You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by ep...@apache.org on 2003/12/06 00:13:42 UTC
cvs commit: jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/model ACLFactory.java
epugh 2003/12/05 15:13:42
Added: security/spi/src/test BasicACL.xml Log4j.properties
DynamicACL.xml
security/spi project.properties maven.xml project.xml
security/spi/src/java/org/apache/fulcrum/security/spi
AbstractPermissionManager.java
AbstractRoleManager.java AbstractManager.java
AbstractUserManager.java AbstractEntityManager.java
AbstractGroupManager.java
security/spi/src/java/org/apache/fulcrum/security/model/dynamic
DynamicACLFactory.java
security/spi/conf config.xml block.xml
security/spi/src/test/org/apache/fulcrum/security/model
ACLFactoryTest.java
security/spi/src/java/org/apache/fulcrum/security/model/basic
BasicACLFactory.java
security/spi/src/java/org/apache/fulcrum/security/model
ACLFactory.java
Log:
Add SPI for Security
Revision Changes Path
1.1 jakarta-turbine-fulcrum/security/spi/src/test/BasicACL.xml
Index: BasicACL.xml
===================================================================
<my-system>
<component
role="org.apache.fulcrum.security.model.ACLFactory"
class="org.apache.fulcrum.security.model.basic.BasicACLFactory">
</component>
</my-system>
1.1 jakarta-turbine-fulcrum/security/spi/src/test/Log4j.properties
Index: Log4j.properties
===================================================================
# ------------------------------------------------------------------------
#
# Logging Configuration
#
# Mix of Turbine logging configuration and Hibernate configuration
#
# ------------------------------------------------------------------------
#
# If we don't know the logging facility, put it into the
# turbine.log
#
log4j.rootLogger = INFO, turbine
#
# Turbine goes into Turbine Log
#
log4j.category.org.apache.turbine = INFO, turbine
log4j.additivity.org.apache.turbine = false
#
# Avalon Logfile
#
log4j.category.avalon = INFO, avalon
log4j.additivity.avalon = false
########################################################################
#
# Logfile definitions
#
########################################################################
#
# turbine.log
#
log4j.appender.turbine = org.apache.log4j.FileAppender
log4j.appender.turbine.file = turbine.log
log4j.appender.turbine.layout = org.apache.log4j.PatternLayout
log4j.appender.turbine.layout.conversionPattern = %d [%t] %-5p %c - %m%n
log4j.appender.turbine.append = false
#
# torque.log
#
log4j.appender.torque = org.apache.log4j.FileAppender
log4j.appender.torque.file = target/torque.log
log4j.appender.torque.layout = org.apache.log4j.PatternLayout
log4j.appender.torque.layout.conversionPattern = %d [%t] %-5p %c - %m%n
log4j.appender.torque.append = false
#
# Avalon gets configured to write its output onto the avalon
# category.
#
log4j.appender.avalon = org.apache.log4j.FileAppender
log4j.appender.avalon.file = target/avalon.log
log4j.appender.avalon.layout = org.apache.log4j.PatternLayout
log4j.appender.avalon.layout.conversionPattern = %d [%t] %-5p %c - %m%n
log4j.appender.avalon.append = false
# BEGIN HIBERNATE SECTION
### direct log messages to stdout ###
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n
### direct messages to file hibernate.log ###
#log4j.appender.file=org.apache.log4j.FileAppender
#log4j.appender.file.File=hibernate.log
#log4j.appender.file.layout=org.apache.log4j.PatternLayout
#log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n
### set log levels - for more verbose logging change 'info' to 'debug' ##
log4j.rootLogger=warn, stdout
log4j.logger.net.sf.hibernate=warn
### enable the following line if you want to track down connection ###
### leakages when using DriverManagerConnectionProvider ###
#log4j.logger.net.sf.hibernate.connection.DriverManagerConnectionProvider=trace
### log JDBC bind parameters ###
log4j.logger.net.sf.hibernate.type=info
### log prepared statement cache activity ###
log4j.logger.net.sf.hibernate.ps.PreparedStatementCache=info
1.1 jakarta-turbine-fulcrum/security/spi/src/test/DynamicACL.xml
Index: DynamicACL.xml
===================================================================
<my-system>
<component
role="org.apache.fulcrum.security.model.ACLFactory"
class="org.apache.fulcrum.security.model.dynamic.DynamicACLFactory">
</component>
</my-system>
1.1 jakarta-turbine-fulcrum/security/spi/project.properties
Index: project.properties
===================================================================
maven.multiproject.type=jar
maven.junit.usefile=true
maven.junit.fork=true
1.1 jakarta-turbine-fulcrum/security/spi/maven.xml
Index: maven.xml
===================================================================
<project default="jar:jar" xmlns:maven="jelly:maven" xmlns:j="jelly:core" xmlns:util="jelly:util">
<preGoal name="java:compile">
<attainGoal name="avalon:meta"/>
</preGoal>
</project>
1.1 jakarta-turbine-fulcrum/security/spi/project.xml
Index: project.xml
===================================================================
