File Source: CustomUserRegistry.java
1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. The ASF licenses this file to You
4 * under the Apache License, Version 2.0 (the "License"); you may not
5 * use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License. For additional information regarding
15 * copyright in this work, please see the NOTICE file in the top level
16 * directory of this distribution.
17 */
18 package org.apache.roller.weblogger.ui.core.security;
19
20 import java.util.Locale;
21 import java.util.TimeZone;
22
23 import javax.naming.NamingException;
24 import javax.naming.directory.Attribute;
25 import javax.naming.directory.Attributes;
26
27 import org.acegisecurity.Authentication;
28 import org.acegisecurity.context.SecurityContextHolder;
29 import org.acegisecurity.userdetails.UserDetails;
30 import org.acegisecurity.userdetails.ldap.LdapUserDetails;
31 import org.apache.commons.logging.Log;
32 import org.apache.commons.logging.LogFactory;
33 import org.apache.roller.weblogger.config.WebloggerConfig;
34 import org.apache.roller.weblogger.pojos.User;
35
36 /**
37 * @author Elias Torres (<a href="mailto:eliast@us.ibm.com">eliast@us.ibm.com</a>)
38 *
39 */
/*
P/P * Method: void org.apache.roller.weblogger.ui.core.security.CustomUserRegistry()
*/
40 public class CustomUserRegistry {
41
/*
P/P * Method: org.apache.roller.weblogger.ui.core.security.CustomUserRegistry__static_init
*
* Postconditions:
* DEFAULT_EMAIL_LDAP_ATTRIBUTE == &"mail"
* DEFAULT_LOCALE_LDAP_ATTRIBUTE == &"locale"
* DEFAULT_NAME_LDAP_ATTRIBUTE == &"cn"
* DEFAULT_SNAME_LDAP_ATTRIBUTE == &"screenname"
* DEFAULT_TIMEZONE_LDAP_ATTRIBUTE == &"timezone"
* EMAIL_LDAP_PROPERTY == &"users.sso.registry.ldap.attributes.email"
* LOCALE_LDAP_PROPERTY == &"users.sso.registry.ldap.attributes.locale"
* NAME_LDAP_PROPERTY == &"users.sso.registry.ldap.attributes.name"
* SNAME_LDAP_PROPERTY == &"users.sso.registry.ldap.attributes.screenname"
* TIMEZONE_LDAP_PROPERTY == &"users.sso.registry.ldap.attributes.timezone"
* ...
*/
42 private static Log log = LogFactory.getLog(CustomUserRegistry.class);
43
44 private static String DEFAULT_SNAME_LDAP_ATTRIBUTE = "screenname";
45 private static String DEFAULT_NAME_LDAP_ATTRIBUTE = "cn";
46 private static String DEFAULT_EMAIL_LDAP_ATTRIBUTE = "mail";
47 private static String DEFAULT_LOCALE_LDAP_ATTRIBUTE = "locale";
48 private static String DEFAULT_TIMEZONE_LDAP_ATTRIBUTE = "timezone";
49
50 private static String SNAME_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.screenname";
51 private static String NAME_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.name";
52 private static String EMAIL_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.email";
53 private static String LOCALE_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.locale";
54 private static String TIMEZONE_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.timezone";
55
56 public static User getUserDetailsFromAuthentication() {
/*
P/P * Method: User getUserDetailsFromAuthentication()
*
* Preconditions:
* (soft) init'ed(DEFAULT_EMAIL_LDAP_ATTRIBUTE)
* (soft) init'ed(DEFAULT_LOCALE_LDAP_ATTRIBUTE)
* (soft) init'ed(DEFAULT_NAME_LDAP_ATTRIBUTE)
* (soft) init'ed(DEFAULT_SNAME_LDAP_ATTRIBUTE)
* (soft) init'ed(DEFAULT_TIMEZONE_LDAP_ATTRIBUTE)
* (soft) init'ed(EMAIL_LDAP_PROPERTY)
* (soft) init'ed(LOCALE_LDAP_PROPERTY)
* (soft) init'ed(NAME_LDAP_PROPERTY)
* (soft) init'ed(SNAME_LDAP_PROPERTY)
* (soft) init'ed(TIMEZONE_LDAP_PROPERTY)
* ...
