[tmp/jakarta-migration.git] /

/**\r
 *  This document is a part of the source code and related artifacts\r
 *  for CollectionSpace, an open source collections management system\r
 *  for museums and related institutions:\r
\r
 *  http://www.collectionspace.org\r
 *  http://wiki.collectionspace.org\r
\r
 *  Copyright 2009 University of California at Berkeley\r
\r
 *  Licensed under the Educational Community License (ECL), Version 2.0.\r
 *  You may not use this file except in compliance with this License.\r
\r
 *  You may obtain a copy of the ECL 2.0 License at\r
\r
 *  https://source.collectionspace.org/collection-space/LICENSE.txt\r
\r
 *  Unless required by applicable law or agreed to in writing, software\r
 *  distributed under the License is distributed on an "AS IS" BASIS,\r
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
 *  See the License for the specific language governing permissions and\r
 *  limitations under the License.\r
 */\r
package org.collectionspace.authentication;\r
\r
import java.lang.reflect.Constructor;\r
import java.security.Principal;\r
import java.security.acl.Group;\r
import java.sql.Connection;\r
import java.sql.PreparedStatement;\r
import java.sql.ResultSet;\r
import java.sql.SQLException;\r
\r
import java.util.HashMap;\r
import javax.naming.InitialContext;\r
import javax.naming.NamingException;\r
import javax.security.auth.login.FailedLoginException;\r
import javax.security.auth.login.LoginException;\r
import javax.sql.DataSource;\r
import org.jboss.security.SimpleGroup;\r
import org.jboss.security.SimplePrincipal;\r
import org.jboss.security.auth.spi.DatabaseServerLoginModule;\r
//import org.slf4j.Logger;\r
//import org.slf4j.LoggerFactory;\r
\r
public class CSpaceDBLoginModule extends DatabaseServerLoginModule {\r
\r
    //disabled due to classloading problem\r
//    private Logger logger = LoggerFactory.getLogger(CSpaceDBLoginModule.class);\r
    private boolean log = true; //logger.isDebugEnabled();\r
\r
    private void log(String str) {\r
        System.out.println(str);\r
    }\r
\r
    protected String getUsersPassword() throws LoginException {\r
\r
        String username = getUsername();\r
        String password = null;\r
        Connection conn = null;\r
        PreparedStatement ps = null;\r
        ResultSet rs = null;\r
        InitialContext ctx = null;\r
        try {\r
\r
            ctx = new InitialContext();\r
            DataSource ds = (DataSource) ctx.lookup(dsJndiName);\r
            if (ds == null) {\r
                throw new IllegalArgumentException("datasource not found: " + dsJndiName);\r
            }\r
            conn = ds.getConnection();\r
            // Get the password\r
            if (log) {\r
                log("Executing query: " + principalsQuery + ", with username: " + username);\r
            }\r
            ps = conn.prepareStatement(principalsQuery);\r
            ps.setString(1, username);\r
            rs = ps.executeQuery();\r
            if (rs.next() == false) {\r
                if (log) {\r
                    log("Query returned no matches from db");\r
                }\r
                throw new FailedLoginException("No matching username found");\r
            }\r
\r
            password = rs.getString(1);\r
            password = convertRawPassword(password);\r
            if (log) {\r
                log("Obtained user password");\r
            }\r
        } catch (NamingException ex) {\r
            LoginException le = new LoginException("Error looking up DataSource from: " + dsJndiName);\r
            le.initCause(ex);\r
            throw le;\r
        } catch (SQLException ex) {\r
            LoginException le = new LoginException("Query failed");\r
            le.initCause(ex);\r
            throw le;\r
        } catch (Exception ex) {\r
            LoginException le = new LoginException("Unknown Exception");\r
            le.initCause(ex);\r
            throw le;\r
        } finally {\r
            if (rs != null) {\r
                try {\r
                    rs.close();\r
                } catch (SQLException e) {\r
                }\r
            }\r
            if (ps != null) {\r
                try {\r
                    ps.close();\r
                } catch (SQLException e) {\r
                }\r
            }\r
            if (conn != null) {\r
                try {\r
                    conn.close();\r
                } catch (SQLException ex) {\r
                }\r
            }\r
            if (ctx != null) {\r
                try {\r
                    ctx.close();\r
                } catch (Exception e) {\r
                }\r
            }\r
        }\r
        return password;\r
    }\r
\r
    /** Execute the rolesQuery against the dsJndiName to obtain the roles for\r
    the authenticated user.\r
\r
    @return Group[] containing the sets of roles\r
