You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by sa...@apache.org on 2014/04/14 20:30:32 UTC
[30/90] [abbrv] [partial] AIRAVATA-1124
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/rest/webapp/src/main/webapp/index.jsp
----------------------------------------------------------------------
diff --git a/modules/rest/webapp/src/main/webapp/index.jsp b/modules/rest/webapp/src/main/webapp/index.jsp
deleted file mode 100644
index e6be3f8..0000000
--- a/modules/rest/webapp/src/main/webapp/index.jsp
+++ /dev/null
@@ -1,26 +0,0 @@
-<%--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
---%>
-
-<html>
-<body>
-<img src="images/airavata-logo-2.png">
-<h2>Airavata REST API</h2>
-<p>Welcome to Airavata Web Application</p>
-
-<p><a href="user-store/index.jsp"><b>Manage Local User Store</b></a></p>
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/rest/webapp/src/main/webapp/user-store/add.jsp
----------------------------------------------------------------------
diff --git a/modules/rest/webapp/src/main/webapp/user-store/add.jsp b/modules/rest/webapp/src/main/webapp/user-store/add.jsp
deleted file mode 100644
index 3bd0feb..0000000
--- a/modules/rest/webapp/src/main/webapp/user-store/add.jsp
+++ /dev/null
@@ -1,142 +0,0 @@
-<%--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
---%>
-<%@ page import="org.apache.airavata.services.registry.rest.security.local.LocalUserStore" %>
-
-<html>
-
-<head>
- <script language="javascript" type="text/javascript">
- function validatePassword(fld1name, regString) {
- var stringValue = document.getElementsByName(fld1name)[0].value;
- var errorMessage = "";
- if(regString != "null" && !stringValue.match(new RegExp(regString))){
- errorMessage = "Password does not meet minimum requirements. Password length must be at least 6 " +
- "characters.";
- return errorMessage;
- }else if(regString != "null" && stringValue == ''){
- return errorMessage;
- }
-
- if (stringValue == '') {
- errorMessage = "Empty passwords are not allowed. Please enter a valid password";
- return errorMessage;
- }
-
- return errorMessage;
- }
-
- function validateUsername(fld1name) {
- var stringValue = document.getElementsByName(fld1name)[0].value;
- var errorMessage = "";
-
- if (stringValue == '') {
- errorMessage = "Empty user names are not allowed. Please enter a valid user name.";
- return errorMessage;
- }
-
- return errorMessage;
- }
-
- function checkPasswordsMatching(fld1name, fld2name) {
-
- var stringValue1 = document.getElementsByName(fld1name)[0].value;
- var stringValue2 = document.getElementsByName(fld2name)[0].value;
- var errorMessage = "";
-
- if (stringValue1 != stringValue2) {
- errorMessage = "Confirm password does not match with the password. Please re-enter passwords.";
- return errorMessage;
- }
-
- return errorMessage;
-
- }
-
- function validate() {
- var reason = "";
-
- reason = validateUsername("username");
-
- if (reason != "") {
- alert(reason);
- return false;
- }
-
- reason = validatePassword("newPassword", <%=LocalUserStore.getPasswordRegularExpression()%>);
-
- if (reason != "") {
- alert(reason);
- document.getElementsByName("newPassword")[0].clear();
- return false;
- }
-
- reason = checkPasswordsMatching("newPassword", "confirmPassword");
-
- if (reason != "") {
- alert(reason);
- document.getElementsByName("newPassword")[0].clear();
- document.getElementsByName("confirmPassword")[0].clear();
- return false;
- }
-
- return true;
- }
-
- function doProcess() {
- if (validate() == true) {
- document.registration.submit();
- }
- }
-
-
- </script>
-</head>
-
-<body>
-<img src="../images/airavata-logo-2.png">
-<h2>Airavata REST API - Local User Store</h2>
-<p><b>Manage Local User Store - Add New User</b></p>
-
-<form action="index.jsp" name="registration" method="POST">
-
- <input type="hidden" name="operation" value="addUser">
- <table>
- <tr>
- <td>User Name</td>
- <td><input type="text" name="username" maxlength="150"></td>
- </tr>
- <tr>
- <td>Password</td>
- <td><input type="password" name="newPassword"/></td>
- </tr>
- <tr>
- <td>Re-Type Password</td>
- <td><input type="password" name="confirmPassword"/></td>
- </tr>
- </table>
-
- <table>
- <tr>
- <td><input type="button" value="Add" onclick= 'doProcess()'></td>
- <td><a href="index.jsp"><input type="button" value="Cancel" name="Cancel"/> </a> </td>
- </tr>
- </table>
-
-</form>
-
-</body>
-</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/rest/webapp/src/main/webapp/user-store/index.jsp
----------------------------------------------------------------------
diff --git a/modules/rest/webapp/src/main/webapp/user-store/index.jsp b/modules/rest/webapp/src/main/webapp/user-store/index.jsp
deleted file mode 100644
index b5b1cb1..0000000
--- a/modules/rest/webapp/src/main/webapp/user-store/index.jsp
+++ /dev/null
@@ -1,138 +0,0 @@
-<%--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
---%>
-
-<%@ page import = "org.apache.airavata.services.registry.rest.security.local.LocalUserStore" %>
-<%@ page import="org.apache.airavata.services.registry.rest.security.basic.BasicAccessAuthenticator" %>
-<%@ page import="org.apache.airavata.services.registry.rest.security.HttpAuthenticatorFilter" %>
-<%@ page import="java.util.List" %>
-<%@ page import="org.apache.airavata.common.utils.Constants" %>
-<%
-
- LocalUserStore localUserStore = (LocalUserStore)session.getAttribute("LocalUserStore");
-
- if (localUserStore == null) {
-
- String operatingUser = (String) session.getAttribute(Constants.USER_IN_SESSION);
-
- if (operatingUser == null || !operatingUser.equals("admin")) {
- HttpAuthenticatorFilter.sendUnauthorisedError(response, "Insufficient privileges to perform user operations." +
- " Only admin user is allowed to perform user operations.");
-
- return;
- }
-
- localUserStore = new LocalUserStore(application);
-
- session.setAttribute("LocalUserStore", localUserStore);
- }
-
- String operation = request.getParameter("operation");
- if (operation != null) {
- if (operation.equals("addUser")) {
- String userName = request.getParameter("username");
- String password = request.getParameter("newPassword");
-
- localUserStore.addUser(userName, password);
- } else if (operation.equals("deleteUser")) {
- String[] usersToDelete = request.getParameterValues("user-id");
-
- for (String deleteUser : usersToDelete) {
- localUserStore.deleteUser(deleteUser);
- }
- }
- }
-
- List<String> allUsers = localUserStore.getUsers();
-
-%>
-
-<html>
-<head>
- <script language="javascript" type="text/javascript">
-
- function validate() {
- var checkSelected = false;
- for (var i = 0; i < <%=allUsers.size()%>; i++) {
- if (document.main["user-id"][i].checked) {
- checkSelected = true;
- }
- }
- if (checkSelected) {
- var answer = confirm("Are you sure you want to delete selected users from the system ?");
- if (answer) {
- return true;
- }
- } else {
- alert("Select at least one user to delete.");
- }
- return false;
- }
-
- function doProcess() {
- if (validate() == true) {
- document.main.submit();
- }
- }
-
- </script>
-</head>
-<body>
-<img src="../images/airavata-logo-2.png">
-<h2>Airavata REST API - Local User Store</h2>