*
* Presumptions:
* init'ed(java.lang.Boolean.FALSE)
* init'ed(java.lang.Boolean.TRUE)
* java.util.Locale:getDefault(...)@98 != null
* java.util.TimeZone:getDefault(...)@99 != null
* org.acegisecurity.context.SecurityContextHolder:getContext(...)@63 != null
*
* Postconditions:
* return_value in Addr_Set{null,&new User(getUserDetailsFromAuthentication#1)}
* new User(getUserDetailsFromAuthentication#1) num objects <= 1
*
* Test Vectors:
* getLocale(...)@115: Addr_Set{null}, Inverse{null}
* getTimeZone(...)@111: Addr_Set{null}, Inverse{null}
* org.acegisecurity.Authentication:getPrincipal(...)@70: Inverse{null}, Addr_Set{null}
* org.acegisecurity.context.SecurityContext:getAuthentication(...)@63: Inverse{null}, Addr_Set{null}
* org.acegisecurity.userdetails.UserDetails:instanceof(...)@77: {1}, {0}
* org.acegisecurity.userdetails.ldap.LdapUserDetails:instanceof(...)@119: {0}, {1}
* org.apache.roller.weblogger.config.WebloggerConfig:getBooleanProperty(...)@57: {1}, {0}
* org.apache.roller.weblogger.config.WebloggerConfig:getBooleanProperty(...)@92: {1}, {0}
*/
57 boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
58 if(!usingSSO) {
59 log.info("SSO is not enabled. Skipping CustomUserRegistry functionality.");
60 return null;
61 }
62
63 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
64
65 if(authentication == null) {
66 log.warn("No Authentication found in SecurityContextHolder.");
67 return null;
68 }
69
70 Object oPrincipal = authentication.getPrincipal();
71
72 if(oPrincipal == null) {
73 log.warn("Principal is null. Skipping auto-registration.");
74 return null;
75 }
76
77 if (!(oPrincipal instanceof UserDetails)) {
78 log.warn("Unsupported Principal type in Authentication. Skipping auto-registration.");
79 return null;
80 }
81
82 UserDetails userDetails = (UserDetails) oPrincipal;
83
84 String userName = userDetails.getUsername();
85 String password = userDetails.getPassword();
86 boolean enabled = userDetails.isEnabled();
87
88 User ud = new User();
89 ud.setId(null);
90 ud.setUserName(userName);
91
92 boolean storePassword = WebloggerConfig.getBooleanProperty("users.sso.passwords.save");
93 if(!storePassword) {
94 password = WebloggerConfig.getProperty("users.sso.passwords.defaultValue","<unknown>");
95 }
96 ud.setPassword(password);
97 ud.setEnabled(enabled ? Boolean.TRUE : Boolean.FALSE);
98 ud.setLocale(Locale.getDefault().toString());
99 ud.setTimeZone(TimeZone.getDefault().getID());
100 ud.setDateCreated(new java.util.Date());
101
102 if(userDetails instanceof RollerUserDetails) {
103 RollerUserDetails rollerDetails = (RollerUserDetails) userDetails;
104
105 ud.setScreenName(rollerDetails.getScreenName());
106
107 ud.setFullName(rollerDetails.getFullName());
108
109 //TODO: Bug here as setting email addy to a full name value?
110 ud.setEmailAddress(rollerDetails.getFullName());
111 if(rollerDetails.getTimeZone() != null) {
112 ud.setTimeZone(rollerDetails.getTimeZone());
113 }
114
115 if(rollerDetails.getLocale() != null) {
116 ud.setLocale(rollerDetails.getLocale());
117 }
118
119 } else if(userDetails instanceof LdapUserDetails) {
120 LdapUserDetails ldapDetails = (LdapUserDetails) userDetails;
121 Attributes attributes = ldapDetails.getAttributes();
122 String sname = getLdapAttribute(attributes, WebloggerConfig.getProperty(SNAME_LDAP_PROPERTY, DEFAULT_SNAME_LDAP_ATTRIBUTE));
123 String name = getLdapAttribute(attributes, WebloggerConfig.getProperty(NAME_LDAP_PROPERTY, DEFAULT_NAME_LDAP_ATTRIBUTE));
124 String email = getLdapAttribute(attributes, WebloggerConfig.getProperty(EMAIL_LDAP_PROPERTY, DEFAULT_EMAIL_LDAP_ATTRIBUTE));
125
126 ud.setScreenName(sname);
127 ud.setFullName(name);
128 ud.setEmailAddress(email);
129
130 String locale = getLdapAttribute(attributes, WebloggerConfig.getProperty(LOCALE_LDAP_PROPERTY, DEFAULT_LOCALE_LDAP_ATTRIBUTE));
131 String timezone = getLdapAttribute(attributes, WebloggerConfig.getProperty(TIMEZONE_LDAP_PROPERTY, DEFAULT_TIMEZONE_LDAP_ATTRIBUTE));
132
133 if(locale != null) {
134 ud.setLocale(locale);
135 }
136 if(timezone != null) {
137 ud.setTimeZone(timezone);
138 }
139 }
140
141 return ud;
142 }
143
144 private static String getLdapAttribute(Attributes attributes, String name) {
/*
P/P * Method: String getLdapAttribute(Attributes, String)
*
* Postconditions:
* java.lang.Object:toString(...)._tainted == 0
* return_value in Addr_Set{null,&java.lang.Object:toString(...)}
*
* Test Vectors:
* attributes: Inverse{null}, Addr_Set{null}
* javax.naming.directory.Attribute:get(...)@157: Inverse{null}, Addr_Set{null}
* javax.naming.directory.Attributes:get(...)@149: Inverse{null}, Addr_Set{null}
*/
145 if(attributes == null) {
146 return null;
147 }
148
149 Attribute attribute = attributes.get(name);
150
151 if(attribute == null) {
152 return null;
153 }
154
155 Object oValue = null;
156 try {
157 oValue = attribute.get();
158 } catch (NamingException e) {
159 return null;
160 }
161
162 if(oValue == null) {
163 return null;
164 }
165
166 return oValue.toString();
167 }
168
169 }
SofCheck Inspector Build Version : 2.18479
| CustomUserRegistry.java |
2009-Jan-02 14:25:00 |
| CustomUserRegistry.class |
2009-Sep-04 03:12:44 |