1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23 package org.talika.tarsis.security.memory;
24
25 import java.io.IOException;
26 import java.util.Map;
27
28 import javax.xml.parsers.ParserConfigurationException;
29 import javax.xml.parsers.SAXParserFactory;
30
31 import org.talika.tarsis.context.Context;
32 import org.talika.tarsis.security.AuthenticationFailedException;
33 import org.talika.tarsis.security.AuthenticatorService;
34 import org.talika.tarsis.security.SecuritySession;
35 import org.talika.tarsis.security.SecuritySessionImpl;
36 import org.talika.tarsis.service.ServiceException;
37 import org.xml.sax.InputSource;
38 import org.xml.sax.SAXException;
39 import org.xml.sax.SAXParseException;
40 import org.xml.sax.XMLReader;
41
42 /**
43 * XML/Memory implementation of <code>Authenticator</code> interface.
44 *
45 * @author Jose M. Palomar
46 * @version $Revision: 269 $
47 */
48 public final class MemoryAuthenticator extends AuthenticatorService {
49
50
51 /**
52 * XML users file.
53 */
54 private static final String USERS_FILE = "/WEB-INF/users.xml";
55
56
57 /**
58 * Users <code>Map</code>.
59 */
60 private Map users;
61
62
63 /**
64 * Creates a new <code>MemoryAuthenticator</code>.
65 */
66 public MemoryAuthenticator() {
67 }
68
69
70 /**
71 * Called by the framework to indicate that is being placed into service.<br>
72 * <br>
73 * Load users from XML file.
74 *
75 * @param context Context context that initialized service.
76 * @throws ServiceException if an exception has occurred that interferes with the
77 * services's normal operation
78 * @see org.talika.tarsis.service.Service#init(Context)
79 */
80 public void init(Context context) throws ServiceException {
81 super.init(context);
82
83 loadUsers();
84 if (users == null) {
85 throw new ServiceException("Unable to load users file");
86 }
87
88 }
89
90 /**
91 * Returns name of service.
92 *
93 * @return String name of service.
94 * @see org.talika.tarsis.service.Service#getName()
95 */
96 public String getName() {
97 return "MemoryAuthenticator";
98 }
99
100 /**
101 * Checks if given user and password are correct.
102 *
103 * @param username String user name.
104 * @param password String user password.
105 * @return SecuritySession security session created from given user and password.
106 * @throws AuthenticationFailedException if user and/or password aren't correct.
107 * @see org.talika.tarsis.security.Authenticator#login(String, String)
108 */
109 public SecuritySession login(String username, String password)
110 throws AuthenticationFailedException {
111
112 MemoryUserImpl user = (MemoryUserImpl) users.get(username);
113 if (user == null) {
114 throw new AuthenticationFailedException("Invalid user");
115 }
116
117 if (!user.isPasswordValid(password)) {
118 throw new AuthenticationFailedException("Invalid credentials");
119 }
120
121 return new SecuritySessionImpl(user);
122
123 }
124
125 /**
126 * Load users from XML file.
127 */
128 private void loadUsers() {
129
130 try {
131
132 InputSource input = new InputSource(getContext().getResourceAsStream(USERS_FILE));
133 SAXParserFactory spf = SAXParserFactory.newInstance();
134 spf.setValidating(true);
135 spf.setNamespaceAware(false);
136
137 XMLReader parser = null;
138 parser = spf.newSAXParser().getXMLReader();
139 XmlUsersHandler handler = new XmlUsersHandler();
140 parser.setContentHandler(handler);
141 parser.setErrorHandler(handler);
142 parser.setEntityResolver(handler);
143 parser.parse(input);
144
145 this.users = handler.getUsers();
146
147 }
148 catch (SAXParseException spe) {
149 if (getLogger().isDebugEnabled()) {
150 getLogger().logDebug("Error parsing authorizations (" + spe.getMessage() + ")");
151 }
152 }
153 catch (SAXException se) {
154 if (se.getException() != null) {
155 if (getLogger().isDebugEnabled()) {
156 getLogger().logDebug("Error parsing authorizations (" + se.getException().getMessage() + ")");
157 }
158 }
159 else {
160 if (getLogger().isDebugEnabled()) {
161 getLogger().logDebug("Error parsing authorizations (" + se.getMessage() + ")");
162 }
163 }
164 }
165 catch (ParserConfigurationException pce) {
166 if (getLogger().isDebugEnabled()) {
167 getLogger().logDebug("Error parsing authorizations (" + pce.getMessage() + ")");
168 }
169 }
170 catch (IOException ioe) {
171 if (getLogger().isDebugEnabled()) {
172 getLogger().logDebug("Error parsing authorizations (" + ioe.getMessage() + ")");
173 }
174 }
175
176 }
177
178 }