package org.apache.beehive.wsm.axis.security.model;
/*
* DropInDeploymentHandler.java
*
* Copyright 2001-2004 The Apache Software Foundation.
*
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
import java.util.Collection;
import org.apache.beehive.wsm.axis.security.SecurityModel ;
import org.apache.axis.MessageContext;
import org.apache.axis.components.logger.LogFactory;
import org.apache.axis.security.AuthenticatedUser;
import org.apache.axis.security.SecurityProvider;
import org.apache.axis.security.simple.SimpleSecurityProvider;
import org.apache.axis.security.servlet.ServletSecurityProvider;
import org.apache.log4j.Logger;
public class AxisSecurityModel implements SecurityModel {
protected static Logger logger = Logger.getLogger(AxisSecurityModel.class);
public void init ( MessageContext msgContext )
{
// do nothing
}
/**
* mostly copied from org/apache/axis/handlers/SimpleAuthenticationHandler.java
*/
public boolean isUserInRole ( MessageContext msgContext, Collection<String> rolesAllowed ){
if (logger.isDebugEnabled()) {
logger.debug("Enter: AxisSecurityModel::isUserInRole");
}
SecurityProvider provider = (SecurityProvider)msgContext.getProperty(MessageContext.SECURITY_PROVIDER);
if ( provider instanceof ServletSecurityProvider )
{
// SecurityProvider must not be an instance of ServletSecurityProvider for AxisSecurityModel.
// Thus, provides SimpleSecurityProvider forcelly.
provider = new SimpleSecurityProvider();
}
if (provider != null) {
String userID = msgContext.getUsername();
if (logger.isDebugEnabled()) {
logger.debug("user : " + userID );
}
// in order to authenticate, the user must exist
if ( userID == null || userID.equals("") )
{
logger.debug("userID is null");
return false;
}
String passwd = msgContext.getPassword();
if (logger.isDebugEnabled()) {
logger.debug("password : " + passwd );
}
AuthenticatedUser authUser = provider.authenticate(msgContext);
// if a password is defined, then it must match
if ( authUser == null) {
logger.debug("authuser is null");
return false;
}
for ( String role : rolesAllowed )
{
if (provider.userMatches( authUser, role ) )
{
// BINGO !!
if (logger.isDebugEnabled()) {
logger.debug( "auth : " + userID + " is in role [" + role + "]");
}
msgContext.setProperty(SecurityModel.BEEHIVE_AUTHUSER, authUser);
return true;
}
}
}
if (logger.isDebugEnabled()) {
logger.debug("Exit: AxisSecurityModel::isUserInRole");
}
return false;
}
}