<?xml version="1.0"?>
<project>
<extend>${basedir}/../../project.xml</extend>
<id>fulcrum-security-spi</id>
<name>Fulcrum Security SPI</name>
<currentVersion>1.0-alpha-4</currentVersion>
<package>org.apache.fulcrum.security</package>
<dependencies>
<dependency>
<groupId>fulcrum</groupId>
<artifactId>fulcrum-security-api</artifactId>
<version>1.0-alpha-4</version>
</dependency>
<dependency>
<groupId>fulcrum</groupId>
<artifactId>fulcrum-crypto</artifactId>
<version>1.0-alpha-3</version>
</dependency>
<dependency>
<groupId>fulcrum</groupId>
<artifactId>fulcrum-factory</artifactId>
<version>1.0-alpha-1</version>
</dependency>
<dependency>
<groupId>avalon-framework</groupId>
<artifactId>avalon-framework-api</artifactId>
<version>4.1.5</version>
</dependency>
<dependency>
<id>commons-logging</id>
<version>1.0.3</version>
</dependency>
<dependency>
<id>commons-lang</id>
<version>2.0</version>
</dependency>
<dependency>
<id>cryptix</id>
<version>3.2.0</version>
<url>http://www.cryptix.org/</url>
</dependency>
<dependency>
<id>commons-codec</id>
<version>1.1</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
</dependency>
<!-- testing -->
<dependency>
<groupId>fulcrum</groupId>
<artifactId>fulcrum-testcontainer</artifactId>
<version>1.0-alpha-1</version>
</dependency>
<!--dependency>
<groupId>merlin</groupId>
<artifactId>merlin-unit</artifactId>
<version>3.2.3-dev</version>
</dependency-->
</dependencies>
</project>
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/spi/AbstractPermissionManager.java
Index: AbstractPermissionManager.java
===================================================================
package org.apache.fulcrum.security.spi;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.fulcrum.security.PermissionManager;
import org.apache.fulcrum.security.entity.Permission;
import org.apache.fulcrum.security.util.DataBackendException;
import org.apache.fulcrum.security.util.EntityExistsException;
import org.apache.fulcrum.security.util.UnknownEntityException;
/**
* This implementation keeps all objects in memory. This is mostly meant to help with testing and
* prototyping of ideas.
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: AbstractPermissionManager.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public abstract class AbstractPermissionManager extends AbstractEntityManager implements PermissionManager
{
/** Logging */
private static Log log = LogFactory.getLog(AbstractPermissionManager.class);
protected abstract Permission persistNewPermission(Permission permission) throws DataBackendException;
/**
* Construct a blank Permission object.
*
* This method calls getPermissionClass, and then creates a new object using the default
* constructor.
*
* @return an object implementing Permission interface.
* @throws UnknownEntityException if the object could not be instantiated.
*/
public Permission getPermissionInstance() throws UnknownEntityException
{
Permission permission;
try
{
permission = (Permission) Class.forName(getClassName()).newInstance();
}
catch (Exception e)
{
throw new UnknownEntityException(
"Failed to instantiate a Permission implementation object",
e);
}
return permission;
}
/**
* Construct a blank Permission object.
*
* This method calls getPermissionClass, and then creates a new object using the default
* constructor.
*
* @param permName The name of the permission.
*
* @return an object implementing Permission interface.
* @throws UnknownEntityException if the object could not be instantiated.
*/
public Permission getPermissionInstance(String permName) throws UnknownEntityException
{
Permission perm = getPermissionInstance();
perm.setName(permName);
return perm;
}
/**
* Retrieve a Permission object with specified name.
*
* @param name the name of the Permission.
* @return an object representing the Permission with specified name.
* @throws DataBackendException if there was an error accessing the data backend.
* @throws UnknownEntityException if the permission does not exist.
*/
public Permission getPermissionByName(String name)
throws DataBackendException, UnknownEntityException
{
Permission permission = getAllPermissions().getPermissionByName(name);
if (permission == null)
{
throw new UnknownEntityException("The specified permission does not exist");
}
return permission;
}
/**
* Retrieve a Permission object with specified Id.
*
* @param name the name of the Permission.
*
* @return an object representing the Permission with specified name.
*
* @throws UnknownEntityException if the permission does not exist in the database.
* @throws DataBackendException if there is a problem accessing the storage.
*/
public Permission getPermissionById(Object id)
throws DataBackendException, UnknownEntityException
{
Permission permission = getAllPermissions().getPermissionById(id);
if (permission == null)
{
throw new UnknownEntityException("The specified permission does not exist");
}
return permission;
}
/**
* Creates a new permission with specified attributes.
*
* @param permission the object describing the permission to be created.
