132 } 133 134 public void setAuthenticator(ClassItem authenticatorClass, String[] parameters) { 135 Log.trace("authentication","setAuthenticator("+authenticatorClass+")"); 136 try { 137 authenticator = (Authenticator)authenticatorClass.newInstance(parameters); 138 } catch(Exception e) { 139 throw new RuntimeException("Failed to instanciate authenticator "+ 140 authenticatorClass+": "+e); 141 } 142 getWrapper().setAuthenticator(authenticator); 143 } 144 145 }