-<p><b>Manage Local User Store</b></p>
-
-
-<form action="index.jsp" name="main" method="POST">
- <table>
- <tr>
- <td> </td>
- <td>All Users</td>
- </tr>
- <%
- for (String user : allUsers) {
- %>
-
- <tr>
- <td><input type="checkbox" name="user-id" value="<%=user%>"></td>
- <td><%=user%>
- </td>
- <td><a href="password.jsp?username=<%=user%>">Change Password</a></td>
- </tr>
-
- <%
- }
- %>
- </table>
-
- <br>
-
- <table width="100">
- <tr>
- <td>
- <a href="add.jsp"><input type="button" value="Add" name="Add"/></a>
- </td>
- <td> </td>
- <input type="hidden" name="operation" value="deleteUser">
- <td><input type="button" value="Delete" onclick="doProcess()"></td>
- </tr>
- </table>
-
-</form>
-
-
-</body>
-</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/rest/webapp/src/main/webapp/user-store/password.jsp
----------------------------------------------------------------------
diff --git a/modules/rest/webapp/src/main/webapp/user-store/password.jsp b/modules/rest/webapp/src/main/webapp/user-store/password.jsp
deleted file mode 100644
index 8642781..0000000
--- a/modules/rest/webapp/src/main/webapp/user-store/password.jsp
+++ /dev/null
@@ -1,157 +0,0 @@
-<%--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
---%>
-
-<%@ page import="org.apache.airavata.services.registry.rest.security.local.LocalUserStore" %>
-
-<%
- String userName = request.getParameter("username");
- if (userName == null) {
- response.sendRedirect("index.jsp");
- }
-
- String password = request.getParameter("newPassword");
- String confirmPassword = request.getParameter("confirmPassword");
-
- if (password != null && confirmPassword != null && password.equals(confirmPassword)) {
- LocalUserStore localUserStore = (LocalUserStore)session.getAttribute("LocalUserStore");
- localUserStore.changePasswordByAdmin(userName, password);
-
- response.sendRedirect("password.jsp?message=\"Password successfully change for user "
- + userName + "\"&username=" + userName);
- }
-
-%>
-
-<html>
-<head>
- <script language="javascript" type="text/javascript">
- function validatePassword(fld1name, regString) {
- var stringValue = document.getElementsByName(fld1name)[0].value;
- var errorMessage = "";
- if(regString != "null" && !stringValue.match(new RegExp(regString))){
- errorMessage = "Password does not meet minimum requirements. Password length must be at least 6 " +
- "characters.";
- return errorMessage;
- }else if(regString != "null" && stringValue == ''){
- return errorMessage;
- }
-
- if (stringValue == '') {
- errorMessage = "Empty passwords are not allowed. Please enter a valid password";
- return errorMessage;
- }
-
- return errorMessage;
- }
-
- function validateUsername(fld1name) {
- var stringValue = document.getElementsByName(fld1name)[0].value;
- var errorMessage = "";
-
- if (stringValue == '') {
- errorMessage = "Empty user names are not allowed. Please enter a valid user name.";
- return errorMessage;
- }
-
- return errorMessage;
- }
-
- function checkPasswordsMatching(fld1name, fld2name) {
-
- var stringValue1 = document.getElementsByName(fld1name)[0].value;
- var stringValue2 = document.getElementsByName(fld2name)[0].value;
- var errorMessage = "";
-
- if (stringValue1 != stringValue2) {
- errorMessage = "Confirm password does not match with the password. Please re-enter passwords.";
- return errorMessage;
- }
-
- return errorMessage;
-
- }
-
- function validate() {
- var reason = "";
-
- reason = validatePassword("newPassword", <%=LocalUserStore.getPasswordRegularExpression()%>);
-
- if (reason != "") {
- alert(reason);
- document.getElementsByName("newPassword")[0].clear();
- return false;
- }
-
- reason = checkPasswordsMatching("newPassword", "confirmPassword");
-
- if (reason != "") {
- alert(reason);
- document.getElementsByName("newPassword")[0].clear();
- document.getElementsByName("confirmPassword")[0].clear();
- return false;
- }
-
- return true;
- }
-
- function doProcess() {
- if (validate() == true) {
- document.passwordForm.submit();
- }
- }
-
- function displayMessage() {
- var msg = <%=request.getParameter("message")%>;
- if (msg != null) {
- alert(msg);
- }
- }
-
-
- </script>
-</head>
-
-<body onload="displayMessage()">
-<img src="../images/airavata-logo-2.png">
-<h2>Airavata REST API - Local User Store</h2>
-<p><b>Manage Local User Store - Change Password of user - <%=userName%></b></p>
-
-<form action="password.jsp" name="passwordForm" method="POST">
-
- <input type="hidden" name="username" value="<%=userName%>">
- <table>
- <tr>
- <td>New Password</td>
- <td><input type="password" name="newPassword"/></td>
- </tr>
- <tr>
- <td>Re-Type Password</td>
- <td><input type="password" name="confirmPassword"/></td>
- </tr>
- </table>
-
- <table>
- <tr>
- <td><input type="button" value="Change" onclick= 'doProcess()'></td>
- <td><a href="index.jsp"><input type="button" value="Cancel" name="Cancel"/> </a> </td>
- </tr>
- </table>
-
-</form>
-
-</body>
-</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/pom.xml
----------------------------------------------------------------------
diff --git a/modules/security/pom.xml b/modules/security/pom.xml
deleted file mode 100644
index bfe2a01..0000000
--- a/modules/security/pom.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!--Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under
- the Apache License, Version 2.0 (theĆ "License"); you may not use this file except in compliance with the License. You may
- obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to
- in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
- ANY ~ KIND, either express or implied. See the License for the specific language governing permissions and limitations under
- the License. -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <groupId>org.apache.airavata</groupId>
- <artifactId>airavata</artifactId>
- <version>0.12-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
- <artifactId>airavata-security</artifactId>
- <name>Airavata Security Implementation</name>
- <description>Module for managing security features in Airavata</description>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.airavata</groupId>
- <artifactId>airavata-common-utils</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-simple</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-core</artifactId>
- <version>1.2.1</version>
- </dependency>
- <dependency>
- <groupId>commons-dbcp</groupId>
- <artifactId>commons-dbcp</artifactId>
- <version>1.4</version>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>4.7</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java b/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java
deleted file mode 100644
index 536b80b..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java
+++ /dev/null
@@ -1,150 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security;
-
-import org.apache.airavata.common.context.RequestContext;
-import org.apache.airavata.common.context.WorkflowContext;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.text.SimpleDateFormat;
-import java.util.Calendar;
-
-/**
- * An abstract implementation of the authenticator.