* @return a new Permission object that has id set up properly.
* @throws DataBackendException if there was an error accessing the data backend.
* @throws EntityExistsException if the permission already exists.
*/
public synchronized Permission addPermission(Permission permission)
throws DataBackendException, EntityExistsException
{
boolean permissionExists = false;
if (StringUtils.isEmpty(permission.getName()))
{
throw new DataBackendException("Could not create a permission with empty name!");
}
if (permission.getId() != null)
{
throw new DataBackendException("Could not create a permission with an id!");
}
try
{
permissionExists = checkExists(permission);
if (!permissionExists)
{
return persistNewPermission(permission);
}
}
catch (Exception e)
{
throw new DataBackendException("addPermission(Permission) failed", e);
}
// the only way we could get here without return/throw tirggered
// is that the permissionExists was true.
throw new EntityExistsException("Permission '" + permission + "' already exists");
}
}
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/spi/AbstractRoleManager.java
Index: AbstractRoleManager.java
===================================================================
package org.apache.fulcrum.security.spi;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.fulcrum.security.RoleManager;
import org.apache.fulcrum.security.entity.Role;
import org.apache.fulcrum.security.util.DataBackendException;
import org.apache.fulcrum.security.util.EntityExistsException;
import org.apache.fulcrum.security.util.UnknownEntityException;
/**
*
* This implementation keeps all objects in memory. This is mostly meant to help
* with testing and prototyping of ideas.
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: AbstractRoleManager.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public abstract class AbstractRoleManager
extends AbstractEntityManager
implements RoleManager
{
/** Logging */
private static Log log = LogFactory.getLog(AbstractRoleManager.class);
protected abstract Role persistNewRole(Role role) throws DataBackendException;
/**
* Construct a blank Role object.
*
* This method calls getRoleClass, and then creates a new object using
* the default constructor.
*
* @return an object implementing Role interface.
* @throws DataBackendException if the object could not be instantiated.
*/
public Role getRoleInstance() throws DataBackendException
{
Role role;
try
{
role = (Role) Class.forName(getClassName()).newInstance();
}
catch (Exception e)
{
throw new DataBackendException(
"Problem creating instance of class " + getClassName(),
e);
}
return role;
}
/**
* Construct a blank Role object.
*
* This method calls getRoleClass, and then creates a new object using
* the default constructor.
*
* @param roleName The name of the role.
*
* @return an object implementing Role interface.
*
* @throws DataBackendException if the object could not be instantiated.
*/
public Role getRoleInstance(String roleName) throws DataBackendException
{
Role role = getRoleInstance();
role.setName(roleName);
return role;
}
/**
* Retrieve a Role object with specified name.
*
* @param name the name of the Role.
* @return an object representing the Role with specified name.
* @throws DataBackendException if there was an error accessing the
* data backend.
* @throws UnknownEntityException if the role does not exist.
*/
public Role getRoleByName(String name)
throws DataBackendException, UnknownEntityException
{
Role role = getAllRoles().getRoleByName(name);
if (role == null)
{
throw new UnknownEntityException("The specified role does not exist");
}
return role;
}
/**
* Retrieve a Role object with specified Id.
*
* @param name the name of the Role.
*
* @return an object representing the Role with specified name.
*
* @throws UnknownEntityException if the permission does not
* exist in the database.
* @throws DataBackendException if there is a problem accessing the
* storage.
*/
public Role getRoleById(Object id)
throws DataBackendException, UnknownEntityException
{
Role role = getAllRoles().getRoleById(id);
if (role == null)
{
throw new UnknownEntityException("The specified role does not exist");
}
return role;
}
/**
* Creates a new role with specified attributes.
*
* @param role the object describing the role to be created.
* @return a new Role object that has id set up properly.
* @throws DataBackendException if there was an error accessing the data
* backend.
* @throws EntityExistsException if the role already exists.
*/
public synchronized Role addRole(Role role)
throws DataBackendException, EntityExistsException
{
boolean roleExists = false;
if (StringUtils.isEmpty(role.getName()))
{
throw new DataBackendException("Could not create a role with empty name!");
}
if (role.getId() != null)
{
throw new DataBackendException("Could not create a role with an id!");
}
try
{
roleExists = checkExists(role);
if (!roleExists)
{
return persistNewRole(role);
}
}
catch (Exception e)
{
throw new DataBackendException("addRole(Role) failed", e);
}
finally
{
}
// the only way we could get here without return/throw tirggered
// is that the roleExists was true.
throw new EntityExistsException("Role '" + role + "' already exists");
}
}
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/spi/AbstractManager.java
Index: AbstractManager.java
===================================================================
package org.apache.fulcrum.security.spi;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.avalon.framework.activity.Disposable;
import org.apache.avalon.framework.logger.AbstractLogEnabled;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.fulcrum.security.GroupManager;
import org.apache.fulcrum.security.PermissionManager;
import org.apache.fulcrum.security.RoleManager;
import org.apache.fulcrum.security.UserManager;
import org.apache.fulcrum.security.util.DataBackendException;
/**
*
* This abstract implementation provides most of the functionality that
* a manager will need.
