1/*2 * Copyright 2000-2001,2004 The Apache Software Foundation.3 * 4 * Licensed under the Apache License, Version 2.0 (the "License");5 * you may not use this file except in compliance with the License.6 * You may obtain a copy of the License at7 * 8 * http://www.apache.org/licenses/LICENSE-2.09 * 10 * Unless required by applicable law or agreed to in writing, software11 * distributed under the License is distributed on an "AS IS" BASIS,12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.13 * See the License for the specific language governing permissions and14 * limitations under the License.15 */1617packageorg.apache.jetspeed.services.security.nosecurity;
1819import org.apache.turbine.services.TurbineBaseService;
20import org.apache.turbine.services.TurbineServices;
21import org.apache.turbine.services.InitializationException;
2223import org.apache.jetspeed.services.security.PortalAuthentication;
24import org.apache.jetspeed.services.security.LoginException;
2526import org.apache.jetspeed.services.JetspeedSecurity;
27import org.apache.jetspeed.om.security.JetspeedUser;
2829import org.apache.jetspeed.services.security.FailedLoginException;
30import org.apache.jetspeed.services.rundata.JetspeedRunDataService;
31import org.apache.jetspeed.services.rundata.JetspeedRunData;
32import org.apache.jetspeed.services.security.nosecurity.FakeJetspeedUser;
33import org.apache.turbine.services.rundata.RunDataService;
3435/***36 * <p> The <code>NoAuthentication</code> class is a Jetspeed37 * security provider, implementing the <code>PortalAuthentication</code> interface.38 * It provides no authentication - all login attempts are allowed.39 *40 * @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>41 * @version $Id: NoAuthentication.java,v 1.3 2004/02/23 03:53:24 jford Exp $42 */43publicclassNoAuthentication44extends TurbineBaseService
45 implements PortalAuthentication46 {
47/*** The JetspeedRunData Service. */48privateJetspeedRunDataService m_runDataService = null;
4950/***51 * Given a public credential(username) and private credential(password), 52 * perform authentication. If authentication succeeds, a <code>JetspeedUser</code> 53 * is returned representing the authenticated subject.54 *55 * @param username a public credential of the subject to be authenticated.56 * @param password a private credentialof the subject to be authenticated.57 * @return a <code>JetspeedUser</code> object representing the authenticated subject.58 * @exception LoginException when general security provider failure.59 * @exception FailedLoginException when the authentication failed.60 * @exception AccountExpiredException when the subject's account is expired.61 * @exception CredentialExpiredException when the subject's credential is expired.62 */63publicJetspeedUser login(String username, String password)
64 throws LoginException65 {
66// we let anyone in!67if (false) thrownew FailedLoginException("Invalid user id or password");
6869// create a user object with this username for Jetspeed use70FakeJetspeedUser user = newFakeJetspeedUser(username, true);
7172// make it the logged in user for Jetspeed73 putUserIntoContext(user);
7475return user;
7677 } // login7879/***80 * Automatically authenticates and retrieves the portal anonymous user.81 *82 * @return a <code>JetspeedUser</code> object representing the authenticated subject.83 * @exception LoginException if the authentication fails.84 */85publicJetspeedUser getAnonymousUser()
86 throws LoginException87 {
88// create a user object with this username for Jetspeed use89FakeJetspeedUser user = newFakeJetspeedUser(JetspeedSecurity.getAnonymousUserName(), false);
9091// make it the logged in user for Jetspeed92 putUserIntoContext(user);
9394return user;
9596 } // getAnonymousUser9798/***99 * Logout the <code>JetspeedUser</code>.100 *101 * The logout procedure my may include removing/destroying102 * <code>Principal</code> and <code>Credential</code> information103 * if relevant to the security provider.104 *105 * @exception LoginException if the logout fails.106 */107publicvoid logout()
108 throws LoginException109 {
110// revert to the anon. user as the current user111 getAnonymousUser();
112113 } // logout114115/***116 * Performs late initialization. Called just before the first use of the service.117 *118 * If your class relies on early initialization, and the object it119 * expects was not received, you can use late initialization to120 * throw an exception and complain.121 *122 * @exception InitializationException, if initialization of this class was not successful.123 */124publicsynchronizedvoid init()
125 throws InitializationException
126 {
127super.init();
128129 m_runDataService =
130 (JetspeedRunDataService)TurbineServices.getInstance()
131 .getService(RunDataService.SERVICE_NAME);
132133 } // init134135////////////////////////////////////////////////////////////////////////////136137protectedJetspeedRunData getRunData()
138 {
139JetspeedRunData rundata = null;
140if (m_runDataService != null)
141 {
142 rundata = m_runDataService.getCurrentRunData();
143 }
144return rundata;
145 }
146147protectedJetspeedUser getUserFromContext()
148 {
149JetspeedRunData rundata = getRunData();
150JetspeedUser user = null;
151if (rundata != null)
152 {
153 user = (JetspeedUser)rundata.getUser();
154 }
155return user;
156 }
157158protectedJetspeedRunData putUserIntoContext(JetspeedUser user)
159 {
160JetspeedRunData rundata = getRunData();
161if (rundata != null)
162 {
163 rundata.setUser(user);
164 rundata.save();
165 }
166return rundata;
167 }
168 }
169