Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.benow.security
Class SecurityAdministratorImpl

java.lang.Object
  extended by org.benow.security.SecurityAdministratorImpl
All Implemented Interfaces:
SecurityAdministrator
public abstract class SecurityAdministratorImpl
extends java.lang.Object
implements SecurityAdministrator

Class resposible for authentication of users. Descendants should implement the authenticate(String,String,String) method to perform authentication of users.

Security authentication, from an application programmer perspective is done via: SecurityFactory.getAdministrator().authenticate(name,pass);

See Also:
Security

Field Summary
static java.lang.String adminName
           
 
Fields inherited from interface org.benow.security.SecurityAdministrator
DEFAULT_ADMIN_PASSWORD, DEFAULT_USER_NAME, REGISTERED_BOOTSTRAP, REGISTERED_USER_NAME
 
Constructor Summary
SecurityAdministratorImpl()
           
 
Method Summary
 void addListener(SecurityAdministratorListener listener)
          protected abstract void validateAdministrator(String name, String password) throws SecurityException;
 User authenticate(java.lang.String userName, java.lang.String password)
          Authenticated user in default application
 User authenticate(java.lang.String app, java.lang.String user, java.lang.String password)
          Authenticates user.
 Permission createPermission(java.lang.Class<?> prefix, java.lang.String suffix)
           
abstract  Permission createPermission(java.lang.Class<?> prefix, java.lang.String suffix, java.lang.String[] params)
           
 Permission createPermission(java.lang.String name)
           
 Role createRole(java.lang.Package pkg)
           
 Role createRole(java.lang.String name)
          Create a role with the given name
abstract  Role createRole(java.lang.String name, java.lang.String description)
           
 User createUser(java.lang.String name)
          Creates a new user with the given name.
protected abstract  User createUser(java.lang.String name, java.lang.String userPassword, java.lang.String description)
           
 Permission declarePermission(java.lang.Class<?> prefix, java.lang.String suffix)
          Override to persist permission
 Permission declarePermission(java.lang.Class<?> prefix, java.lang.String suffix, java.lang.String[] params)
           
 Permission declarePermission(Permission perm)
          Override to persist permission
 Permission declarePermission(java.lang.String name)
          Creates a permission with the given name.
 void deleteUser(java.lang.String name)
          Deletes the user with the given name
protected abstract  User doAuthenticate(java.lang.String app, java.lang.String user, java.lang.String password)
           
protected abstract  User doCreateUser(java.lang.String name)
           
protected  void doInit()
           
 void ensureAdminRolePermissions(java.lang.Class<?> forClass, java.lang.String[] permNames)
          Ensures the existence of the given permissions within an appropriate admin role for the class.
 User getAdministratorUser()
           
protected abstract  java.util.Collection<Role> getDeclaredRoles()
           
 User getDefaultUser()
           
abstract  Permission getPermissionFor(java.lang.String name, java.lang.String value)
           
 User getRegisteredTemplateUser()
           
 Role getRole(java.lang.Package pkg)
          Gets the admin role for the give pkg, creating if neccesary.
 Role getRole(java.lang.String name)
          Gets the declared role of the given name.
 java.util.Collection<java.lang.Class<?>> getUserModuleClasses()
          Gets the list of registered user module classes.
 void init()
          Override to do something after instantiation
 void logout()
          Logout user associated with current thread
protected  void notifyReload()
           
protected  void onDeclare(Permission perm)
          Override for goodness.
 void registerUserModuleClass(java.lang.Class<UserModule> moduleClass)
          Registers a user module class that will be included in a user when a user is created
 User validateAdministrator()
          Ensures the existence of an Administrator user having all declared roles (and hence permissions).
protected abstract  User validateAdministrator(java.lang.String name, java.lang.String password)
           
 void validateDeclaredRoles()
          Ensures the existance of registered roles.
 User validateDefaultUser()
           
static Permission validatePermissionInRole(Role toAddTo, java.lang.Class<?> permissionPrefix, java.lang.String suffix)
          Convenience method to add a permission to a role with the
 User validateRegisteredUser()
          The roles/permissions of the registered user are copied over to newly created users.
protected abstract  void validateRoles(java.util.Collection<Role> roles)
           
 void validateSecurity()
          Validates DeclaredRoles and the Administrator user.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.benow.security.SecurityAdministrator
deleteRole, deleteUser, doGetUserByEmail, getClassesWithPermissionsInPackage, getDefaultClassesWithPermissions, getPackageNamesWithPermissions, getPackageNamesWithPermissions, getPermissions, getPermissionsForClass, getRoles, getUserByModuleKey, getUserByName, getUserByRealmAndName, getUsers
 

Field Detail

adminName

public static final java.lang.String adminName
Constructor Detail

SecurityAdministratorImpl

public SecurityAdministratorImpl()
Method Detail

validatePermissionInRole

public static Permission validatePermissionInRole(Role toAddTo,
                                                  java.lang.Class<?> permissionPrefix,
                                                  java.lang.String suffix)
Convenience method to add a permission to a role with the

Parameters:
toAddTo -
permissionPrefix -
suffix -
Returns:
validated Permission

init

public final void init()
                throws java.lang.SecurityException
Override to do something after instantiation

