src/org/jsecurity/subject/AbstractRememberMeManager.java - jsecurity - Git at Google

 /*
  * Copyright 2005-2008 Les Hazlewood
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.jsecurity.subject;

 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.jsecurity.authc.Account;
 import org.jsecurity.authc.AuthenticationException;
 import org.jsecurity.authc.AuthenticationToken;
 import org.jsecurity.authc.RememberMeAuthenticationToken;
 import org.jsecurity.crypto.BlowfishCipher;
 import org.jsecurity.crypto.Cipher;
 import org.jsecurity.io.DefaultSerializer;
 import org.jsecurity.io.SerializationException;
 import org.jsecurity.io.Serializer;

 /**
  * @author Les Hazlewood
  * @since 0.9
  */
 public abstract class AbstractRememberMeManager implements RememberMeManager {

     protected transient final Log log = LogFactory.getLog(getClass());

     private Serializer serializer = new DefaultSerializer();
     private Cipher cipher = new BlowfishCipher();

     public AbstractRememberMeManager() {
     }

     public Serializer getSerializer() {
         return serializer;
     }

     public void setSerializer(Serializer serializer) {
         this.serializer = serializer;
     }

     public Cipher getCipher() {
         return cipher;
     }

     public void setCipher(Cipher cipher) {
         this.cipher = cipher;
     }

     protected boolean isRememberMe(AuthenticationToken token) {
         return token != null && (token instanceof RememberMeAuthenticationToken) &&
             ((RememberMeAuthenticationToken) token).isRememberMe();
     }

     public void onSuccessfulLogin(AuthenticationToken token, Account account) {
         if (isRememberMe(token)) {
             rememberIdentity(token, account);
         } else {
             if (log.isDebugEnabled()) {
                 log.debug("AuthenticationToken did not indicate RememberMe is requested.  " +
                     "RememberMe functionality will not be executed for corresponding Account.");
             }
         }
     }

     public void rememberIdentity(AuthenticationToken submittedToken, Account successfullyAuthenticated) {
         rememberIdentity(successfullyAuthenticated);
     }

     public void rememberIdentity(Account successfullyAuthenticated) {
         PrincipalCollection principals = getIdentityToRemember(successfullyAuthenticated);
         rememberIdentity(principals);
     }

     protected PrincipalCollection getIdentityToRemember(Account account) {
         return account.getPrincipals();
     }

     protected byte[] encrypt(byte[] serialized) {
         byte[] value = serialized;
         Cipher cipher = getCipher();
         if (cipher != null) {
             value = cipher.encrypt(serialized, null);
         }
         return value;
     }

     protected byte[] decrypt(byte[] encrypted) {
         byte[] serialized = encrypted;
         Cipher cipher = getCipher();
         if (cipher != null) {
             serialized = cipher.decrypt(encrypted, null);
         }
         return serialized;
     }

     protected void rememberIdentity(PrincipalCollection accountPrincipals) {
         try {
             byte[] bytes = serialize(accountPrincipals);
             if (getCipher() != null) {
                 bytes = encrypt(bytes);
             }
             rememberSerializedIdentity(bytes);
         } catch (SerializationException se) {
             if ( log.isWarnEnabled() ) {
                 log.warn("Unable to serialize account principals [" + accountPrincipals + "].  Identity " +
                     "cannot be remembered!  This is a non fatal exception as RememberMe identity services " +
                     "are not considered critical and execution can continue as normal.  But please " +
                     "investigate and resolve to prevent seeing this message again.", se );
             }
         }
     }

     protected byte[] serialize(PrincipalCollection principals) {
         return getSerializer().serialize(principals);
     }

     protected abstract void rememberSerializedIdentity(byte[] serialized);

     public PrincipalCollection getRememberedPrincipals() {
         PrincipalCollection principals = null;
         byte[] bytes = getSerializedRememberedIdentity();
         if (bytes != null) {
             if (getCipher() != null) {
                 bytes = decrypt(bytes);
             }
             try {
                 principals = deserialize(bytes);
             } catch (SerializationException e) {
                 if ( log.isWarnEnabled() ) {
                     log.warn("Unable to deserialize stored identity byte array.  Remembered identity " +
                         "cannot be reconstituted!  This is a non fatal exception as RememberMe identity services " +
                         "are not considered critical and execution can continue as normal, but please " +
                         "investigate and resolve to prevent seeing this message again.", e );
                 }
             }
         }
         return principals;
     }

     protected PrincipalCollection deserialize(byte[] serializedIdentity) {
         return (PrincipalCollection)getSerializer().deserialize(serializedIdentity);
     }

     protected abstract byte[] getSerializedRememberedIdentity();

     public void onFailedLogin(AuthenticationToken token, AuthenticationException ae) {
         forgetIdentity(token, ae);
     }

     public void onLogout(PrincipalCollection subjectPrincipals) {
         forgetIdentity();
     }

     protected void forgetIdentity(AuthenticationToken token, AuthenticationException ae) {
         forgetIdentity(token);
     }

     protected void forgetIdentity(AuthenticationToken token) {
         forgetIdentity();
     }

     protected abstract void forgetIdentity();
 }
	/*
	* Copyright 2005-2008 Les Hazlewood
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.jsecurity.subject;

	import org.apache.commons.logging.Log;
	import org.apache.commons.logging.LogFactory;
	import org.jsecurity.authc.Account;
	import org.jsecurity.authc.AuthenticationException;
	import org.jsecurity.authc.AuthenticationToken;
	import org.jsecurity.authc.RememberMeAuthenticationToken;
	import org.jsecurity.crypto.BlowfishCipher;
	import org.jsecurity.crypto.Cipher;
	import org.jsecurity.io.DefaultSerializer;
	import org.jsecurity.io.SerializationException;
	import org.jsecurity.io.Serializer;