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: AbstractManager.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public abstract class AbstractManager
extends AbstractLogEnabled
implements Serviceable, Disposable
{
boolean composed = false;
/** Logging */
private static Log log = LogFactory.getLog(AbstractManager.class);
private ServiceManager manager = null;
protected PermissionManager permissionManager;
protected RoleManager roleManager;
protected GroupManager groupManager;
protected UserManager userManager;
/**
* @return
*/
protected ServiceManager getServiceManager()
{
return manager;
}
/**
* @return
*/
protected UserManager getUserManager() throws DataBackendException
{
if (userManager == null)
{
try
{
userManager = (UserManager) manager.lookup(UserManager.ROLE);
}
catch (ServiceException ce)
{
throw new DataBackendException(ce.getMessage(), ce);
}
}
return userManager;
}
/**
* @return
*/
protected PermissionManager getPermissionManager()
throws DataBackendException
{
if (permissionManager == null)
{
try
{
permissionManager =
(PermissionManager) manager.lookup(PermissionManager.ROLE);
}
catch (ServiceException ce)
{
throw new DataBackendException(ce.getMessage(), ce);
}
}
return permissionManager;
}
/**
* @return
*/
protected RoleManager getRoleManager() throws DataBackendException
{
if (roleManager == null)
{
try
{
roleManager = (RoleManager) manager.lookup(RoleManager.ROLE);
}
catch (ServiceException ce)
{
throw new DataBackendException(ce.getMessage(), ce);
}
}
return roleManager;
}
/**
* @return
*/
protected GroupManager getGroupManager() throws DataBackendException
{
if (groupManager == null)
{
try
{
groupManager = (GroupManager) manager.lookup(GroupManager.ROLE);
}
catch (ServiceException ce)
{
throw new DataBackendException(ce.getMessage(), ce);
}
}
return groupManager;
}
/**
* Avalon Service lifecycle method
*/
public void service(ServiceManager manager) throws ServiceException
{
this.manager = manager;
}
public void dispose()
{
manager = null;
permissionManager = null;
roleManager = null;
groupManager = null;
}
/**
* @return A resolved object
* @throws DataBackendException if the backend failed for some reason.
*/
protected Object resolve(String lookup)
{
Object component = null;
{
try
{
component = manager.lookup(lookup);
}
catch (ServiceException ce)
{
throw new RuntimeException(ce.getMessage(), ce);
}
}
return component;
}
}
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/spi/AbstractUserManager.java
Index: AbstractUserManager.java
===================================================================
package org.apache.fulcrum.security.spi;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.fulcrum.factory.FactoryService;
import org.apache.fulcrum.security.UserManager;
import org.apache.fulcrum.security.acl.AccessControlList;
import org.apache.fulcrum.security.authenticator.Authenticator;
import org.apache.fulcrum.security.entity.User;
import org.apache.fulcrum.security.model.ACLFactory;
import org.apache.fulcrum.security.util.DataBackendException;
import org.apache.fulcrum.security.util.EntityExistsException;
import org.apache.fulcrum.security.util.PasswordMismatchException;
import org.apache.fulcrum.security.util.UnknownEntityException;
/**
* This implementation keeps all objects in memory. This is mostly meant to help
* with testing and prototyping of ideas.
*
* @todo Need to load up Crypto component and actually encrypt passwords!
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: AbstractUserManager.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public abstract class AbstractUserManager
extends AbstractEntityManager
implements UserManager
{
protected abstract User persistNewUser(User user)
throws DataBackendException;
/** Logging */
private static Log log = LogFactory.getLog(AbstractUserManager.class);
/** A factory to construct ACL Objects */
private FactoryService aclFactoryService = null;
private ACLFactory aclFactory;
private Authenticator authenticator;
public AccessControlList getACL(User user) throws UnknownEntityException
{
return getACLFactory().getAccessControlList(user);
}
/**
* Check whether a specified user's account exists.
*
* The login name is used for looking up the account.
*
* @param user The user to be checked.
* @return true if the specified account exists
* @throws DataBackendException if there was an error accessing
* the data backend.
*/
public boolean checkExists(User user) throws DataBackendException
{
return checkExists(user.getName());
}
/**
* Retrieve a user from persistent storage using username as the
* key, and authenticate the user. The implementation may chose
* to authenticate to the server as the user whose data is being
* retrieved.
*
* @param userName the name of the user.
* @param password the user supplied password.
* @return an User object.
* @exception PasswordMismatchException if the supplied password was
* incorrect.
* @exception UnknownEntityException if the user's account does not
* exist in the database.