- */
-@SuppressWarnings("UnusedDeclaration")
-public abstract class AbstractAuthenticator implements Authenticator {
-
- protected static final String DATE_TIME_FORMAT = "yyyy-MM-dd HH:mm:ss";
-
- protected static Logger log = LoggerFactory.getLogger(AbstractAuthenticator.class);
-
- public static int DEFAULT_AUTHENTICATOR_PRIORITY = 5;
-
- protected String authenticatorName;
-
- private int priority = DEFAULT_AUTHENTICATOR_PRIORITY;
-
- protected boolean enabled = true;
-
- protected UserStore userStore;
-
- public AbstractAuthenticator() {
-
- }
-
- public AbstractAuthenticator(String name) {
- this.authenticatorName = name;
- }
-
- public void setUserStore(UserStore store) {
- this.userStore = store;
- }
-
- public UserStore getUserStore() {
- return this.userStore;
- }
-
- public int getPriority() {
- return priority;
- }
-
- public boolean canProcess(Object credentials) {
- return false;
- }
-
- public String getAuthenticatorName() {
- return authenticatorName;
- }
-
- public void setAuthenticatorName(String authenticatorName) {
- this.authenticatorName = authenticatorName;
- }
-
- public void setPriority(int priority) {
- this.priority = priority;
- }
-
- public void setEnabled(boolean enabled) {
- this.enabled = enabled;
- }
-
- public boolean isEnabled() {
- return enabled;
- }
-
- public boolean authenticate(Object credentials) throws AuthenticationException {
-
- boolean authenticated = doAuthentication(credentials);
-
- if (authenticated) {
- onSuccessfulAuthentication(credentials);
- } else {
- onFailedAuthentication(credentials);
- }
-
- return authenticated;
- }
-
- /**
- * Gets the current time converted to format in DATE_TIME_FORMAT.
- *
- * @return Current time as a string.
- */
- protected String getCurrentTime() {
- Calendar cal = Calendar.getInstance();
- SimpleDateFormat simpleDateFormat = new SimpleDateFormat(DATE_TIME_FORMAT);
- return simpleDateFormat.format(cal.getTime());
- }
-
- /**
- * The actual authenticating logic goes here. If user is successfully authenticated this should return
- * <code>true</code> else this should return <code>false</code>. If an error occurred while authenticating this will
- * throw an exception.
- *
- * @param credentials
- * The object which contains request credentials. This could be request most of the time.
- * @return <code>true</code> if successfully authenticated else <code>false</code>.
- * @throws AuthenticationException
- * If system error occurs while authenticating.
- */
- protected abstract boolean doAuthentication(Object credentials) throws AuthenticationException;
-
- /**
- * If authentication is successful we can do post authentication actions in following method. E.g :- adding user to
- * session, audit logging etc ...
- *
- * @param authenticationInfo
- * A generic object with authentication information.
- */
- public abstract void onSuccessfulAuthentication(Object authenticationInfo);
-
- /**
- * If authentication is failed we can do post authentication actions in following method. E.g :- adding user to
- * session, audit logging etc ...
- *
- * @param authenticationInfo
- * A generic object with authentication information.
- */
- public abstract void onFailedAuthentication(Object authenticationInfo);
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java b/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java
deleted file mode 100644
index a980876..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java
+++ /dev/null
@@ -1,129 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-/**
- * An abstract authenticator class which reads database configurations.
- */
-@SuppressWarnings("UnusedDeclaration")
-public abstract class AbstractDatabaseAuthenticator extends AbstractAuthenticator {
-
- private String databaseURL;
-
- private String databaseDriver;
-
- private String databaseUserName;
-
- private String databasePassword;
-
- public AbstractDatabaseAuthenticator() {
- super();
- }
-
- public AbstractDatabaseAuthenticator(String name) {
- super(name);
- }
-
- /**
- * We are reading database parameters in this case.
- *
- * @param node
- * An XML configuration node.
- */
- public void configure(Node node) {
-
- /**
- * <specificConfigurations> <database> <jdbcUrl></jdbcUrl> <databaseDriver></databaseDriver>
- * <userName></userName> <password></password> </database> </specificConfigurations>
- */
-
- NodeList databaseNodeList = node.getChildNodes();
-
- Node databaseNode = null;
-
- for (int k = 0; k < databaseNodeList.getLength(); ++k) {
-
- Node n = databaseNodeList.item(k);
-
- if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
- databaseNode = n;
- }
- }
-
- if (databaseNode != null) {
- NodeList nodeList = databaseNode.getChildNodes();
-
- for (int i = 0; i < nodeList.getLength(); ++i) {
- Node n = nodeList.item(i);
-
- if (n.getNodeType() == Node.ELEMENT_NODE) {
-
- Element element = (Element) n;
-
- if (element.getNodeName().equals("jdbcUrl")) {
- databaseURL = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("databaseDriver")) {
- databaseDriver = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("userName")) {
- databaseUserName = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("password")) {
- databasePassword = element.getFirstChild().getNodeValue();
- }
- }
- }
- }
-
- StringBuilder stringBuilder = new StringBuilder("Configuring DB parameters for authenticator with JDBC URL - ");
- stringBuilder.append(databaseURL).append(" DB driver - ").append(" DB user - ").append(databaseUserName)
- .append(" DB password - xxxxxx");
-
- log.debug(stringBuilder.toString());
-
- try {
- getUserStore().configure(node);
- } catch (UserStoreException e) {
- String msg = "Error configuring user store associated with authenticator.";
- log.error(msg, e);
- throw new RuntimeException(msg, e);
- }
- }
-
- public String getDatabaseURL() {
- return databaseURL;
- }
-
- public String getDatabaseDriver() {
- return databaseDriver;
- }
-
- public String getDatabaseUserName() {
- return databaseUserName;
- }
-
- public String getDatabasePassword() {
- return databasePassword;
- }
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java b/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java
deleted file mode 100644
index f4aca49..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security;
-
-/**
- * Wraps errors during authentication. This exception will be thrown if there is a system error during authentication.
