You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by gg...@apache.org on 2002/09/06 05:29:40 UTC
cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/nosecurity NoUserManagement.java NoPermissionManagement.java NoRoleManagement.java FakeJetspeedUser.java NoAuthentication.java NoGroupManagement.java
ggolden 2002/09/05 20:29:40
Added: src/java/org/apache/jetspeed/services/security/nosecurity
NoUserManagement.java NoPermissionManagement.java
NoRoleManagement.java FakeJetspeedUser.java
NoAuthentication.java NoGroupManagement.java
Log:
Filled out the Jetspeed Security "nosecurity" service components to include
the full set of management and authentication services, so, if selected, Jetspeed
can actually run with NO dependence or use of the Turbine user / group / role
object models.
Maybe not ideal for production use, but interesting for testing,
and a good start for new security component implementations.
Hey - Jetspeed actually RUNS with these puppies!
Extended the JetspeedSecurity template/default which produces the
JetspeedSecurity.properties file so that all services can be selected.
To use the nosecurity services:
- edit the JetspeedSecurity.default file to enable the services you want
(they are all in there but commented out).
- do a "build clean" to generate the JetspeedSecurity.properties file
- do a full build and continue the build / deploy process.
Any psml that is there will be used - any user login that does not have a psml
will fallback to the "user" role psml.
Have fun!
Revision Changes Path
1.1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/nosecurity/NoUserManagement.java
Index: NoUserManagement.java
===================================================================
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Jetspeed" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache" or
* "Apache Jetspeed", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.jetspeed.services.security.nosecurity;
import java.util.Vector;
import java.util.Iterator;
import java.security.Principal;
// Turbine
import org.apache.turbine.services.TurbineBaseService;
// Jetspeed Security
import org.apache.jetspeed.om.security.JetspeedUser;
import org.apache.jetspeed.services.security.UserManagement;
import org.apache.jetspeed.services.security.nosecurity.FakeJetspeedUser;
import org.apache.jetspeed.services.security.CredentialsManagement;
import org.apache.jetspeed.services.security.JetspeedSecurityException;
/**
* <p> The <code>NoUserManagement</code> class is a Jetspeed
* security provider, implementing the <code>UserManagement</code> and <code>CredentialsManagement</code>
* interfaces. It does not manage any users - no users are listed, no users are saved, any
* request for a user is satisfied with a temp. User object.
*
* @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
* @version $Id: NoUserManagement.java,v 1.1 2002/09/06 03:29:40 ggolden Exp $
*/
public class NoUserManagement
extends TurbineBaseService
implements UserManagement, CredentialsManagement
{
/**
* Retrieves a <code>JetspeedUser</code> given the primary principle.
* The principal can be any valid Jetspeed Security Principal:
* <code>org.apache.jetspeed.om.security.UserNamePrincipal</code>
* <code>org.apache.jetspeed.om.security.UserIdPrincipal</code>
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param principal a principal identity to be retrieved.
* @return a <code>JetspeedUser</code> associated to the principal identity.
* @exception UserException when the security provider has a general failure retrieving a user.
* @exception UnknownUserException when the security provider cannot match
* the principal identity to a user.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public JetspeedUser getUser(Principal principal)
throws JetspeedSecurityException
{
// create a user object with this username for Jetspeed use
FakeJetspeedUser user = new FakeJetspeedUser(principal.getName(), false);
return user;
}
/**
* Retrieves a collection of all <code>JetspeedUser</code>s.
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @return a collection of <code>JetspeedUser</code> entities.
* @exception UserException when the security provider has a general failure retrieving users.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Iterator getUsers()
throws JetspeedSecurityException
{
return new Vector().iterator();
}
/**
* Retrieves a collection of <code>JetspeedUser</code>s filtered by a security
* provider-specific query string. For example SQL, OQL, JDOQL.
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @return a collection of <code>JetspeedUser</code> entities.
* @exception UserException when the security provider has a general failure retrieving users.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Iterator getUsers(String filter)
throws JetspeedSecurityException
{
return new Vector().iterator();
}
/**
* Saves a <code>JetspeedUser</code>'s attributes into permanent storage.
* The user's account is required to exist in the storage.
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception UserException when the security provider has a general failure retrieving users.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void saveUser(JetspeedUser user)
throws JetspeedSecurityException
{
}
/**
* Adds a <code>JetspeedUser</code> into permanent storage.
* The security service can throw a <code>NotUniqueUserException</code> when the public
* credentials fail to meet the security provider-specific unique constraints.
