1/*2 * Licensed to the Apache Software Foundation (ASF) under one or more3 * contributor license agreements. See the NOTICE file distributed with4 * this work for additional information regarding copyright ownership.5 * The ASF licenses this file to You under the Apache License, Version 2.06 * (the "License"); you may not use this file except in compliance with7 * the License. You may obtain a copy of the License at8 *9 * http://www.apache.org/licenses/LICENSE-2.010 *11 * Unless required by applicable law or agreed to in writing, software12 * distributed under the License is distributed on an "AS IS" BASIS,13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.14 * See the License for the specific language governing permissions and15 * limitations under the License.16 */17packageorg.apache.jetspeed.security;
1819import java.security.Permission;
20import java.security.PermissionCollection;
21import java.security.Principal;
22import java.util.Enumeration;
23import java.util.HashSet;
24import java.util.Iterator;
25import java.util.LinkedList;
26import java.util.List;
27import java.util.Set;
2829import javax.security.auth.Subject;
3031import org.apache.commons.logging.Log;
32import org.apache.commons.logging.LogFactory;
33import org.apache.jetspeed.security.impl.PrincipalsSet;
34import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
35import org.apache.jetspeed.security.impl.RolePrincipalImpl;
36import org.apache.jetspeed.security.impl.UserPrincipalImpl;
3738/***39 * <p>40 * Security helper.41 * </p>42 * 43 * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>44 * @version $Id: SecurityHelper.java 517121 2007-03-12 07:45:49Z ate $45 */46publicclassSecurityHelper47 {
48privatestaticfinal Log log = LogFactory.getLog(SecurityHelper.class);
4950/***51 * <p>52 * Given a subject, finds the first principal of the given classe for that subject. If a53 * principal of the given classe is not found, null is returned.54 * </p>55 * 56 * @param subject The subject supplying the principals.57 * @param classe A class or interface derived from java.security.InternalPrincipal.58 * @return The first principal matching a principal classe parameter.59 */60publicstatic Principal getPrincipal(Subject subject, Class classe)
61 {
62 Principal principal = null;
63 Set principalList = subject.getPrincipals();
64if (principalList != null)
65 {
66 Iterator principals = subject.getPrincipals().iterator();
67while (principals.hasNext())
68 {
69 Principal p = (Principal) principals.next();
70if (classe.isInstance(p))
71 {
72 principal = p;
73break;
74 }
75 }
76 }
77return principal;
78 }
7980/***81 * <p>82 * Given a subject, finds the first principal of the given classe for that subject. If a83 * principal of the given classe is not found, then the first other principal is returned. If84 * the list is empty, null is returned.85 * </p>86 * 87 * @param subject The subject supplying the principals.88 * @param classe A class or interface derived from java.security.InternalPrincipal.89 * @return The first principal matching a principal classe parameter.90 */91publicstatic Principal getBestPrincipal(Subject subject, Class classe)
92 {
9394 Principal principal = null;
95 Iterator principals = subject.getPrincipals().iterator();
96while (principals.hasNext())
97 {
98 Principal p = (Principal) principals.next();
99if (classe.isInstance(p))
100 {
101 principal = p;
102break;
103 }
104else105 {
106if (principal == null)
107 {
108 principal = p;
109 }
110 }
111 }
112return principal;
113 }
114115/***116 * <p>117 * Returns the first matching principal of a given type.118 * </p>119 * 120 * @param principals The array of pricinpals121 * @param classe The class of Principal122 * @return The principal.123 */124publicstatic Principal getBestPrincipal(Principal[] principals, Class classe)
125 {
126127 Principal principal = null;
128for (int i = 0; i < principals.length; i++)
129 {
130 Principal p = principals[i];
131if (classe.isInstance(p))
132 {
133 principal = p;
134break;
135 }
136else137 {
138if (principal == null)
139 {
140 principal = p;
141 }
142 }
143 }
144return principal;
145 }