- */
-public class AuthenticationException extends Exception {
-
- public AuthenticationException() {
- super();
- }
-
- public AuthenticationException(String message) {
- super(message);
- }
-
- public AuthenticationException(String message, Exception e) {
- super(message, e);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java b/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java
deleted file mode 100644
index 814bdb6..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security;
-
-import org.w3c.dom.Node;
-
-/**
- * A generic interface to do request authentication. Specific authenticator will implement authenticate method.
- */
-@SuppressWarnings("UnusedDeclaration")
-public interface Authenticator {
-
- /**
- * Authenticates the request with given credentials.
- *
- * @param credentials
- * Credentials can be a session ticket, password or session id.
- * @return <code>true</code> if request is successfully authenticated else <code>false</code>.
- * @throws AuthenticationException
- * If a system error occurred during authentication process.
- */
- boolean authenticate(Object credentials) throws AuthenticationException;
-
- /**
- * Checks whether given user is already authenticated.
- *
- * @param credentials
- * The token to be authenticated.
- * @return <code>true</code> if token is already authenticated else <code>false</code>.
- */
- boolean isAuthenticated(Object credentials);
-
- /**
- * Says whether current authenticator can handle given credentials.
- *
- * @param credentials
- * Credentials used during authentication.
- * @return <code>true</code> is can authenticate else <code>false</code>.
- */
- boolean canProcess(Object credentials);
-
- /**
- * Gets the priority of this authenticator.
- *
- * @return Higher the priority higher the precedence of selecting the authenticator.
- */
- int getPriority();
-
- /**
- * Returns the authenticator name. Each authenticator is associated with an identifiable name.
- *
- * @return The authenticator name.
- */
- String getAuthenticatorName();
-
- /**
- * Authenticator specific configurations goes into this method.
- *
- * @param node
- * An XML configuration node.
- * @throws RuntimeException
- * If an error occurred while configuring the authenticator.
- */
- void configure(Node node) throws RuntimeException;
-
- /**
- * Return <code>true</code> if current authenticator is enabled. Else <code>false</code>.
- *
- * @return <code>true</code> if enabled.
- */
- boolean isEnabled();
-
- /**
- * User store that should be used by this authenticator. When authenticating a request authenticator should use the
- * user store set by this method.
- *
- * @param userStore
- * The user store to be used.
- */
- void setUserStore(UserStore userStore);
-
- /**
- * Gets the user store used by this authenticator.
- *
- * @return The user store used by this authenticator.
- */
- UserStore getUserStore();
-
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java b/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java
deleted file mode 100644
index f0fdea9..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security;
-
-/**
- * An interface which can be used to authorise accessing resources.
- */
-@SuppressWarnings("UnusedDeclaration")
-public interface Authoriser {
-
- /**
- * Checks whether user has sufficient privileges to perform action on the given resource.
- *
- * @param userName
- * The user who is performing the action.
- * @param resource
- * The resource which user is trying to access.
- * @param action
- * The action (GET, PUT etc ...)
- * @return Returns <code>true</code> if user is authorised to perform the action, else false.
- */
- boolean isAuthorised(String userName, String resource, String action);
-
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/UserStore.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/UserStore.java b/modules/security/src/main/java/org/apache/airavata/security/UserStore.java
deleted file mode 100644
index cfee957..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/UserStore.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-
-package org.apache.airavata.security;
-
-import org.w3c.dom.Node;
-
-/**
- * An interface to wrap the functionality of a user store. A user store is place where we keep user attribute
- * information. Usually this contains, user id, user name, password etc ...
- * We also authenticate users against the credentials stored in a user store. In addition to user attributes
- * we also store role information and group information.
- * This interface provide methods to manipulated data in a user store.
- * Such operations are as follows,
- * <ol>
- * <li>authenticate user</li>
- * <li>add user</li>
- * <li>delete user</li>
- * <li>add a role</li>
- * <li>delete a role</li>
- * <li>... etc ...</li>
- * </ol>
- */
-public interface UserStore {
-
- /**
- * Checks whether given user exists in the user store and its credentials match with the credentials stored
- * in the user store.
- * @param userName Name of the user to authenticate.
- * @param credentials User credentials as an object. User credentials may not be a string always.
- * @return True if user exists in the user store and its credentials match with the credentials in user store.
- * <code>false</code> else.
- * @throws UserStoreException if a system wide error occurred while authenticating the user.
- */
- boolean authenticate(String userName, Object credentials) throws UserStoreException;
-
- /**
- * Authenticates a user using a token.
- * @param credentials The token information.
- * @return <code>true</code> if authentication successful else <code>false</code>.
- * @throws UserStoreException if a system wide error occurred while authenticating the user.
- */
- boolean authenticate(Object credentials) throws UserStoreException;
-
- /**
- * This method will do necessary configurations of the user store.
- * @param node An XML configuration node.
- * @throws RuntimeException If an error occurred while configuring the authenticator.
- */
- void configure(Node node) throws UserStoreException;
-
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java b/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java
deleted file mode 100644
index 927bf8a..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-
-package org.apache.airavata.security;
-
-/**
- * Exception class to wrap user store errors.
- */
-public class UserStoreException extends Exception {
-
- public UserStoreException() {
- super();
- }
-
- public UserStoreException(String message) {
- super(message);
- }
-
- public UserStoreException(String message, Exception e) {
- super(message, e);
- }
-
- public UserStoreException(Exception e) {
- super(e);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java b/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java
deleted file mode 100644
index 5ba0915..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security.configurations;
-
-import org.xml.sax.SAXException;
-
-import javax.xml.parsers.ParserConfigurationException;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * Abstract implementation to read configurations.