* @exception DataBackendException if there is a problem accessing the
* storage.
*/
public User getUser(String userName, String password)
throws PasswordMismatchException, UnknownEntityException, DataBackendException
{
User user = getUser(userName);
authenticate(user, password);
return user;
}
/**
* Authenticate an User with the specified password. If authentication
* is successful the method returns nothing. If there are any problems,
* exception was thrown.
*
* @param user an User object to authenticate.
* @param password the user supplied password.
* @exception PasswordMismatchException if the supplied password was
* incorrect.
* @exception UnknownEntityException if the user's account does not
* exist in the database.
* @exception DataBackendException if there is a problem accessing the
* storage.
*/
public void authenticate(User user, String password)
throws PasswordMismatchException, UnknownEntityException, DataBackendException
{
if (authenticator == null)
{
authenticator = (Authenticator) resolve(Authenticator.ROLE);
}
if (!authenticator.authenticate(user, password))
{
throw new PasswordMismatchException("Can not authenticate user.");
}
}
/**
* Change the password for an User. The user must have supplied the
* old password to allow the change.
*
* @param user an User to change password for.
* @param oldPassword The old password to verify
* @param newPassword The new password to set
* @exception PasswordMismatchException if the supplied password was
* incorrect.
* @exception UnknownEntityException if the user's account does not
* exist in the database.
* @exception DataBackendException if there is a problem accessing the
* storage.
*/
public void changePassword(
User user,
String oldPassword,
String newPassword)
throws PasswordMismatchException, UnknownEntityException, DataBackendException
{
if (!checkExists(user))
{
throw new UnknownEntityException(
"The account '" + user.getName() + "' does not exist");
}
if (!oldPassword.equals(user.getPassword()))
{
throw new PasswordMismatchException(
"The supplied old password for '"
+ user.getName()
+ "' was incorrect");
}
user.setPassword(newPassword);
// save the changes in the database imediately, to prevent the password
// being 'reverted' to the old value if the user data is lost somehow
// before it is saved at session's expiry.
saveUser(user);
}
/**
* Forcibly sets new password for an User.
*
* This is supposed by the administrator to change the forgotten or
* compromised passwords. Certain implementatations of this feature
* would require administrative level access to the authenticating
* server / program.
*
* @param user an User to change password for.
* @param password the new password.
* @exception UnknownEntityException if the user's record does not
* exist in the database.
* @exception DataBackendException if there is a problem accessing the
* storage.
*/
public void forcePassword(User user, String password)
throws UnknownEntityException, DataBackendException
{
if (!checkExists(user))
{
throw new UnknownEntityException(
"The account '" + user.getName() + "' does not exist");
}
user.setPassword(password);
// save the changes in the database immediately, to prevent the
// password being 'reverted' to the old value if the user data
// is lost somehow before it is saved at session's expiry.
saveUser(user);
}
/**
* Construct a blank User object.
*
* This method calls getUserClass, and then creates a new object using
* the default constructor.
*
* @return an object implementing User interface.
* @throws DataBackendException if the object could not be instantiated.
*/
public User getUserInstance() throws DataBackendException
{
User user;
try
{
user = (User) Class.forName(getClassName()).newInstance();
}
catch (Exception e)
{
throw new DataBackendException(
"Problem creating instance of class " + getClassName(),
e);
}
return user;
}
/**
* Construct a blank User object.
*
* This method calls getUserClass, and then creates a new object using
* the default constructor.
*
* @param userName The name of the user.
*
* @return an object implementing User interface.
*
* @throws DataBackendException if the object could not be instantiated.
*/
public User getUserInstance(String userName) throws DataBackendException
{
User user = getUserInstance();
user.setName(userName);
return user;
}
/**
* Creates new user account with specified attributes.
*
* @param user the object describing account to be created.
* @param password The password to use for the account.
*
* @throws DataBackendException if there was an error accessing the
* data backend.
* @throws EntityExistsException if the user account already exists.
*/
public User addUser(User user, String password)
throws DataBackendException, EntityExistsException
{
if (StringUtils.isEmpty(user.getName()))
{
throw new DataBackendException(
"Could not create " + "an user with empty name!");
}
if (checkExists(user))
{
throw new EntityExistsException(
"The account '" + user.getName() + "' already exists");
}
user.setPassword(password);
try
{
return persistNewUser(user);
}
catch (Exception e)
{
throw new DataBackendException(
"Failed to create account '" + user.getName() + "'",
e);
}
}
/**
* @return Returns the ACLFactory.
*/
public ACLFactory getACLFactory()
{
if (aclFactory == null)
{
aclFactory = (ACLFactory) resolve(ACLFactory.ROLE);
}
return aclFactory;
}
}
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/spi/AbstractEntityManager.java
Index: AbstractEntityManager.java
===================================================================
package org.apache.fulcrum.security.spi;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.avalon.framework.configuration.Configurable;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
*
* This abstract implementation provides most of the functionality that
* a manager will need.