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception UserException when the security provider has a general failure retrieving users.
* @exception NotUniqueUserException when the public credentials fail to meet
* the security provider-specific unique constraints.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void addUser(JetspeedUser user)
throws JetspeedSecurityException
{
}
/**
* Removes a <code>JetspeedUser</code> from the permanent store.
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param principal the principal identity to be retrieved.
* @exception UserException when the security provider has a general failure retrieving a user.
* @exception UnknownUserException when the security provider cannot match
* the principal identity to a user.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void removeUser(Principal principal)
throws JetspeedSecurityException
{
}
/**
* Allows for a user to change their own password.
*
* @param user the user to change the password for.
* @param oldPassword the current password supplied by the user.
* @param newPassword the current password requested by the user.
* @exception UserException when the security provider has a general failure retrieving a user.
* @exception UnknownUserException when the security provider cannot match
* the principal identity to a user.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void changePassword( JetspeedUser user,
String oldPassword,
String newPassword )
throws JetspeedSecurityException
{
}
/**
* Forcibly sets new password for a User.
*
* Provides an administrator the ability to change the forgotten or
* compromised passwords. Certain implementatations of this feature
* would require administrative level access to the authenticating
* server / program.
*
* @param user the user to change the password for.
* @param password the new password.
* @exception UserException when the security provider has a general failure retrieving a user.
* @exception UnknownUserException when the security provider cannot match
* the principal identity to a user.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void forcePassword( JetspeedUser user, String password )
throws JetspeedSecurityException
{
}
/**
* This method provides client-side encryption of passwords.
*
* If <code>secure.passwords</code> are enabled in JetspeedSecurity properties,
* the password will be encrypted, if not, it will be returned unchanged.
* The <code>secure.passwords.algorithm</code> property can be used
* to chose which digest algorithm should be used for performing the
* encryption. <code>SHA</code> is used by default.
*
* @param password the password to process
* @return processed password
*/
public String encryptPassword( String password )
throws JetspeedSecurityException
{
return password;
}
}
1.1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/nosecurity/NoPermissionManagement.java
Index: NoPermissionManagement.java
===================================================================
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Jetspeed" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache" or
* "Apache Jetspeed", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.jetspeed.services.security.nosecurity;
import java.util.Iterator;
import java.util.Vector;
// Jetspeed Security
import org.apache.jetspeed.services.security.PermissionManagement;
import org.apache.jetspeed.om.security.Permission;
import org.apache.jetspeed.services.JetspeedSecurity;
import org.apache.jetspeed.om.security.BaseJetspeedPermission;
// Jetspeed Security Exceptions
import org.apache.jetspeed.services.security.JetspeedSecurityException;
// Rundata
import org.apache.jetspeed.services.rundata.JetspeedRunDataService;
import org.apache.jetspeed.services.rundata.JetspeedRunData;
import org.apache.turbine.services.rundata.RunDataService;
// Turbine
import org.apache.turbine.services.TurbineBaseService;
/**
* <p> The <code>NoPermissionManagement</code> class is a Jetspeed
* security provider, implementing the <code>PermissionManagement</code> interface.
* It provides no permission management - no roles have permissions, no permissions are
* saved, and requests for any permission is satisfied with a temp. Permission object.
*
* @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
* @version $Id: NoPermissionManagement.java,v 1.1 2002/09/06 03:29:40 ggolden Exp $
*/
public class NoPermissionManagement
extends TurbineBaseService
implements PermissionManagement
{
/**
* Retrieves all <code>Permission</code>s for a given rolename principal.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param rolename a role name identity to be retrieved.
* @return Iterator over all permissions associated to the role principal.
* @exception PermissionException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Iterator getPermissions(String rolename)
throws JetspeedSecurityException
{
return new Vector().iterator();
}
/**
* Retrieves all <code>Permission</code>s.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @return Iterator over all permissions.
* @exception PermissionException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Iterator getPermissions()
throws JetspeedSecurityException
{
return new Vector().iterator();
}
/**
* Adds a <code>Permission</code> into permanent storage.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception PermissionException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void addPermission(Permission permission)
throws JetspeedSecurityException
{
}
/**
* Saves a <code>Permission</code> into permanent storage.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception PermissionException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void savePermission(Permission permission)
throws JetspeedSecurityException
{
}
/**
* Removes a <code>Permission</code> from the permanent store.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param permissionName the principal identity of the permission to be retrieved.
* @exception PermissionException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void removePermission(String permissionName)
throws JetspeedSecurityException
{
}
/**
* Grants a permission to a role.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param roleName grant a permission to this role.
