| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../jacoco-resources/report.gif" type="image/gif"/><title>XMLDocAuthenticator.java</title><link rel="stylesheet" href="../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">jUDDI Core Services</a> > <a href="index.source.html" class="el_package">org.apache.juddi.v3.auth</a> > <span class="el_source">XMLDocAuthenticator.java</span></div><h1>XMLDocAuthenticator.java</h1><pre class="source lang-java linenums">/* |
| * Copyright 2001-2008 The Apache Software Foundation. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| * |
| */ |
| package org.apache.juddi.v3.auth; |
| |
| import java.io.File; |
| import java.io.FileInputStream; |
| import java.io.IOException; |
| import java.io.InputStream; |
| import java.net.URL; |
| import java.util.HashMap; |
| import java.util.Map; |
| |
| import javax.persistence.EntityManager; |
| import javax.persistence.EntityTransaction; |
| import javax.xml.bind.JAXBContext; |
| import javax.xml.bind.JAXBElement; |
| import javax.xml.bind.JAXBException; |
| import javax.xml.bind.Unmarshaller; |
| import javax.xml.transform.stream.StreamSource; |
| import javax.xml.ws.WebServiceContext; |
| |
| import org.apache.commons.configuration.ConfigurationException; |
| import org.apache.commons.logging.Log; |
| import org.apache.commons.logging.LogFactory; |
| import org.apache.juddi.ClassUtil; |
| import org.apache.juddi.config.AppConfig; |
| import org.apache.juddi.config.PersistenceManager; |
| import org.apache.juddi.config.Property; |
| import org.apache.juddi.model.Publisher; |
| import org.apache.juddi.model.UddiEntityPublisher; |
| import org.apache.juddi.v3.error.AuthenticationException; |
| import org.apache.juddi.v3.error.ErrorMessage; |
| import org.apache.juddi.v3.error.FatalErrorException; |
| import org.apache.juddi.v3.error.UnknownUserException; |
| |
| /** |
| * This is a simple implementation of jUDDI's Authenticator interface. The |
| * credential store is simply an unencrypted xml document called 'juddi.users' |
| * that can be found in jUDDI's config directory. Below is an example of what |
| * you might find in this document. |
| * |
| * Example juddi.users document: ============================= |
| * <?xml version="1.0" encoding="UTF-8"?> |
| * <juddi-users> |
| * <user userid="sviens" password="password" /> |
| * <user userid="griddell" password="password" /> |
| * <user userid="bhablutzel" password="password" /> |
| * </juddi-users> |
| * |
| * @author Steve Viens (sviens@apache.org) |
| * @author <a href="mailto:kstam@apache.org">Kurt T Stam</a> |
| * @author <a href="mailto:jfaath@apache.org">Jeff Faath</a> |
| */ |
| public class XMLDocAuthenticator implements Authenticator { |
| |
| <span class="fc" id="L70"> protected final static Log log = LogFactory.getLog(AuthenticatorFactory.class);</span> |
| /** |
| * Container for the user credentials |
| */ |
| Map<String, User> userTable; |
| |
| /** |
| * |
| */ |
| <span class="fc" id="L79"> public XMLDocAuthenticator() throws JAXBException, IOException, ConfigurationException {</span> |
| <span class="fc" id="L80"> readUserFile();</span> |
| <span class="fc" id="L81"> }</span> |
| |
| /** |
| * an empty constructor |
| */ |
| <span class="nc" id="L86"> public XMLDocAuthenticator(boolean b) {</span> |
| |
| <span class="nc" id="L88"> }</span> |
| |
| protected String getFilename() throws ConfigurationException { |
| <span class="fc" id="L91"> return AppConfig.getConfiguration().getString(Property.JUDDI_USERSFILE, Property.DEFAULT_XML_USERSFILE);</span> |
| } |
| |
| /** |
| * Read user data from the juddi-users file. |
| * |
| * @throws IOException when the file cannot be opened JAXBException when |
| * the content is malformed. |
| * @throws ConfigurationException |
| */ |
| public synchronized void readUserFile() throws JAXBException, IOException, ConfigurationException { |
| |
| <span class="fc" id="L103"> userTable = new HashMap<String, User>();</span> |