     */\r
    protected Group[] getRoleSets() throws LoginException {\r
        String username = getUsername();\r
        if (log) {\r
            log("getRoleSets using rolesQuery: " + rolesQuery + ", username: " + username);\r
        }\r
\r
        Connection conn = null;\r
        HashMap setsMap = new HashMap();\r
        PreparedStatement ps = null;\r
        ResultSet rs = null;\r
\r
        try {\r
            InitialContext ctx = new InitialContext();\r
            DataSource ds = (DataSource) ctx.lookup(dsJndiName);\r
            conn = ds.getConnection();\r
            // Get the user role names\r
            if (log) {\r
                log("Executing query: " + rolesQuery + ", with username: " + username);\r
            }\r
\r
            ps = conn.prepareStatement(rolesQuery);\r
            try {\r
                ps.setString(1, username);\r
            } catch (ArrayIndexOutOfBoundsException ignore) {\r
                // The query may not have any parameters so just try it\r
            }\r
            rs = ps.executeQuery();\r
            if (rs.next() == false) {\r
                if (log) {\r
                    log("No roles found");\r
                }\r
//                if(aslm.getUnauthenticatedIdentity() == null){\r
//                    throw new FailedLoginException("No matching username found in Roles");\r
//                }\r
                /* We are running with an unauthenticatedIdentity so create an\r
                empty Roles set and return.\r
                 */\r
\r
                Group[] roleSets = {new SimpleGroup("Roles")};\r
                return roleSets;\r
            }\r
\r
            do {\r
                String name = rs.getString(1);\r
                String groupName = rs.getString(2);\r
                if (groupName == null || groupName.length() == 0) {\r
                    groupName = "Roles";\r
                }\r
\r
                Group group = (Group) setsMap.get(groupName);\r
                if (group == null) {\r
                    group = new SimpleGroup(groupName);\r
                    setsMap.put(groupName, group);\r
                }\r
\r
                try {\r
//                    Principal p = aslm.createIdentity(name);\r
                    Principal p = createIdentity(name);\r
                    if (log) {\r
                        log("Assign user to role " + name);\r
                    }\r
\r
                    group.addMember(p);\r
                } catch (Exception e) {\r
                    log("Failed to create principal: " + name + " " + e.toString());\r
                }\r
\r
            } while (rs.next());\r
        } catch (NamingException ex) {\r
            LoginException le = new LoginException("Error looking up DataSource from: " + dsJndiName);\r
            le.initCause(ex);\r
            throw le;\r
        } catch (SQLException ex) {\r
            LoginException le = new LoginException("Query failed");\r
            le.initCause(ex);\r
            throw le;\r
        } finally {\r
            if (rs != null) {\r
                try {\r
                    rs.close();\r
                } catch (SQLException e) {\r
                }\r
            }\r
            if (ps != null) {\r
                try {\r
                    ps.close();\r
                } catch (SQLException e) {\r
                }\r
            }\r
            if (conn != null) {\r
                try {\r
                    conn.close();\r
                } catch (Exception ex) {\r
                }\r
            }\r
\r
        }\r
\r
        Group[] roleSets = new Group[setsMap.size()];\r
        setsMap.values().toArray(roleSets);\r
        return roleSets;\r
    }\r
\r
    /** Utility method to create a Principal for the given username. This\r
     * creates an instance of the principalClassName type if this option was\r
     * specified using the class constructor matching: ctor(String). If\r
     * principalClassName was not specified, a SimplePrincipal is created.\r
     *\r
     * @param username the name of the principal\r
     * @return the principal instance\r
     * @throws java.lang.Exception thrown if the custom principal type cannot be created.\r
     */\r
    protected Principal createIdentity(String username)\r
            throws Exception {\r
        Principal p = null;\r
        if (principalClassName == null) {\r
            p = new SimplePrincipal(username);\r
        } else {\r
            ClassLoader loader = Thread.currentThread().getContextClassLoader();\r
            Class clazz = loader.loadClass(principalClassName);\r
            Class[] ctorSig = {String.class};\r
            Constructor ctor = clazz.getConstructor(ctorSig);\r
            Object[] ctorArgs = {username};\r
            p = (Principal) ctor.newInstance(ctorArgs);\r
        }\r
\r
        return p;\r
    }\r
}\r