- */
-public abstract class AbstractConfigurationReader {
-
- public void init(String fileName) throws IOException, SAXException, ParserConfigurationException {
-
- File configurationFile = new File(fileName);
-
- if (!configurationFile.canRead()) {
- throw new IOException("Error reading configuration file " + configurationFile.getAbsolutePath());
- }
-
- FileInputStream streamIn = new FileInputStream(configurationFile);
-
- try {
- init(streamIn);
- } finally {
- streamIn.close();
- }
- }
-
- public abstract void init(InputStream inputStream) throws IOException, ParserConfigurationException, SAXException;
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java b/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java
deleted file mode 100644
index 278c8a9..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java
+++ /dev/null
@@ -1,244 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security.configurations;
-
-import org.apache.airavata.security.AbstractAuthenticator;
-import org.apache.airavata.security.Authenticator;
-import org.apache.airavata.security.UserStore;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.Document;
-import org.w3c.dom.NamedNodeMap;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import org.xml.sax.SAXException;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Comparator;
-import java.util.List;
-
-/**
- * This class will read authenticators.xml and load all configurations related to authenticators.
- */
-public class AuthenticatorConfigurationReader extends AbstractConfigurationReader {
-
- private List<Authenticator> authenticatorList = new ArrayList<Authenticator>();
-
- protected static Logger log = LoggerFactory.getLogger(AuthenticatorConfigurationReader.class);
-
- protected static boolean authenticationEnabled = true;
-
- public AuthenticatorConfigurationReader() {
-
- }
-
- public void init(InputStream inputStream) throws IOException, ParserConfigurationException, SAXException {
-
- authenticationEnabled = true;
-
- DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
- DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
- Document doc = dBuilder.parse(inputStream);
- doc.getDocumentElement().normalize();
-
- NodeList rootNodeList = doc.getElementsByTagName("authenticators");
-
- if (rootNodeList == null || rootNodeList.getLength() == 0) {
- throw new ParserConfigurationException("authenticators.xml should have authenticators root element.");
- }
-
- Node authenticatorsNode = rootNodeList.item(0);
- NamedNodeMap rootAttributes = authenticatorsNode.getAttributes();
-
- if (rootAttributes != null && rootAttributes.getNamedItem("enabled") != null) {
-
- String enabledAttribute = rootAttributes.getNamedItem("enabled").getNodeValue();
- if (enabledAttribute != null) {
-
- if (enabledAttribute.equals("false")) {
- authenticationEnabled = false;
- }
- }
- }
-
- NodeList authenticators = doc.getElementsByTagName("authenticator");
-
- for (int i = 0; i < authenticators.getLength(); ++i) {
- Node node = authenticators.item(i);
-
- if (node.getNodeType() == Node.ELEMENT_NODE) {
-
- NamedNodeMap namedNodeMap = node.getAttributes();
-
- String name = namedNodeMap.getNamedItem("name").getNodeValue();
- String className = namedNodeMap.getNamedItem("class").getNodeValue();
- String enabled = namedNodeMap.getNamedItem("enabled").getNodeValue();
- String priority = namedNodeMap.getNamedItem("priority").getNodeValue();
- String userStoreClass = namedNodeMap.getNamedItem("userstore").getNodeValue();
-
- if (className == null) {
- reportError("class");
- }
-
- if (userStoreClass == null) {
- reportError("userstore");
- }
-
- Authenticator authenticator = createAuthenticator(name, className, enabled, priority, userStoreClass);
-
- NodeList configurationNodes = node.getChildNodes();
-
- for (int j = 0; j < configurationNodes.getLength(); ++j) {
-
- Node configurationNode = configurationNodes.item(j);
-
- if (configurationNode.getNodeType() == Node.ELEMENT_NODE) {
-
- if (configurationNode.getNodeName().equals("specificConfigurations")) {
- authenticator.configure(configurationNode);
- }
- }
- }
-
- if (authenticator.isEnabled()) {
- authenticatorList.add(authenticator);
- }
-
- Collections.sort(authenticatorList, new AuthenticatorComparator());
-
- StringBuilder stringBuilder = new StringBuilder("Successfully initialized authenticator ");
- stringBuilder.append(name).append(" with class ").append(className).append(" enabled? ")
- .append(enabled).append(" priority = ").append(priority);
-
- log.debug(stringBuilder.toString());
- }
- }
- }
-
- private void reportError(String element) throws ParserConfigurationException {
- throw new ParserConfigurationException("Error in configuration. Missing mandatory element " + element);
- }
-
- protected Authenticator createAuthenticator(String name, String className, String enabled, String priority,
- String userStoreClassName) {
-
- log.debug("Loading authenticator class " + className + " and name " + name);
-
- // Load a class and instantiate an object
- Class authenticatorClass;
- try {
- authenticatorClass = Class.forName(className, true, Thread.currentThread().getContextClassLoader());
- // authenticatorClass = Class.forName(className);
- } catch (ClassNotFoundException e) {
- log.error("Error loading authenticator class " + className);
- throw new RuntimeException("Error loading authenticator class " + className, e);
-
- }
-
- try {
- AbstractAuthenticator authenticatorInstance = (AbstractAuthenticator) authenticatorClass.newInstance();
- authenticatorInstance.setAuthenticatorName(name);
-
- if (enabled != null) {
- authenticatorInstance.setEnabled(Boolean.parseBoolean(enabled));
- }
-
- if (priority != null) {
- authenticatorInstance.setPriority(Integer.parseInt(priority));
- }
-
- UserStore userStore = createUserStore(userStoreClassName);
- authenticatorInstance.setUserStore(userStore);
-
- return authenticatorInstance;
-
- } catch (InstantiationException e) {
- String error = "Error instantiating authenticator class " + className + " object.";
- log.error(error);
- throw new RuntimeException(error, e);
-
- } catch (IllegalAccessException e) {
- String error = "Not allowed to instantiate authenticator class " + className;
- log.error(error);
- throw new RuntimeException(error, e);
- }
-
- }
-
- protected UserStore createUserStore(String userStoreClassName) {
-
- try {
- Class userStoreClass = Class.forName(userStoreClassName, true, Thread.currentThread()
- .getContextClassLoader());
-
- return (UserStore) userStoreClass.newInstance();
- } catch (ClassNotFoundException e) {
- log.error("Error loading authenticator class " + userStoreClassName);
- throw new RuntimeException("Error loading authenticator class " + userStoreClassName, e);
-
- } catch (InstantiationException e) {
- String error = "Error instantiating authenticator class " + userStoreClassName + " object.";
- log.error(error);
- throw new RuntimeException(error, e);
-
- } catch (IllegalAccessException e) {
- String error = "Not allowed to instantiate authenticator class " + userStoreClassName;
- log.error(error);
- throw new RuntimeException(error, e);
- }
-
- }
-
- public List<Authenticator> getAuthenticatorList() {
- return Collections.unmodifiableList(authenticatorList);
- }
-
- /**
- * We can specify whether authentication is enabled in the system for all request or not. This we can state in the
- * configuration. AuthenticatorConfigurationReader will read that information and will populate that to static
- * boolean authenticationEnabled. This method will say whether authentication is enabled in the system or disabled
- * in the system.
