View Javadoc

1   /*
2    * Copyright 2000-2001,2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.apache.jetspeed.services.security.nosecurity;
18  
19  import java.util.Vector;
20  import java.util.Iterator;
21  import java.security.Principal;
22  
23  // Turbine 
24  import org.apache.turbine.services.TurbineBaseService;
25  
26  
27  // Jetspeed Security
28  import org.apache.jetspeed.om.security.JetspeedUser;
29  
30  import org.apache.jetspeed.services.security.UserManagement;
31  import org.apache.jetspeed.services.security.nosecurity.FakeJetspeedUser;
32  
33  import org.apache.jetspeed.services.security.CredentialsManagement;
34  import org.apache.jetspeed.services.security.JetspeedSecurityException;
35  
36  /***
37   * <p> The <code>NoUserManagement</code> class is a Jetspeed
38   * security provider, implementing the <code>UserManagement</code> and <code>CredentialsManagement</code>
39   * interfaces.  It does not manage any users - no users are listed, no users are saved, any
40   * request for a user is satisfied with a temp. User object.
41   *
42   * @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
43   * @version $Id: NoUserManagement.java,v 1.2 2004/02/23 03:53:24 jford Exp $
44   */
45  public class NoUserManagement
46      extends TurbineBaseService
47     implements UserManagement, CredentialsManagement
48  {
49      /***
50       * Retrieves a <code>JetspeedUser</code> given the primary principle.
51       * The principal can be any valid Jetspeed Security Principal:
52       *   <code>org.apache.jetspeed.om.security.UserNamePrincipal</code>
53       *   <code>org.apache.jetspeed.om.security.UserIdPrincipal</code>
54       *   
55       * The security service may optionally check the current user context
56       * to determine if the requestor has permission to perform this action.
57       *
58       * @param principal a principal identity to be retrieved.
59       * @return a <code>JetspeedUser</code> associated to the principal identity.
60       * @exception UserException when the security provider has a general failure retrieving a user.
61       * @exception UnknownUserException when the security provider cannot match
62       *            the principal identity to a user.
63       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
64       */
65      public JetspeedUser getUser(Principal principal)
66          throws JetspeedSecurityException
67      {
68          // create a user object with this username for Jetspeed use
69          FakeJetspeedUser user = new FakeJetspeedUser(principal.getName(), false);
70          return user;
71      }
72  
73      /***
74       * Retrieves a collection of all <code>JetspeedUser</code>s.
75       * The security service may optionally check the current user context
76       * to determine if the requestor has permission to perform this action.
77       *
78       * @return a collection of <code>JetspeedUser</code> entities.
79       * @exception UserException when the security provider has a general failure retrieving users.
80       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
81       */
82      public Iterator getUsers()
83          throws JetspeedSecurityException
84      {
85          return new Vector().iterator();
86      }
87  
88      /***
89       * Retrieves a collection of <code>JetspeedUser</code>s filtered by a security 
90       * provider-specific query string. For example SQL, OQL, JDOQL.
91       * The security service may optionally check the current user context
92       * to determine if the requestor has permission to perform this action.
93       *
94       * @return a collection of <code>JetspeedUser</code> entities.
95       * @exception UserException when the security provider has a general failure retrieving users.
96       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
97       */
98      public Iterator getUsers(String filter)
99          throws JetspeedSecurityException
100     {
101         return new Vector().iterator();
102     }
103 
104     /***
105      * Saves a <code>JetspeedUser</code>'s attributes into permanent storage. 
106      * The user's account is required to exist in the storage.
107      * The security service may optionally check the current user context
108      * to determine if the requestor has permission to perform this action.
109      *
110      * @exception UserException when the security provider has a general failure retrieving users.
111      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
112      */
113     public void saveUser(JetspeedUser user)
114         throws JetspeedSecurityException
115     {
116     }
117 
118     /***
119      * Adds a <code>JetspeedUser</code> into permanent storage. 
120      * The security service can throw a <code>NotUniqueUserException</code> when the public
121      * credentials fail to meet the security provider-specific unique constraints.
122      * The security service may optionally check the current user context
123      * to determine if the requestor has permission to perform this action.
124      *
125      * @exception UserException when the security provider has a general failure retrieving users.
126      * @exception NotUniqueUserException when the public credentials fail to meet 
127      *                                   the security provider-specific unique constraints.
128      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
129      */
130     public void addUser(JetspeedUser user)
131         throws JetspeedSecurityException
132     {
133     }
134 
135     /***
136      * Removes a <code>JetspeedUser</code> from the permanent store.
137      * The security service may optionally check the current user context
138      * to determine if the requestor has permission to perform this action.
139      *
140      * @param principal the principal identity to be retrieved.
141      * @exception UserException when the security provider has a general failure retrieving a user.
142      * @exception UnknownUserException when the security provider cannot match
143      *            the principal identity to a user.
144      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
145      */
146     public void removeUser(Principal principal)
147         throws JetspeedSecurityException
148     {
149     }
150 
151     /***
152      * Allows for a user to change their own password.
153      *
154      * @param user the user to change the password for.
155      * @param oldPassword the current password supplied by the user.
156      * @param newPassword the current password requested by the user.
157      * @exception UserException when the security provider has a general failure retrieving a user.
158      * @exception UnknownUserException when the security provider cannot match
159      *            the principal identity to a user.
160      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
161      */
162     public void changePassword( JetspeedUser user,
163                          String oldPassword, 
164                          String newPassword )
165         throws JetspeedSecurityException
166     {
167     }
168 
169     /***
170      * Forcibly sets new password for a User.
171      *
172      * Provides an administrator the ability to change the forgotten or
173      * compromised passwords. Certain implementatations of this feature
174      * would require administrative level access to the authenticating
175      * server / program.
176      *     
177      * @param user the user to change the password for.
178      * @param password the new password.   
179      * @exception UserException when the security provider has a general failure retrieving a user.
180      * @exception UnknownUserException when the security provider cannot match
181      *            the principal identity to a user.
182      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
183      */
184     public void forcePassword( JetspeedUser user, String password )
185         throws JetspeedSecurityException
186     {
187     }
188 
189     /***
190      * This method provides client-side encryption of passwords.
191      *
192      * If <code>secure.passwords</code> are enabled in JetspeedSecurity properties,
193      * the password will be encrypted, if not, it will be returned unchanged.
194      * The <code>secure.passwords.algorithm</code> property can be used
195      * to chose which digest algorithm should be used for performing the
196      * encryption. <code>SHA</code> is used by default.
197      *
198      * @param password the password to process
199      * @return processed password
200      */
201     public String encryptPassword( String password )
202         throws JetspeedSecurityException
203     {
204         return password;
205     }
206 }
207