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: AbstractEntityManager.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public abstract class AbstractEntityManager
extends AbstractManager
implements Configurable
{
private String className;
private static final String CLASS_NAME_KEY = "className";
/** Logging */
private static Log log = LogFactory.getLog(AbstractEntityManager.class);
/**
* Avalon Service lifecycle method
*/
public void configure(Configuration conf) throws ConfigurationException
{
className = conf.getChild(CLASS_NAME_KEY).getValue();
}
/**
* @return Returns the className.
*/
public String getClassName()
{
return className;
}
/**
* @param className The className to set.
*/
public void setClassName(String className)
{
this.className = className;
}
}
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/spi/AbstractGroupManager.java
Index: AbstractGroupManager.java
===================================================================
package org.apache.fulcrum.security.spi;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.fulcrum.security.GroupManager;
import org.apache.fulcrum.security.entity.Group;
import org.apache.fulcrum.security.util.DataBackendException;
import org.apache.fulcrum.security.util.EntityExistsException;
import org.apache.fulcrum.security.util.UnknownEntityException;
/**
* This implementation keeps all objects in memory. This is mostly meant to help
* with testing and prototyping of ideas.
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: AbstractGroupManager.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public abstract class AbstractGroupManager
extends AbstractEntityManager
implements GroupManager
{
/** Logging */
private static Log log = LogFactory.getLog(AbstractGroupManager.class);
protected abstract Group persistNewGroup(Group group) throws DataBackendException;
/**
* Construct a blank Group object.
*
* This method calls getGroupClass, and then creates a new object using
* the default constructor.
*
* @return an object implementing Group interface.
* @throws DataBackendException if the object could not be instantiated.
*/
public Group getGroupInstance() throws DataBackendException
{
Group group;
try
{
group = (Group) Class.forName(getClassName()).newInstance();
}
catch (Exception e)
{
throw new DataBackendException(
"Problem creating instance of class " + getClassName(),
e);
}
return group;
}
/**
* Construct a blank Group object.
*
* This method calls getGroupClass, and then creates a new object using
* the default constructor.
*
* @param groupName The name of the Group
*
* @return an object implementing Group interface.
*
* @throws DataBackendException if the object could not be instantiated.
*/
public Group getGroupInstance(String groupName) throws DataBackendException
{
Group group = getGroupInstance();
group.setName(groupName);
return group;
}
/**
* Retrieve a Group object with specified name.
*
* @param name the name of the Group.
* @return an object representing the Group with specified name.
* @throws DataBackendException if there was an error accessing the
* data backend.
* @throws UnknownEntityException if the group does not exist.
* @deprecated Use <a href="#getGroupByName">getGroupByName</a> instead.
*/
public Group getGroup(String name)
throws DataBackendException, UnknownEntityException
{
return getGroupByName(name);
}
/**
* Retrieve a Group object with specified name.
*
* @param name the name of the Group.
* @return an object representing the Group with specified name.
* @throws DataBackendException if there was an error accessing the
* data backend.
* @throws UnknownEntityException if the group does not exist.
*/
public Group getGroupByName(String name)
throws DataBackendException, UnknownEntityException
{
Group group = getAllGroups().getGroupByName(name);
if (group == null)
{
throw new UnknownEntityException("The specified group does not exist");
}
return group;
}
/**
* Retrieve a Group object with specified Id.
*
* @param name the name of the Group.
*
* @return an object representing the Group with specified name.
*
* @throws UnknownEntityException if the permission does not
* exist in the database.
* @throws DataBackendException if there is a problem accessing the
* storage.
*/
public Group getGroupById(Object id)
throws DataBackendException, UnknownEntityException
{
Group group = getAllGroups().getGroupById(id);
if (group == null)
{
throw new UnknownEntityException("The specified group does not exist");
}
return group;
}
/**
* Creates a new group with specified attributes.
*
* @param group the object describing the group to be created.
* @return a new Group object that has id set up properly.
* @throws DataBackendException if there was an error accessing the data
* backend.
* @throws EntityExistsException if the group already exists.