* @param permissionName the permission to grant to the role.
* @exception PermissionException when the security provider has a general failure retrieving permissions.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void grantPermission(String roleName, String permissionName)
throws JetspeedSecurityException
{
}
/**
* Revokes a permission from a role.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param roleName grant a permission to this role.
* @param permissionName the permission to grant to the role.
* @exception PermissionException when the security provider has a general failure retrieving permissions.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void revokePermission(String roleName, String permissionName)
throws JetspeedSecurityException
{
}
/**
* Checks for the relationship of role has a permission. Returns true when the role has the given permission.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param roleName grant a permission to this role.
* @param permissionName the permission to grant to the role.
* @exception PermissionException when the security provider has a general failure retrieving permissions.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public boolean hasPermission(String roleName, String permissionName)
throws JetspeedSecurityException
{
return false;
}
/**
* Retrieves a single <code>Permission</code> for a given permissionName principal.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param permissionName a permission principal identity to be retrieved.
* @return Permission the permission record retrieved.
* @exception PermissionException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Permission getPermission(String permissionName)
throws JetspeedSecurityException
{
BaseJetspeedPermission r = new BaseJetspeedPermission();
//r.setNew(false);
r.setName(permissionName);
r.setId(permissionName);
return r;
}
}
1.1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/nosecurity/NoRoleManagement.java
Index: NoRoleManagement.java
===================================================================
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Jetspeed" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache" or
* "Apache Jetspeed", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.jetspeed.services.security.nosecurity;
import java.util.Iterator;
import java.util.Vector;
// Jetspeed Security
import org.apache.jetspeed.services.security.RoleManagement;
import org.apache.jetspeed.om.security.Role;
import org.apache.jetspeed.services.JetspeedSecurity;
import org.apache.jetspeed.om.security.BaseJetspeedRole;
// Jetspeed Security Exceptions
import org.apache.jetspeed.services.security.JetspeedSecurityException;
// Turbine
import org.apache.turbine.services.TurbineBaseService;
/**
* <p> The <code>NoRoleManagement</code> class is a Jetspeed
* security provider, implementing the <code>RoleManagement</code> interface.
* It provides no role management - only the "user" role exists for any user, no roles are
* listed or saved, any role requested is supplied with a temp. Role object.
*
* @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
* @version $Id: NoRoleManagement.java,v 1.1 2002/09/06 03:29:40 ggolden Exp $
*/
public class NoRoleManagement
extends TurbineBaseService
implements RoleManagement
{
/**
* Retrieves all <code>Role</code>s for a given username principal.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param username a user principal identity to be retrieved.
* @return Iterator over all roles associated to the user principal.
* @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Iterator getRoles(String username)
throws JetspeedSecurityException
{
// give everyone the "user" role
Vector v = new Vector(1);
BaseJetspeedRole r = new BaseJetspeedRole();
//r.setNew(false);
r.setName(JetspeedSecurity.JETSPEED_ROLE_USER);
r.setId(JetspeedSecurity.JETSPEED_ROLE_USER);
v.add(r);
return v.iterator();
}
/**
* Retrieves all <code>Role</code>s.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @return Iterator over all roles.
* @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Iterator getRoles()
throws JetspeedSecurityException
{
return new Vector().iterator();
}
/**
* Adds a <code>Role</code> into permanent storage.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void addRole(Role role)
throws JetspeedSecurityException
{
}
/**
* Saves a <code>Role</code> into permanent storage.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void saveRole(Role role)
throws JetspeedSecurityException
{
}
/**
* Removes a <code>Role</code> from the permanent store.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param rolename the principal identity of the role to be retrieved.
* @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void removeRole(String rolename)
throws JetspeedSecurityException
{
}
/**
* Grants a role to a user.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception RoleException when the security provider has a general failure retrieving roles.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void grantRole(String username, String rolename)
throws JetspeedSecurityException
{
}
/**
* Revokes a role from a user.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception RoleException when the security provider has a general failure retrieving roles.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void revokeRole(String username, String rolename)
throws JetspeedSecurityException
{
}
/**
* Checks for the relationship of user has a role. Returns true when the user has the given role.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception RoleException when the security provider has a general failure retrieving roles.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public boolean hasRole(String username, String rolename)
throws JetspeedSecurityException
{
// give everyone the "user" role
if (rolename.equals(JetspeedSecurity.JETSPEED_ROLE_USER)) return true;
return false;
}
/**
* Retrieves a single <code>Role</code> for a given rolename principal.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param rolename a role principal identity to be retrieved.