| <span class="fc" id="L104"> String usersFileName = getFilename();</span> |
| <span class="pc bpc" id="L105" title="2 of 4 branches missed."> if (usersFileName == null || usersFileName.length() == 0) {</span> |
| <span class="nc" id="L106"> throw new ConfigurationException("usersFileName value is null!");</span> |
| } |
| <span class="fc" id="L108"> File file = new File(usersFileName);</span> |
| <span class="fc" id="L109"> InputStream stream = null;</span> |
| try { |
| <span class="pc bpc" id="L111" title="1 of 2 branches missed."> if (file.exists()) {</span> |
| <span class="nc" id="L112"> log.info("Reading jUDDI Users File: " + usersFileName + "...");</span> |
| <span class="nc" id="L113"> stream = new FileInputStream(file);</span> |
| } else { |
| <span class="fc" id="L115"> URL resource = ClassUtil.getResource(usersFileName, this.getClass());</span> |
| <span class="pc bpc" id="L116" title="1 of 2 branches missed."> if (resource != null) {</span> |
| <span class="fc" id="L117"> log.info("Reading jUDDI Users File: " + usersFileName + "...from " + resource.toExternalForm());</span> |
| } else { |
| <span class="nc" id="L119"> log.info("Reading jUDDI Users File: " + usersFileName + "...");</span> |
| } |
| <span class="fc" id="L121"> stream = ClassUtil.getResource(usersFileName, this.getClass()).openStream();</span> |
| } |
| <span class="fc" id="L123"> JAXBContext jaxbContext = JAXBContext.newInstance(JuddiUsers.class);</span> |
| <span class="fc" id="L124"> Unmarshaller unMarshaller = jaxbContext.createUnmarshaller();</span> |
| <span class="fc" id="L125"> JAXBElement<JuddiUsers> element = unMarshaller.unmarshal(new StreamSource(stream), JuddiUsers.class);</span> |
| <span class="fc" id="L126"> JuddiUsers users = element.getValue();</span> |
| <span class="fc bfc" id="L127" title="All 2 branches covered."> for (User user : users.getUser()) {</span> |
| <span class="fc" id="L128"> userTable.put(user.getUserid(), user);</span> |
| <span class="fc" id="L129"> log.debug("Loading user credentials for user: " + user.getUserid());</span> |
| <span class="fc" id="L130"> }</span> |
| <span class="nc" id="L131"> } catch (IOException ex) {</span> |
| <span class="nc" id="L132"> log.warn("io exception", ex);</span> |
| } finally { |
| <span class="pc bpc" id="L134" title="5 of 6 branches missed."> if (stream != null) {</span> |
| <span class="pc" id="L135"> stream.close();</span> |
| } |
| } |
| <span class="fc" id="L138"> }</span> |
| |
| /** |
| * |
| * @param userID |
| * @param credential |
| */ |
| public String authenticate(String userID, String credential) |
| throws AuthenticationException, FatalErrorException { |
| // a userID must be specified. |
| <span class="pc bpc" id="L148" title="1 of 2 branches missed."> if (userID == null) {</span> |
| <span class="nc" id="L149"> throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidUserId"));</span> |
| } |
| |
| // credential (password) must be specified. |
| <span class="pc bpc" id="L153" title="1 of 2 branches missed."> if (credential == null) {</span> |
| <span class="nc" id="L154"> throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidCredentials"));</span> |
| } |
| |
| <span class="pc bpc" id="L157" title="1 of 2 branches missed."> if (userTable.containsKey(userID)) {</span> |
| <span class="fc" id="L158"> User user = (User) userTable.get(userID);</span> |
| <span class="pc bpc" id="L159" title="1 of 4 branches missed."> if ((user.getPassword() == null) || (!credential.equals(user.getPassword()))) {</span> |
| <span class="fc" id="L160"> throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidCredentials"));</span> |
| } |
| <span class="fc" id="L162"> } else {</span> |
| <span class="nc" id="L163"> throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidUserId", userID));</span> |
| } |
| |
| <span class="fc" id="L166"> int MaxBindingsPerService = -1;</span> |
| <span class="fc" id="L167"> int MaxServicesPerBusiness = -1;</span> |