146147/***148 * <p>149 * Utility method used to retrieve the Preferences API absolute/full path from a given150 * principal.151 * </p>152 * 153 * @param principal The principal.154 * @return The Preferences absolute/full path.155 */156publicstatic String getPreferencesFullPath(Principal principal)
157 {
158159if ((UserPrincipal.class).isInstance(principal))
160 {
161return UserPrincipalImpl.getFullPathFromPrincipalName(principal.getName());
162 }
163elseif ((RolePrincipal.class).isInstance(principal))
164 {
165return RolePrincipalImpl.getFullPathFromPrincipalName(principal.getName());
166 }
167elseif ((GroupPrincipal.class).isInstance(principal))
168 {
169return GroupPrincipalImpl.getFullPathFromPrincipalName(principal.getName());
170 }
171else172 {
173returnnull;
174 }
175 }
176177/***178 * <p>179 * Utility method to create a subject.180 * </p>181 * 182 * @param principalName The user principal name.183 * @return The subject.184 */185publicstatic Subject createSubject(String principalName)
186 {
187 Principal principal = newUserPrincipalImpl(principalName);
188 Set principals = newPrincipalsSet();
189 principals.add(principal);
190returnnew Subject(true, principals, new HashSet(), new HashSet());
191 }
192193/***194 * <p>195 * Given a subject, finds all principals of the given classe for that subject. If no principals196 * of the given class is not found, null is returned.197 * </p>198 * 199 * @param subject The subject supplying the principals.200 * @param classe A class or interface derived from java.security.InternalPrincipal.201 * @return A List of all principals of type Principal matching a principal classe parameter.202 */203publicstatic List getPrincipals(Subject subject, Class classe)
204 {
205 List result = new LinkedList();
206 Iterator principals = subject.getPrincipals().iterator();
207while (principals.hasNext())
208 {
209 Principal p = (Principal) principals.next();
210if (classe.isInstance(p))
211 {
212 result.add(p);
213 }
214 }
215return result;
216 }
217218/***219 * <p>220 * Given a subject, find the (first) PasswordCredential from the private credentials221 * </p>222 * 223 * @param subject The subject224 * @return the PasswordCredential or null if not found.225 */226publicstatic PasswordCredential getPasswordCredential(Subject subject)
227 {
228 Iterator iter = subject.getPrivateCredentials().iterator();
229while (iter.hasNext())
230 {
231 Object o = iter.next();
232if (o instanceof PasswordCredential)
233 {
234return (PasswordCredential) o;
235 }
236 }
237returnnull;
238 }
239240/***241 * <p>242 * Adds a collection of permsToAdd to a collection of existing permissions.243 * </p>244 * 245 * @param perms The existing permissions.246 * @param permsToAdd The permissions to add.247 */248publicstaticvoid addPermissions(PermissionCollection perms, PermissionCollection permsToAdd)
249 {
250int permsAdded = 0;
251if (null != permsToAdd)
252 {
253 Enumeration permsToAddEnum = permsToAdd.elements();
254while (permsToAddEnum.hasMoreElements())
255 {
256 permsAdded++;
257 Permission currPerm = (Permission) permsToAddEnum.nextElement();
258 perms.add(currPerm);
259if (log.isDebugEnabled())
260 {
261 log.debug("Adding the permission: [class, " + currPerm.getClass().getName() + "], " + "[name, "262 + currPerm.getName() + "], " + "[actions, " + currPerm.getActions() + "]");
263 }
264 }
265 }
266if ((permsAdded == 0) && log.isDebugEnabled())
267 {
268 log.debug("No permissions to add...");
269 }
270 }
271272publicstatic Principal createPrincipalFromFullPath(String fullPath)
273 {
274 Principal principal = null;
275if (fullPath.startsWith(BasePrincipal.PREFS_ROLE_ROOT))
276 {
277 String name = RolePrincipalImpl.getPrincipalNameFromFullPath(fullPath);
278 principal = newRolePrincipalImpl(name);
279 }
280elseif (fullPath.startsWith(BasePrincipal.PREFS_USER_ROOT))
281 {
282 String name = UserPrincipalImpl.getPrincipalNameFromFullPath(fullPath);
283 principal = newUserPrincipalImpl(name);
284 }
285elseif (fullPath.startsWith(BasePrincipal.PREFS_GROUP_ROOT))
286 {
287 String name = GroupPrincipalImpl.getPrincipalNameFromFullPath(fullPath);
288 principal = newGroupPrincipalImpl(name);
289290 }
291return principal;
292 }
293 }