- *
- * @return <code>true</code> if authentication is enabled. Else <code>false</code>.
- */
- public static boolean isAuthenticationEnabled() {
- return authenticationEnabled;
- }
-
- /**
- * Comparator to sort authenticators based on authenticator priority.
- */
- public class AuthenticatorComparator implements Comparator<Authenticator> {
-
- @Override
- public int compare(Authenticator o1, Authenticator o2) {
- return (o1.getPriority() > o2.getPriority() ? -1 : (o1.getPriority() == o2.getPriority() ? 0 : 1));
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java b/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java
deleted file mode 100644
index 96d2485..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java
+++ /dev/null
@@ -1,134 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security.userstore;
-
-import org.apache.airavata.common.exception.ApplicationSettingsException;
-import org.apache.airavata.common.utils.ApplicationSettings;
-import org.apache.airavata.common.utils.ServerSettings;
-import org.apache.airavata.security.UserStore;
-import org.apache.airavata.security.UserStoreException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-/**
- * An abstract implementation of the UserStore. This will encapsulate JDBC configurations reading code.
- */
-public abstract class AbstractJDBCUserStore implements UserStore {
-
- protected static Logger log = LoggerFactory.getLogger(JDBCUserStore.class);
-
- private String databaseURL = null;
- private String databaseDriver = null;
- private String databaseUserName = null;
- private String databasePassword = null;
-
- public String getDatabaseURL() {
- return databaseURL;
- }
-
- public String getDatabaseDriver() {
- return databaseDriver;
- }
-
- public String getDatabaseUserName() {
- return databaseUserName;
- }
-
- public String getDatabasePassword() {
- return databasePassword;
- }
-
- /**
- * Configures primary JDBC parameters. i.e
- *
- * @param node An XML configuration node.
- * @throws UserStoreException
- */
- public void configure(Node node) throws UserStoreException {
-
- /**
- * <specificConfigurations> <database> <jdbcUrl></jdbcUrl> <databaseDriver></databaseDriver>
- * <userName></userName> <password></password> </database> </specificConfigurations>
- */
-
- NodeList databaseNodeList = node.getChildNodes();
-
- Node databaseNode = null;
-
- for (int k = 0; k < databaseNodeList.getLength(); ++k) {
-
- Node n = databaseNodeList.item(k);
-
- if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
- databaseNode = n;
- }
- }
-
- if (databaseNode != null) {
- NodeList nodeList = databaseNode.getChildNodes();
-
- for (int i = 0; i < nodeList.getLength(); ++i) {
- Node n = nodeList.item(i);
-
- if (n.getNodeType() == Node.ELEMENT_NODE) {
-
- Element element = (Element) n;
-
- if (element.getNodeName().equals("jdbcUrl")) {
- databaseURL = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("databaseDriver")) {
- databaseDriver = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("userName")) {
- databaseUserName = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("password")) {
- databasePassword = element.getFirstChild().getNodeValue();
- }
- }
- }
- }
-
- if (databaseURL == null || databaseUserName == null || databasePassword == null) {
- // If database configurations are not specified in authenticators.xml we will read them from
- // server.properties file.
- try {
- databaseDriver = ServerSettings.getCredentialStoreDBDriver();
- databaseURL = ServerSettings.getCredentialStoreDBURL();
- databaseUserName = ServerSettings.getCredentialStoreDBUser();
- databasePassword = ServerSettings.getCredentialStoreDBPassword();
-
- } catch (ApplicationSettingsException e) {
- log.error("Error reading default user store DB configurations.");
- throw new UserStoreException(e);
- }
-
- StringBuilder stringBuilder = new StringBuilder("User store configurations - dbDriver - ");
- stringBuilder.append(databaseDriver);
- stringBuilder.append(" URL - ").append(databaseURL).append(" DB user - ").append(databaseUserName);
- log.info(stringBuilder.toString());
-
- }
-
- }
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java b/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java
deleted file mode 100644
index f1a486d..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security.userstore;
-
-import org.apache.airavata.security.UserStoreException;
-import org.apache.airavata.common.utils.DBUtil;
-import org.apache.airavata.security.util.PasswordDigester;
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.realm.jdbc.JdbcRealm;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import sun.reflect.generics.reflectiveObjects.NotImplementedException;
-
-import javax.sql.DataSource;
-
-/**
- * The JDBC user store implementation.
