View Javadoc

1   /*
2    * Copyright 2000-2001,2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.apache.jetspeed.services.security.nosecurity;
18  
19  import org.apache.turbine.services.TurbineBaseService;
20  import org.apache.turbine.services.TurbineServices;
21  import org.apache.turbine.services.InitializationException;
22  
23  import org.apache.jetspeed.services.security.PortalAuthentication;
24  import org.apache.jetspeed.services.security.LoginException;
25  
26  import org.apache.jetspeed.services.JetspeedSecurity;
27  import org.apache.jetspeed.om.security.JetspeedUser;
28  
29  import org.apache.jetspeed.services.security.FailedLoginException;
30  import org.apache.jetspeed.services.rundata.JetspeedRunDataService;
31  import org.apache.jetspeed.services.rundata.JetspeedRunData;
32  import org.apache.jetspeed.services.security.nosecurity.FakeJetspeedUser;
33  import org.apache.turbine.services.rundata.RunDataService;
34  
35  /***
36   * <p> The <code>NoAuthentication</code> class is a Jetspeed
37   * security provider, implementing the <code>PortalAuthentication</code> interface.
38   * It provides no authentication - all login attempts are allowed.
39   *
40   * @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
41   * @version $Id: NoAuthentication.java,v 1.3 2004/02/23 03:53:24 jford Exp $
42   */
43  public class NoAuthentication
44      extends TurbineBaseService
45      implements PortalAuthentication
46  {
47      /*** The JetspeedRunData Service. */
48      private JetspeedRunDataService m_runDataService = null;
49  
50      /***
51       * Given a public credential(username) and private credential(password), 
52       * perform authentication. If authentication succeeds, a <code>JetspeedUser</code> 
53       * is returned representing the authenticated subject.
54       *
55       * @param username a public credential of the subject to be authenticated.
56       * @param password a private credentialof the subject to be authenticated.
57       * @return a <code>JetspeedUser</code> object representing the authenticated subject.
58       * @exception LoginException when general security provider failure.
59       * @exception FailedLoginException when the authentication failed.
60       * @exception AccountExpiredException when the subject's account is expired.
61       * @exception CredentialExpiredException when the subject's credential is expired.
62       */
63      public JetspeedUser login(String username, String password)
64          throws LoginException
65      {
66          // we let anyone in!
67          if (false) throw new FailedLoginException("Invalid user id or password");
68  
69          // create a user object with this username for Jetspeed use
70          FakeJetspeedUser user = new FakeJetspeedUser(username, true);
71  
72          // make it the logged in user for Jetspeed
73          putUserIntoContext(user);
74  
75          return user;
76          
77      }   // login
78  
79      /***
80       * Automatically authenticates and retrieves the portal anonymous user.
81       *
82       * @return a <code>JetspeedUser</code> object representing the authenticated subject.
83       * @exception LoginException if the authentication fails.
84       */
85      public JetspeedUser getAnonymousUser()
86          throws LoginException
87      {
88          // create a user object with this username for Jetspeed use
89          FakeJetspeedUser user = new FakeJetspeedUser(JetspeedSecurity.getAnonymousUserName(), false);
90  
91          // make it the logged in user for Jetspeed
92          putUserIntoContext(user);
93  
94          return user;
95  
96      }   // getAnonymousUser
97  
98      /***
99       * Logout the <code>JetspeedUser</code>.
100      *
101      * The logout procedure my may include removing/destroying
102      * <code>Principal</code> and <code>Credential</code> information
103      * if relevant to the security provider.
104      *
105      * @exception LoginException if the logout fails.
106      */
107     public void logout()
108         throws LoginException
109     {
110         // revert to the anon. user as the current user
111         getAnonymousUser();
112 
113     }   // logout
114 
115     /***
116     * Performs late initialization.  Called just before the first use of the service.
117     *
118     * If your class relies on early initialization, and the object it
119     * expects was not received, you can use late initialization to
120     * throw an exception and complain.
121     *
122     * @exception InitializationException, if initialization of this class was not successful.
123     */
124     public synchronized void init() 
125         throws InitializationException 
126     {
127         super.init();
128 
129         m_runDataService =
130             (JetspeedRunDataService)TurbineServices.getInstance()
131                 .getService(RunDataService.SERVICE_NAME);
132 
133      }  // init
134 
135     ////////////////////////////////////////////////////////////////////////////
136 
137     protected JetspeedRunData getRunData()
138     {
139         JetspeedRunData rundata = null;
140         if (m_runDataService != null)
141         {
142             rundata = m_runDataService.getCurrentRunData();
143         }
144         return rundata;
145     }
146 
147     protected JetspeedUser getUserFromContext()
148     {
149         JetspeedRunData rundata = getRunData();
150         JetspeedUser user = null;
151         if (rundata != null)
152         {
153             user = (JetspeedUser)rundata.getUser();
154         }
155         return user;
156     }
157 
158     protected JetspeedRunData putUserIntoContext(JetspeedUser user)
159     {
160         JetspeedRunData rundata = getRunData();
161         if (rundata != null)
162         {
163             rundata.setUser(user);
164             rundata.save();
165         }
166         return rundata;
167     }
168 }
169