*/
public synchronized Group addGroup(Group group)
throws DataBackendException, EntityExistsException
{
boolean groupExists = false;
if (StringUtils.isEmpty(group.getName()))
{
throw new DataBackendException("Could not create a group with empty name!");
}
if (group.getId() != null)
{
throw new DataBackendException("Could not create a group with an id!");
}
groupExists = checkExists(group);
if (!groupExists)
{
// return the object with correct id
return persistNewGroup(group);
}
else
{
throw new EntityExistsException(
"Group '" + group + "' already exists");
}
}
}
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/model/dynamic/DynamicACLFactory.java
Index: DynamicACLFactory.java
===================================================================
package org.apache.fulcrum.security.model.dynamic;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.fulcrum.security.acl.AccessControlList;
import org.apache.fulcrum.security.entity.Group;
import org.apache.fulcrum.security.entity.User;
import org.apache.fulcrum.security.model.ACLFactory;
import org.apache.fulcrum.security.model.dynamic.entity.DynamicGroup;
import org.apache.fulcrum.security.model.dynamic.entity.DynamicRole;
import org.apache.fulcrum.security.model.dynamic.entity.DynamicUser;
import org.apache.fulcrum.security.spi.AbstractManager;
import org.apache.fulcrum.security.util.RoleSet;
import org.apache.fulcrum.security.util.UnknownEntityException;
/**
*
* This factory creates instance of the DynamicAccessControlList
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: DynamicACLFactory.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public class DynamicACLFactory extends AbstractManager implements ACLFactory
{
/** Logging */
private static Log log = LogFactory.getLog(DynamicACLFactory.class);
/**
* Construct a new ACL object.
*
* This constructs a new ACL object from the configured class and
* initializes it with the supplied roles and permissions.
*
* @param roles The roles that this ACL should contain
* @param permissions The permissions for this ACL
*
* @return an object implementing ACL interface.
* @throws UnknownEntityException if the object could not be instantiated.
*/
private AccessControlList getAclInstance(Map roles, Map permissions)
throws UnknownEntityException
{
Object[] objects = { roles, permissions };
String[] signatures = { Map.class.getName(), Map.class.getName()};
AccessControlList accessControlList;
try
{
/*
*
@todo I think this is overkill for now..
accessControlList =
(AccessControlList) aclFactoryService.getInstance(aclClass.getName(), objects, signatures);
*/
accessControlList =
new DynamicAccessControlListImpl(roles, permissions);
}
catch (Exception e)
{
throw new UnknownEntityException(
"Failed to instantiate an ACL implementation object",
e);
}
return accessControlList;
}
public AccessControlList getAccessControlList(User user)
{
Map roleSets = new HashMap();
Map permissionSets = new HashMap();
for (Iterator i = ((DynamicUser) user).getGroups().iterator();
i.hasNext();
)
{
Group group = (Group) i.next();
RoleSet roleSet = (RoleSet) ((DynamicGroup) group).getRoles();
roleSets.put(group, roleSet);
for (Iterator j = roleSet.iterator(); j.hasNext();)
{
DynamicRole role = (DynamicRole) j.next();
permissionSets.put(role, role.getPermissions());
}
}
try
{
return getAclInstance(roleSets, permissionSets);
}
catch (UnknownEntityException uue)
{
throw new RuntimeException(uue.getMessage(), uue);
}
}
}
1.1 jakarta-turbine-fulcrum/security/spi/conf/config.xml
Index: config.xml
===================================================================
<targets>
<target path="/test/security">
<categories priority="INFO"/>
</target>
</targets>
1.1 jakarta-turbine-fulcrum/security/spi/conf/block.xml
Index: block.xml
===================================================================
<container name="test">
<classloader>
<classpath>
<repository>
<resource id="fulcrum:fulcrum-crypto-api" version="1.0-alpha-4"/>
<resource id="fulcrum:fulcrum-crypto-impl" version="1.0-alpha-4"/>
<resource id="fulcrum:fulcrum-factory-api" version="1.0-alpha-2"/>
<resource id="fulcrum:fulcrum-factory-impl" version="1.0-alpha-2"/>
</repository>
</classpath>
</classloader>
<services>
<service type="org.apache.fulcrum.crypto.CryptoService">
<source>crypto</source>
</service>
</services>
<!--component name="factory" class="org.apache.fulcrum.factory.DefaultFactoryService"/-->
<component name="crypto" class="org.apache.fulcrum.crypto.DefaultCryptoService"/>
<!--
<component name="authenticator" class="org.apache.fulcrum.security.authenticator.CryptoAuthenticator"/>
-->
</container>
1.1 jakarta-turbine-fulcrum/security/spi/src/test/org/apache/fulcrum/security/model/ACLFactoryTest.java
Index: ACLFactoryTest.java
===================================================================
package org.apache.fulcrum.security.model;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2002 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.fulcrum.security.acl.AccessControlList;
import org.apache.fulcrum.security.model.basic.BasicAccessControlList;
import org.apache.fulcrum.security.model.basic.entity.BasicGroup;
import org.apache.fulcrum.security.model.basic.entity.BasicUser;
import org.apache.fulcrum.security.model.dynamic.DynamicAccessControlList;
import org.apache.fulcrum.security.model.dynamic.entity.DynamicGroup;
import org.apache.fulcrum.security.model.dynamic.entity.DynamicPermission;