* @return Role the role record retrieved.
* @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Role getRole(String rolename)
throws JetspeedSecurityException
{
BaseJetspeedRole r = new BaseJetspeedRole();
//r.setNew(false);
r.setName(rolename);
r.setId(rolename);
return r;
}
}
1.1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/nosecurity/FakeJetspeedUser.java
Index: FakeJetspeedUser.java
===================================================================
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Jetspeed" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache" or
* "Apache Jetspeed", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
// package
package org.apache.jetspeed.services.security.nosecurity;
// imports
import javax.servlet.http.HttpSessionBindingEvent;
import org.apache.jetspeed.om.security.BaseJetspeedUser;
/**
* <p> A fake jetspeed user - constructed as needed.</p>
*
* @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
* @version $Id: FakeJetspeedUser.java,v 1.1 2002/09/06 03:29:40 ggolden Exp $
*/
public class FakeJetspeedUser
extends BaseJetspeedUser
{
public FakeJetspeedUser(String id, boolean loggedIn)
{
setUserId(id);
setUserName(id);
setHasLoggedIn(new Boolean(loggedIn));
setConfirmed(CONFIRM_DATA);
setFirstName("");
setLastName(id);
}
public void valueUnbound(HttpSessionBindingEvent hsbe) {}
public void save() {}
} // class FakeJetspeedUser
1.1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/nosecurity/NoAuthentication.java
Index: NoAuthentication.java
===================================================================
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Jetspeed" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache" or
* "Apache Jetspeed", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.jetspeed.services.security.nosecurity;
import org.apache.turbine.services.TurbineBaseService;
import org.apache.turbine.services.TurbineServices;
import org.apache.turbine.services.InitializationException;
import org.apache.jetspeed.services.security.PortalAuthentication;
import org.apache.jetspeed.services.security.LoginException;
import org.apache.jetspeed.services.JetspeedSecurity;
import org.apache.jetspeed.om.security.JetspeedUser;
import org.apache.jetspeed.services.security.LoginException;
import org.apache.jetspeed.services.security.FailedLoginException;
import org.apache.jetspeed.services.rundata.JetspeedRunDataService;
import org.apache.jetspeed.services.rundata.JetspeedRunData;
import org.apache.jetspeed.services.security.nosecurity.FakeJetspeedUser;
import org.apache.turbine.services.rundata.RunDataService;
/**
* <p> The <code>NoAuthentication</code> class is a Jetspeed
* security provider, implementing the <code>PortalAuthentication</code> interface.
* It provides no authentication - all login attempts are allowed.
*
* @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
* @version $Id: NoAuthentication.java,v 1.1 2002/09/06 03:29:40 ggolden Exp $
*/
public class NoAuthentication
extends TurbineBaseService
implements PortalAuthentication
{
/** The JetspeedRunData Service. */
private JetspeedRunDataService m_runDataService = null;
/**
* Given a public credential(username) and private credential(password),
* perform authentication. If authentication succeeds, a <code>JetspeedUser</code>
* is returned representing the authenticated subject.
*
* @param username a public credential of the subject to be authenticated.
* @param password a private credentialof the subject to be authenticated.
* @return a <code>JetspeedUser</code> object representing the authenticated subject.
* @exception LoginException when general security provider failure.
* @exception FailedLoginException when the authentication failed.
* @exception AccountExpiredException when the subject's account is expired.
* @exception CredentialExpiredException when the subject's credential is expired.
*/
public JetspeedUser login(String username, String password)
throws LoginException
{
// we let anyone in!
if (false) throw new FailedLoginException("Invalid user id or password");
// create a user object with this username for Jetspeed use
FakeJetspeedUser user = new FakeJetspeedUser(username, true);
// make it the logged in user for Jetspeed
putUserIntoContext(user);
return user;
} // login
/**
* Automatically authenticates and retrieves the portal anonymous user.
*
* @return a <code>JetspeedUser</code> object representing the authenticated subject.
* @exception LoginException if the authentication fails.
*/
public JetspeedUser getAnonymousUser()
throws LoginException
{
// create a user object with this username for Jetspeed use
FakeJetspeedUser user = new FakeJetspeedUser(JetspeedSecurity.getAnonymousUserName(), false);
// make it the logged in user for Jetspeed
putUserIntoContext(user);
return user;
} // getAnonymousUser
/**
* Logout the <code>JetspeedUser</code>.
*
* The logout procedure my may include removing/destroying
* <code>Principal</code> and <code>Credential</code> information
* if relevant to the security provider.