- */
-public class JDBCUserStore extends AbstractJDBCUserStore {
-
- protected static Logger log = LoggerFactory.getLogger(JDBCUserStore.class);
-
- private JdbcRealm jdbcRealm;
-
- private PasswordDigester passwordDigester;
-
- public JDBCUserStore() {
- jdbcRealm = new JdbcRealm();
- }
-
- @Override
- public boolean authenticate(String userName, Object credentials) throws UserStoreException {
- AuthenticationToken authenticationToken = new UsernamePasswordToken(userName,
- passwordDigester.getPasswordHashValue((String) credentials));
-
- AuthenticationInfo authenticationInfo;
- try {
-
- authenticationInfo = jdbcRealm.getAuthenticationInfo(authenticationToken);
- return authenticationInfo != null;
-
- } catch (AuthenticationException e) {
- log.debug(e.getLocalizedMessage(), e);
- return false;
- }
- }
-
- @Override
- public boolean authenticate(Object credentials) throws UserStoreException {
- log.error("JDBC user store only supports user name, password based authentication.");
- throw new NotImplementedException();
- }
-
- @Override
- public void configure(Node node) throws UserStoreException {
-
- super.configure(node);
-
- /**
- * <specificConfigurations> <database> <jdbcUrl></jdbcUrl> <databaseDriver></databaseDriver>
- * <userName></userName> <password></password> <passwordHashMethod>MD5</passwordHashMethod>
- * <userTableName></userTableName> <userNameColumnName></userNameColumnName>
- * <passwordColumnName></passwordColumnName> </database> </specificConfigurations>
- */
-
- NodeList databaseNodeList = node.getChildNodes();
-
- Node databaseNode = null;
-
- for (int k = 0; k < databaseNodeList.getLength(); ++k) {
-
- Node n = databaseNodeList.item(k);
-
- if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
- databaseNode = n;
- }
- }
-
- String userTable = null;
- String userNameColumn = null;
- String passwordColumn = null;
- String passwordHashMethod = null;
-
- if (databaseNode != null) {
- NodeList nodeList = databaseNode.getChildNodes();
-
- for (int i = 0; i < nodeList.getLength(); ++i) {
- Node n = nodeList.item(i);
-
- if (n.getNodeType() == Node.ELEMENT_NODE) {
-
- Element element = (Element) n;
-
- if (element.getNodeName().equals("userTableName")) {
- userTable = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("userNameColumnName")) {
- userNameColumn = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("passwordColumnName")) {
- passwordColumn = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("passwordHashMethod")) {
- passwordHashMethod = element.getFirstChild().getNodeValue();
- }
- }
- }
- }
-
- passwordDigester = new PasswordDigester(passwordHashMethod);
-
- try {
- initializeDatabaseLookup(passwordColumn, userTable, userNameColumn);
- } catch (Exception e) {
- log.error("Error while initializing database configurations.", e);
- throw new UserStoreException("Error while initializing database configurations.", e);
- }
-
- StringBuilder stringBuilder = new StringBuilder(
- "Configuring DB parameters for authenticator with User name Table - ");
- stringBuilder.append(userTable).append(" User name column - ").append(userNameColumn)
- .append(" Password column - ").append(passwordColumn);
-
- log.debug(stringBuilder.toString());
- }
-
- protected void initializeDatabaseLookup(String passwordColumn, String userTable, String userNameColumn) throws IllegalAccessException, ClassNotFoundException, InstantiationException {
-
- DBUtil dbUtil = new DBUtil(getDatabaseURL(), getDatabaseUserName(), getDatabasePassword(), getDatabaseDriver());
- DataSource dataSource = dbUtil.getDataSource();
- jdbcRealm.setDataSource(dataSource);
-
- StringBuilder stringBuilder = new StringBuilder();
-
- stringBuilder.append("SELECT ").append(passwordColumn).append(" FROM ").append(userTable).append(" WHERE ")
- .append(userNameColumn).append(" = ?");
-
- jdbcRealm.setAuthenticationQuery(stringBuilder.toString());
- }
-
- public PasswordDigester getPasswordDigester() {
- return passwordDigester;
- }
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java b/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java
deleted file mode 100644
index c0ba288..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security.userstore;
-
-import org.apache.airavata.security.UserStore;
-import org.apache.airavata.security.UserStoreException;
-import org.apache.airavata.security.util.PasswordDigester;
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.realm.ldap.JndiLdapContextFactory;
-import org.apache.shiro.realm.ldap.JndiLdapRealm;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import sun.reflect.generics.reflectiveObjects.NotImplementedException;
-
-/**
- * A user store which talks to LDAP server. User credentials and user information are stored in a LDAP server.
- */
-public class LDAPUserStore implements UserStore {
-
- private JndiLdapRealm ldapRealm;
-
- protected static Logger log = LoggerFactory.getLogger(LDAPUserStore.class);
-
- private PasswordDigester passwordDigester;
-
- public boolean authenticate(String userName, Object credentials) throws UserStoreException {
-
- AuthenticationToken authenticationToken = new UsernamePasswordToken(userName,
- passwordDigester.getPasswordHashValue((String) credentials));
-
- AuthenticationInfo authenticationInfo;
- try {
- authenticationInfo = ldapRealm.getAuthenticationInfo(authenticationToken);
- } catch (AuthenticationException e) {
- log.warn(e.getLocalizedMessage(), e);
- return false;
- }
-
- return authenticationInfo != null;
-
- }
-
- @Override
- public boolean authenticate(Object credentials) throws UserStoreException {
- log.error("LDAP user store only supports authenticating with user name and password.");
- throw new NotImplementedException();
- }
-
- public void configure(Node specificConfigurationNode) throws UserStoreException {
-
- /**
- * <specificConfiguration> <ldap> <url>ldap://localhost:10389</url> <systemUser>admin</systemUser>
- * <systemUserPassword>secret</systemUserPassword> <userDNTemplate>uid={0},ou=system</userDNTemplate> </ldap>
- * </specificConfiguration>
- */
-
- Node configurationNode = null;
- if (specificConfigurationNode != null) {
- NodeList nodeList = specificConfigurationNode.getChildNodes();
-
- for (int i = 0; i < nodeList.getLength(); ++i) {
- Node n = nodeList.item(i);
- if (n.getNodeType() == Node.ELEMENT_NODE) {
- configurationNode = n;
- }
- }
- }
-
- String url = null;
- String systemUser = null;
- String systemUserPassword = null;
- String userTemplate = null;
- String passwordHashMethod = null;
-
- if (configurationNode != null) {
- NodeList nodeList = configurationNode.getChildNodes();
-
- for (int i = 0; i < nodeList.getLength(); ++i) {
- Node n = nodeList.item(i);
-
- if (n.getNodeType() == Node.ELEMENT_NODE) {
-
- Element element = (Element) n;
-
- if (element.getNodeName().equals("url")) {
- url = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("systemUser")) {
- systemUser = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("systemUserPassword")) {
- systemUserPassword = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("userDNTemplate")) {
- userTemplate = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("passwordHashMethod")) {
- passwordHashMethod = element.getFirstChild().getNodeValue();
- }
- }
- }
- }
-
- passwordDigester = new PasswordDigester(passwordHashMethod);
-
- initializeLDAP(url, systemUser, systemUserPassword, userTemplate);
-
- }
-
- protected void initializeLDAP(String ldapUrl, String systemUser, String systemUserPassword, String userNameTemplate) {
-
- JndiLdapContextFactory jndiLdapContextFactory = new JndiLdapContextFactory();
-
- jndiLdapContextFactory.setUrl(ldapUrl);
- jndiLdapContextFactory.setSystemUsername(systemUser);
- jndiLdapContextFactory.setSystemPassword(systemUserPassword);
-
- ldapRealm = new JndiLdapRealm();
-
- ldapRealm.setContextFactory(jndiLdapContextFactory);
- ldapRealm.setUserDnTemplate(userNameTemplate);
-
- ldapRealm.init();
-
- }
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java b/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java
deleted file mode 100644
index b332e68..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security.userstore;
-
-import org.apache.airavata.security.UserStoreException;
-import org.apache.airavata.common.utils.DBUtil;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import sun.reflect.generics.reflectiveObjects.NotImplementedException;
-
-import java.sql.SQLException;
-
-/**
- * User store which works on sessions. Will talk to database to check whether session ids are stored in the database.