import org.apache.fulcrum.security.model.dynamic.entity.DynamicRole;
import org.apache.fulcrum.security.model.dynamic.entity.DynamicUser;
import org.apache.fulcrum.testcontainer.BaseUnitTest;
/**
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: ACLFactoryTest.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public class ACLFactoryTest extends BaseUnitTest
{
public ACLFactoryTest(String arg0)
{
super(arg0);
}
public void setUp() throws Exception
{
super.setUp();
}
public void testCreatingDynamicACL() throws Exception
{
this.setRoleFileName(null);
this.setConfigurationFileName("src/test/DynamicACL.xml");
ACLFactory factory = (ACLFactory) lookup(ACLFactory.ROLE);
DynamicUser user = new DynamicUser();
user.setName("bob");
user.setId(new Integer(1));
DynamicGroup group = new DynamicGroup();
group.setName("group1");
group.setId(new Integer(1));
DynamicRole role = new DynamicRole();
role.setName("role1");
role.setId(new Integer(1));
DynamicPermission permission = new DynamicPermission();
permission.setName("permission1");
permission.setId(new Integer(1));
role.addPermission(permission);
group.addRole(role);
user.addGroup(group);
AccessControlList acl = factory.getAccessControlList(user);
assertTrue(acl instanceof DynamicAccessControlList);
DynamicAccessControlList dacl = (DynamicAccessControlList) acl;
assertTrue(dacl.hasPermission(permission));
}
public void testCreatingBasicACL() throws Exception
{
this.setRoleFileName(null);
this.setConfigurationFileName("src/test/BasicACL.xml");
ACLFactory factory = (ACLFactory) lookup(ACLFactory.ROLE);
BasicUser user = new BasicUser();
user.setName("bob");
user.setId(new Integer(1));
BasicGroup group = new BasicGroup();
group.setName("group1");
group.setId(new Integer(1));
user.addGroup(group);
AccessControlList acl = factory.getAccessControlList(user);
assertTrue(acl instanceof BasicAccessControlList);
BasicAccessControlList bacl = (BasicAccessControlList) acl;
assertTrue(bacl.hasGroup(group));
}
}
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/model/basic/BasicACLFactory.java
Index: BasicACLFactory.java
===================================================================
package org.apache.fulcrum.security.model.basic;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.fulcrum.security.acl.AccessControlList;
import org.apache.fulcrum.security.entity.User;
import org.apache.fulcrum.security.model.ACLFactory;
import org.apache.fulcrum.security.model.basic.entity.BasicUser;
import org.apache.fulcrum.security.spi.AbstractManager;
import org.apache.fulcrum.security.util.GroupSet;
import org.apache.fulcrum.security.util.UnknownEntityException;
/**
*
* This factory creates instance of the DynamicAccessControlList
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @version $Id: BasicACLFactory.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public class BasicACLFactory extends AbstractManager implements ACLFactory
{
/** Logging */
private static Log log = LogFactory.getLog(BasicACLFactory.class);
/**
* Construct a new ACL object.
*
* This constructs a new ACL object from the configured class and
* initializes it with the supplied roles and permissions.
*
* @param roles The roles that this ACL should contain
* @param permissions The permissions for this ACL
*
* @return an object implementing ACL interface.
* @throws UnknownEntityException if the object could not be instantiated.
*/
private AccessControlList getAclInstance(GroupSet groupSet)
throws UnknownEntityException
{
Object[] objects = { groupSet};
String[] signatures = { GroupSet.class.getName()};
AccessControlList accessControlList;
try
{
/*
*
@todo I think this is overkill for now..
accessControlList =
(AccessControlList) aclFactoryService.getInstance(aclClass.getName(), objects, signatures);
*/
accessControlList =
new BasicAccessControlListImpl(groupSet);
}
catch (Exception e)
{
throw new UnknownEntityException(
"Failed to instantiate an ACL implementation object",
e);
}
return accessControlList;
}
public AccessControlList getAccessControlList(User user)
{
GroupSet groupSet = ((BasicUser)user).getGroups();
try
{
return getAclInstance(groupSet);
}
catch (UnknownEntityException uue)
{
throw new RuntimeException(uue.getMessage(), uue);
}
}
}
1.1 jakarta-turbine-fulcrum/security/spi/src/java/org/apache/fulcrum/security/model/ACLFactory.java
Index: ACLFactory.java
===================================================================
package org.apache.fulcrum.security.model;
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Turbine" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* "Apache Turbine", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
import org.apache.fulcrum.security.acl.AccessControlList;
import org.apache.fulcrum.security.entity.User;
/**
* This interface describes a factory for creating AccessControlList
* objects.
*
* @author <a href="mailto:epugh@upstate.com">Eric Pugh</a>
* @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
* @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
* @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
* @author <a href="mailto:marco@intermeta.de">Marco Knüttel</a>
* @version $Id: ACLFactory.java,v 1.1 2003/12/05 23:13:41 epugh Exp $
*/
public interface ACLFactory
{
public static final String ROLE = ACLFactory.class.getName();
public AccessControlList getAccessControlList(User user);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org