*
* @exception LoginException if the logout fails.
*/
public void logout()
throws LoginException
{
// revert to the anon. user as the current user
getAnonymousUser();
} // logout
/**
* Performs late initialization. Called just before the first use of the service.
*
* If your class relies on early initialization, and the object it
* expects was not received, you can use late initialization to
* throw an exception and complain.
*
* @exception InitializationException, if initialization of this class was not successful.
*/
public synchronized void init()
throws InitializationException
{
super.init();
m_runDataService =
(JetspeedRunDataService)TurbineServices.getInstance()
.getService(RunDataService.SERVICE_NAME);
} // init
////////////////////////////////////////////////////////////////////////////
protected JetspeedRunData getRunData()
{
JetspeedRunData rundata = null;
if (m_runDataService != null)
{
rundata = m_runDataService.getCurrentRunData();
}
return rundata;
}
protected JetspeedUser getUserFromContext()
{
JetspeedRunData rundata = getRunData();
JetspeedUser user = null;
if (rundata != null)
{
user = (JetspeedUser)rundata.getUser();
}
return user;
}
protected JetspeedRunData putUserIntoContext(JetspeedUser user)
{
JetspeedRunData rundata = getRunData();
if (rundata != null)
{
rundata.setUser(user);
rundata.save();
}
return rundata;
}
}
1.1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/nosecurity/NoGroupManagement.java
Index: NoGroupManagement.java
===================================================================
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Jetspeed" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache" or
* "Apache Jetspeed", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.jetspeed.services.security.nosecurity;
import java.util.Iterator;
import java.util.Vector;
// Jetspeed Security
import org.apache.jetspeed.services.security.GroupManagement;
import org.apache.jetspeed.om.security.Group;
import org.apache.jetspeed.om.security.BaseJetspeedGroup;
// Jetspeed Security Exceptions
import org.apache.jetspeed.services.security.JetspeedSecurityException;
// Turbine
import org.apache.turbine.services.TurbineBaseService;
/**
* <p> The <code>NoGroupManagement</code> class is a Jetspeed
* security provider, implementing the <code>GroupManagement</code> interface.
* It provides no group management - no groups are listed, no groups are saved,
* no users are in any groups, any request for a group is satisfied with a temporary Group object.
*
* @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
* @version $Id: NoGroupManagement.java,v 1.1 2002/09/06 03:29:40 ggolden Exp $
*/
public class NoGroupManagement
extends TurbineBaseService
implements GroupManagement
{
/**
* Retrieves all <code>Group</code>s for a given username principal.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param username a user principal identity to be retrieved.
* @return Iterator over all groups associated to the user principal.
* @exception GroupException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Iterator getGroups(String username)
throws JetspeedSecurityException
{
return new Vector().iterator();
}
/**
* Retrieves all <code>Group</code>s.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @return Iterator over all groups.
* @exception GroupException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Iterator getGroups()
throws JetspeedSecurityException
{
return new Vector().iterator();
}
/**
* Adds a <code>Group</code> into permanent storage.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception GroupException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void addGroup(Group group)
throws JetspeedSecurityException
{
}
/**
* Saves a <code>Group</code> into permanent storage.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception GroupException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void saveGroup(Group group)
throws JetspeedSecurityException
{
}
/**
* Removes a <code>Group</code> from the permanent store.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param groupname the principal identity of the group to be retrieved.
* @exception GroupException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void removeGroup(String groupname)
throws JetspeedSecurityException
{
}
/**
* Joins a user to a group.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception GroupException when the security provider has a general failure retrieving groups.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void joinGroup(String username, String groupname)
throws JetspeedSecurityException
{
}
/**
* Unjoins a user from a group.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception GroupException when the security provider has a general failure retrieving groups.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public void unjoinGroup(String username, String groupname)
throws JetspeedSecurityException
{
}
/**
* Checks for the relationship of user in a group. Returns true when the user is in the given group.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @exception GroupException when the security provider has a general failure retrieving groups.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public boolean inGroup(String username, String groupname)
throws JetspeedSecurityException
{
return false;
}
/**
* Retrieves a single <code>Group</code> for a given groupname principal.
*
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
* @param groupname a group principal identity to be retrieved.
* @return Group the group record retrieved.
* @exception GroupException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
*/
public Group getGroup(String groupname)
throws JetspeedSecurityException
{
BaseJetspeedGroup r = new BaseJetspeedGroup();
//r.setNew(false);
r.setName(groupname);
r.setId(groupname);
return r;
}
}
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>