- */
-public class SessionDBUserStore extends AbstractJDBCUserStore {
-
- private String sessionTable;
- private String sessionColumn;
- private String comparingColumn;
-
- protected DBUtil dbUtil;
-
- protected static Logger log = LoggerFactory.getLogger(SessionDBUserStore.class);
-
- @Override
- public boolean authenticate(String userName, Object credentials) throws UserStoreException {
- // This user store only supports session tokens.
- throw new NotImplementedException();
- }
-
- @Override
- public boolean authenticate(Object credentials) throws UserStoreException {
-
- String sessionTicket = (String) credentials;
-
- try {
- String sessionString = dbUtil.getMatchingColumnValue(sessionTable, sessionColumn, sessionTicket);
- return (sessionString != null);
- } catch (SQLException e) {
- throw new UserStoreException("Error querying database for session information.", e);
- }
- }
-
- @Override
- public void configure(Node node) throws UserStoreException {
-
- super.configure(node);
- /**
- * <specificConfigurations> <sessionTable> </sessionTable> <sessionColumn></sessionColumn>
- * <comparingColumn></comparingColumn> </specificConfigurations>
- */
-
- NodeList databaseNodeList = node.getChildNodes();
-
- Node databaseNode = null;
-
- for (int k = 0; k < databaseNodeList.getLength(); ++k) {
-
- Node n = databaseNodeList.item(k);
-
- if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
- databaseNode = n;
- }
- }
-
- if (databaseNode != null) {
- NodeList nodeList = databaseNode.getChildNodes();
-
- for (int i = 0; i < nodeList.getLength(); ++i) {
- Node n = nodeList.item(i);
-
- if (n.getNodeType() == Node.ELEMENT_NODE) {
-
- Element element = (Element) n;
-
- if (element.getNodeName().equals("sessionTable")) {
- sessionTable = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("sessionColumn")) {
- sessionColumn = element.getFirstChild().getNodeValue();
- } else if (element.getNodeName().equals("comparingColumn")) {
- comparingColumn = element.getFirstChild().getNodeValue();
- }
- }
- }
- }
-
- initializeDatabaseLookup();
-
- StringBuilder stringBuilder = new StringBuilder(
- "Configuring DB parameters for authenticator with Session Table - ");
- stringBuilder.append(sessionTable).append(" Session column - ").append(sessionColumn)
- .append(" Comparing column - ").append(comparingColumn);
-
- log.debug(stringBuilder.toString());
- }
-
- private void initializeDatabaseLookup() throws RuntimeException {
-
- try {
- this.dbUtil = new DBUtil(getDatabaseURL(), getDatabaseUserName(), getDatabasePassword(), getDatabaseDriver());
- } catch (ClassNotFoundException e) {
- throw new RuntimeException("Error loading database driver. Driver class not found.", e);
- } catch (InstantiationException e) {
- throw new RuntimeException("Error loading database driver. Error instantiating driver object.", e);
- } catch (IllegalAccessException e) {
- throw new RuntimeException("Error loading database driver. Illegal access to driver object.", e);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/airavata/blob/0e2c10f5/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java
----------------------------------------------------------------------
diff --git a/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java b/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java
deleted file mode 100644
index 113189c..0000000
--- a/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata.security.util;
-
-import org.apache.airavata.common.utils.SecurityUtil;
-import org.apache.airavata.security.UserStoreException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.UnsupportedEncodingException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
-/**
- * Contains some utility methods related to security.
- */
-public class PasswordDigester {
-
- protected static Logger log = LoggerFactory.getLogger(PasswordDigester.class);
-
- private String hashMethod;
-
- /**
- * Creates password digester
- *
- * @param method
- * The particular hash method. E.g :- MD5, SHA1 etc ...
- */
- public PasswordDigester(String method) throws UserStoreException {
- hashMethod = method;
- validateHashAlgorithm();
- }
-
- /**
- * Gets the hash value of a password.
- *
- * @param password
- * Password.
- * @return Hashed password.
- * @throws UserStoreException
- * If an invalid hash method is given.
- */
- public String getPasswordHashValue(String password) throws UserStoreException {
-
- if (hashMethod.equals(SecurityUtil.PASSWORD_HASH_METHOD_PLAINTEXT)) {
- return password;
- } else {
- MessageDigest messageDigest = null;
- try {
- messageDigest = MessageDigest.getInstance(hashMethod);
- } catch (NoSuchAlgorithmException e) {
- throw new UserStoreException("Error creating message digest with hash algorithm - " + hashMethod, e);
- }
- try {
- return new String(messageDigest.digest(password.getBytes("UTF-8")));
- } catch (UnsupportedEncodingException e) {
- throw new UserStoreException("Unable to create password digest", e);
- }
- }
-
- }
-
- private void validateHashAlgorithm() throws UserStoreException {
-
- if (hashMethod == null) {
- log.warn("Password hash method is not configured. Setting default to plaintext.");
- hashMethod = SecurityUtil.PASSWORD_HASH_METHOD_PLAINTEXT;
- } else {
-
- // Validating configured hash method is correct.
- if (!hashMethod.equals(SecurityUtil.PASSWORD_HASH_METHOD_PLAINTEXT)) {
- try {
- MessageDigest.getInstance(hashMethod);
- } catch (NoSuchAlgorithmException e) {
- String msg = "Invalid hash algorithm - " + hashMethod
- + ". Use Java style way of specifying hash algorithm. E.g :- MD5";
- log.error(msg);
- throw new UserStoreException(msg, e);
- }
- }
- }
-
- }
-
- public String getHashMethod() {
- return hashMethod;
- }
-
- public void setHashMethod(String hashMethod) {
- this.hashMethod = hashMethod;
- }
-}