	/**
	* @author Les Hazlewood
	* @since 0.9
	*/
	public abstract class AbstractRememberMeManager implements RememberMeManager {

	protected transient final Log log = LogFactory.getLog(getClass());

	private Serializer serializer = new DefaultSerializer();
	private Cipher cipher = new BlowfishCipher();

	public AbstractRememberMeManager() {
	}

	public Serializer getSerializer() {
	return serializer;
	}

	public void setSerializer(Serializer serializer) {
	this.serializer = serializer;
	}

	public Cipher getCipher() {
	return cipher;
	}

	public void setCipher(Cipher cipher) {
	this.cipher = cipher;
	}

	protected boolean isRememberMe(AuthenticationToken token) {
	return token != null && (token instanceof RememberMeAuthenticationToken) &&
	((RememberMeAuthenticationToken) token).isRememberMe();
	}

	public void onSuccessfulLogin(AuthenticationToken token, Account account) {
	if (isRememberMe(token)) {
	rememberIdentity(token, account);
	} else {
	if (log.isDebugEnabled()) {
	log.debug("AuthenticationToken did not indicate RememberMe is requested. " +
	"RememberMe functionality will not be executed for corresponding Account.");
	}
	}
	}

	public void rememberIdentity(AuthenticationToken submittedToken, Account successfullyAuthenticated) {
	rememberIdentity(successfullyAuthenticated);
	}

	public void rememberIdentity(Account successfullyAuthenticated) {
	PrincipalCollection principals = getIdentityToRemember(successfullyAuthenticated);
	rememberIdentity(principals);
	}

	protected PrincipalCollection getIdentityToRemember(Account account) {
	return account.getPrincipals();
	}

	protected byte[] encrypt(byte[] serialized) {
	byte[] value = serialized;
	Cipher cipher = getCipher();
	if (cipher != null) {
	value = cipher.encrypt(serialized, null);
	}
	return value;
	}

	protected byte[] decrypt(byte[] encrypted) {
	byte[] serialized = encrypted;
	Cipher cipher = getCipher();
	if (cipher != null) {
	serialized = cipher.decrypt(encrypted, null);
	}
	return serialized;
	}

	protected void rememberIdentity(PrincipalCollection accountPrincipals) {
	try {
	byte[] bytes = serialize(accountPrincipals);
	if (getCipher() != null) {
	bytes = encrypt(bytes);
	}
	rememberSerializedIdentity(bytes);
	} catch (SerializationException se) {
	if ( log.isWarnEnabled() ) {
	log.warn("Unable to serialize account principals [" + accountPrincipals + "]. Identity " +
	"cannot be remembered! This is a non fatal exception as RememberMe identity services " +
	"are not considered critical and execution can continue as normal. But please " +
	"investigate and resolve to prevent seeing this message again.", se );
	}
	}
	}

	protected byte[] serialize(PrincipalCollection principals) {
	return getSerializer().serialize(principals);
	}

	protected abstract void rememberSerializedIdentity(byte[] serialized);

	public PrincipalCollection getRememberedPrincipals() {
	PrincipalCollection principals = null;
	byte[] bytes = getSerializedRememberedIdentity();
	if (bytes != null) {
	if (getCipher() != null) {
	bytes = decrypt(bytes);
	}
	try {
	principals = deserialize(bytes);
	} catch (SerializationException e) {
	if ( log.isWarnEnabled() ) {
	log.warn("Unable to deserialize stored identity byte array. Remembered identity " +
	"cannot be reconstituted! This is a non fatal exception as RememberMe identity services " +
	"are not considered critical and execution can continue as normal, but please " +
	"investigate and resolve to prevent seeing this message again.", e );
	}
	}
	}
	return principals;
	}

	protected PrincipalCollection deserialize(byte[] serializedIdentity) {
	return (PrincipalCollection)getSerializer().deserialize(serializedIdentity);
	}

	protected abstract byte[] getSerializedRememberedIdentity();

	public void onFailedLogin(AuthenticationToken token, AuthenticationException ae) {
	forgetIdentity(token, ae);
	}

	public void onLogout(PrincipalCollection subjectPrincipals) {
	forgetIdentity();
	}

	protected void forgetIdentity(AuthenticationToken token, AuthenticationException ae) {
	forgetIdentity(token);
	}

	protected void forgetIdentity(AuthenticationToken token) {
	forgetIdentity();
	}

	protected abstract void forgetIdentity();
	}