View Javadoc
1   /*
2    * Copyright 2001-2008 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   */
17  package org.apache.juddi.v3.auth;
18  
19  import javax.persistence.EntityManager;
20  import javax.persistence.EntityTransaction;
21  import javax.xml.ws.WebServiceContext;
22  
23  import org.apache.commons.logging.Log;
24  import org.apache.commons.logging.LogFactory;
25  import org.apache.juddi.config.AppConfig;
26  import org.apache.juddi.config.PersistenceManager;
27  import org.apache.juddi.config.Property;
28  import org.apache.juddi.model.Publisher;
29  import org.apache.juddi.model.UddiEntityPublisher;
30  import org.apache.juddi.v3.error.AuthenticationException;
31  import org.apache.juddi.v3.error.ErrorMessage;
32  import org.apache.juddi.v3.error.UnknownUserException;
33  
34  /**
35   * This is the default implementation of jUDDI's Authenticator interface. If the
36   * user id does not have an associated publisher, it adds the publisher. Please
37   * do NOT use this class in production.
38   *
39   * @author Steve Viens (sviens@apache.org)
40   * @author <a href="mailto:kstam@apache.org">Kurt T Stam</a>
41   * @author <a href="mailto:jfaath@apache.org">Jeff Faath</a>
42   */
43  public class JUDDIAuthenticator implements Authenticator {
44  
45          private Log log = LogFactory.getLog(this.getClass());
46  
47         /**
48          * @return the userId that came in on the request providing the user has
49           * a publishing account in jUDDI.
50          * @param authorizedName
51          * @param credential
52          * @return authorizedName
53          * @throws AuthenticationException 
54          */
55          public String authenticate(String authorizedName, String credential) throws AuthenticationException {
56                  if (authorizedName == null || "".equals(authorizedName)) {
57                          throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));
58                  }
59                  log.warn("DO NOT USE JUDDI AUTHENTICATOR FOR PRODUCTION SYSTEMS - DOES NOT VALIDATE PASSWORDS, AT ALL!");
60                  int MaxBindingsPerService = -1;
61                  int MaxServicesPerBusiness = -1;
62                  int MaxTmodels = -1;
63                  int MaxBusinesses = -1;
64                  try {
65                          MaxBindingsPerService = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BINDINGS_PER_SERVICE, -1);
66                          MaxServicesPerBusiness = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_SERVICES_PER_BUSINESS, -1);
67                          MaxTmodels = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_TMODELS_PER_PUBLISHER, -1);
68                          MaxBusinesses = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BUSINESSES_PER_PUBLISHER, -1);
69                  } catch (Exception ex) {
70                          MaxBindingsPerService = -1;
71                          MaxServicesPerBusiness = -1;
72                          MaxTmodels = -1;
73                          MaxBusinesses = -1;
74                          log.error("config exception! " + authorizedName, ex);
75                  }
76                  EntityManager em = PersistenceManager.getEntityManager();
77                  EntityTransaction tx = em.getTransaction();
78                  try {
79                          tx.begin();
80                          Publisher publisher = em.find(Publisher.class, authorizedName);
81                          if (publisher == null) {
82                                  log.warn("Publisher \"" + authorizedName + "\" was not found, adding the publisher in on the fly.");
83                                  publisher = new Publisher();
84                                  publisher.setAuthorizedName(authorizedName);
85                                  publisher.setIsAdmin("false");
86                                  publisher.setIsEnabled("true");
87                                  publisher.setMaxBindingsPerService(MaxBindingsPerService);
88                                  publisher.setMaxBusinesses(MaxBusinesses);
89                                  publisher.setMaxServicesPerBusiness(MaxServicesPerBusiness);
90                                  publisher.setMaxTmodels(MaxTmodels);
91                                  publisher.setPublisherName("Unknown");
92                                  em.persist(publisher);
93                                  tx.commit();
94                          }
95                          return authorizedName;
96                  } finally {
97                          if (tx.isActive()) {
98                                  tx.rollback();
99                          }
100                         em.close();
101                 }
102         }
103 
104         public UddiEntityPublisher identify(String authInfo, String authorizedName, WebServiceContext ctx) throws AuthenticationException {
105                 EntityManager em = PersistenceManager.getEntityManager();
106                 EntityTransaction tx = em.getTransaction();
107                 try {
108                         tx.begin();
109                         Publisher publisher = em.find(Publisher.class, authorizedName);
110                         if (publisher == null) {
111                                 throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));
112                         }
113 
114                         return publisher;
115                 } finally {
116                         if (tx.isActive()) {
117                                 tx.rollback();
118                         }
119                         em.close();
120                 }
121         }
122 }