| <span class="fc" id="L168"> int MaxTmodels = -1;</span> |
| <span class="fc" id="L169"> int MaxBusinesses = -1;</span> |
| try { |
| <span class="fc" id="L171"> MaxBindingsPerService = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BINDINGS_PER_SERVICE, -1);</span> |
| <span class="fc" id="L172"> MaxServicesPerBusiness = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_SERVICES_PER_BUSINESS, -1);</span> |
| <span class="fc" id="L173"> MaxTmodels = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_TMODELS_PER_PUBLISHER, -1);</span> |
| <span class="fc" id="L174"> MaxBusinesses = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BUSINESSES_PER_PUBLISHER, -1);</span> |
| <span class="nc" id="L175"> } catch (Exception ex) {</span> |
| <span class="nc" id="L176"> MaxBindingsPerService = -1;</span> |
| <span class="nc" id="L177"> MaxServicesPerBusiness = -1;</span> |
| <span class="nc" id="L178"> MaxTmodels = -1;</span> |
| <span class="nc" id="L179"> MaxBusinesses = -1;</span> |
| <span class="nc" id="L180"> log.error("config exception! " + userID, ex);</span> |
| <span class="fc" id="L181"> }</span> |
| <span class="fc" id="L182"> EntityManager em = PersistenceManager.getEntityManager();</span> |
| <span class="fc" id="L183"> EntityTransaction tx = em.getTransaction();</span> |
| try { |
| <span class="fc" id="L185"> tx.begin();</span> |
| <span class="fc" id="L186"> Publisher publisher = em.find(Publisher.class, userID);</span> |
| <span class="pc bpc" id="L187" title="1 of 2 branches missed."> if (publisher == null) {</span> |
| <span class="nc" id="L188"> log.warn("Publisher \"" + userID + "\" was not found in the database, adding the publisher in on the fly.");</span> |
| <span class="nc" id="L189"> publisher = new Publisher();</span> |
| <span class="nc" id="L190"> publisher.setAuthorizedName(userID);</span> |
| <span class="nc" id="L191"> publisher.setIsAdmin("false");</span> |
| <span class="nc" id="L192"> publisher.setIsEnabled("true");</span> |
| <span class="nc" id="L193"> publisher.setMaxBindingsPerService(MaxBindingsPerService);</span> |
| <span class="nc" id="L194"> publisher.setMaxBusinesses(MaxBusinesses);</span> |
| <span class="nc" id="L195"> publisher.setMaxServicesPerBusiness(MaxServicesPerBusiness);</span> |
| <span class="nc" id="L196"> publisher.setMaxTmodels(MaxTmodels);</span> |
| <span class="nc" id="L197"> publisher.setPublisherName("Unknown");</span> |
| <span class="nc" id="L198"> em.persist(publisher);</span> |
| <span class="nc" id="L199"> tx.commit();</span> |
| } |
| } finally { |
| <span class="pc bpc" id="L202" title="3 of 4 branches missed."> if (tx.isActive()) {</span> |
| <span class="pc" id="L203"> tx.rollback();</span> |
| } |
| <span class="pc" id="L205"> em.close();</span> |
| <span class="fc" id="L206"> }</span> |
| <span class="fc" id="L207"> return userID;</span> |
| } |
| |
| @Override |
| public UddiEntityPublisher identify(String authInfo, String authorizedName, WebServiceContext ctx) throws AuthenticationException { |
| |
| <span class="nc" id="L213"> EntityManager em = PersistenceManager.getEntityManager();</span> |
| <span class="nc" id="L214"> EntityTransaction tx = em.getTransaction();</span> |
| try { |
| <span class="nc" id="L216"> tx.begin();</span> |
| <span class="nc" id="L217"> Publisher publisher = em.find(Publisher.class, authorizedName);</span> |
| <span class="nc bnc" id="L218" title="All 2 branches missed."> if (publisher == null) {</span> |
| <span class="nc" id="L219"> throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));</span> |
| } |
| |
| <span class="nc" id="L222"> return publisher;</span> |
| } finally { |
| <span class="nc bnc" id="L224" title="All 4 branches missed."> if (tx.isActive()) {</span> |
| <span class="nc" id="L225"> tx.rollback();</span> |
| } |
| <span class="nc" id="L227"> em.close();</span> |
| } |
| |
| } |
| |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.jacoco.org/jacoco">JaCoCo</a> 0.7.9.201702052155</span></div></body></html> |