Specified by:
init in interface SecurityAdministrator
Throws:
java.lang.SecurityException

doInit

protected void doInit()

createPermission

public Permission createPermission(java.lang.String name)
                            throws java.lang.SecurityException
Specified by:
createPermission in interface SecurityAdministrator
Throws:
java.lang.SecurityException

getPermissionFor

public abstract Permission getPermissionFor(java.lang.String name,
                                            java.lang.String value)
                                     throws java.lang.SecurityException
Specified by:
getPermissionFor in interface SecurityAdministrator
Throws:
java.lang.SecurityException

getDeclaredRoles

protected abstract java.util.Collection<Role> getDeclaredRoles()
                                                        throws java.lang.SecurityException
Throws:
java.lang.SecurityException

registerUserModuleClass

public void registerUserModuleClass(java.lang.Class<UserModule> moduleClass)
Description copied from interface: SecurityAdministrator
Registers a user module class that will be included in a user when a user is created

Specified by:
registerUserModuleClass in interface SecurityAdministrator

getRole

public Role getRole(java.lang.Package pkg)
Gets the admin role for the give pkg, creating if neccesary.

Specified by:
getRole in interface SecurityAdministrator
Parameters:
pkg -
Returns:
role for packege

getRole

public Role getRole(java.lang.String name)
             throws NoSuchRoleException
Gets the declared role of the given name. If no role is found, an exception is thrown

Specified by:
getRole in interface SecurityAdministrator
Parameters:
name -
Returns:
role with given name
Throws:
NoSuchRoleException - on no role with given name

ensureAdminRolePermissions

public void ensureAdminRolePermissions(java.lang.Class<?> forClass,
                                       java.lang.String[] permNames)
                                throws java.lang.SecurityException
Ensures the existence of the given permissions within an appropriate admin role for the class. The naming conventions are as follows:

Specified by:
ensureAdminRolePermissions in interface SecurityAdministrator
Parameters:
forClass -
permNames -
Throws:
java.lang.SecurityException

validateDeclaredRoles

public void validateDeclaredRoles()
                           throws java.lang.SecurityException
Ensures the existance of registered roles. Roles should be remembered as created. That is, the Role class should add created roles to a master list of roles. Implementing classes could add newly created static roles to a db, etc.

Specified by:
validateDeclaredRoles in interface SecurityAdministrator
Throws:
java.lang.SecurityException

validateRoles

protected abstract void validateRoles(java.util.Collection<Role> roles)
                               throws java.lang.SecurityException
Throws:
java.lang.SecurityException

validateAdministrator

public User validateAdministrator()
                           throws java.lang.SecurityException
Ensures the existence of an Administrator user having all declared roles (and hence permissions).

Name and password are pulled from the configuration if provided or admin, admin by default.

Specified by:
validateAdministrator in interface SecurityAdministrator
Throws:
java.lang.SecurityException

validateAdministrator

protected abstract User validateAdministrator(java.lang.String name,
                                              java.lang.String password)
                                       throws java.lang.SecurityException
Throws:
java.lang.SecurityException

validateDefaultUser

public User validateDefaultUser()
                         throws java.lang.SecurityException
Specified by:
validateDefaultUser in interface SecurityAdministrator
Throws:
java.lang.SecurityException

validateRegisteredUser

public User validateRegisteredUser()
                            throws java.lang.SecurityException
The roles/permissions of the registered user are copied over to newly created users.

Returns:
Throws:
java.lang.SecurityException

validateSecurity

public void validateSecurity()
                      throws java.lang.SecurityException
Validates DeclaredRoles and the Administrator user.

Specified by:
validateSecurity in interface SecurityAdministrator
Throws:
java.lang.SecurityException - on Error during validation.
See Also:
validateDeclaredRoles(), validateAdministrator()

createRole

public Role createRole(java.lang.Package pkg)
                throws java.lang.SecurityException
Specified by:
createRole in interface SecurityAdministrator
Throws:
java.lang.SecurityException

createRole

public Role createRole(java.lang.String name)
                throws java.lang.SecurityException
Description copied from interface: SecurityAdministrator
Create a role with the given name

Specified by:
createRole in interface SecurityAdministrator
Returns:
Throws:
java.lang.SecurityException

createRole

public abstract Role createRole(java.lang.String name,
                                java.lang.String description)
                         throws java.lang.SecurityException
Specified by:
createRole in interface SecurityAdministrator
Throws:
java.lang.SecurityException

createPermission

public Permission createPermission(java.lang.Class<?> prefix,
                                   java.lang.String suffix)
Specified by:
createPermission in interface SecurityAdministrator

createPermission

public abstract Permission createPermission(java.lang.Class<?> prefix,
                                            java.lang.String suffix,
                                            java.lang.String[] params)
                                     throws java.lang.SecurityException
Throws:
java.lang.SecurityException

addListener

public void addListener(SecurityAdministratorListener listener)
protected abstract void validateAdministrator(String name, String password) throws SecurityException;

notifyReload

protected void notifyReload()

authenticate

public final User authenticate(java.lang.String app,
                               java.lang.String user,
                               java.lang.String password)
                        throws java.lang.SecurityException
Authenticates user. If is running in AugmentedThread (as it should be), login retries are tracked. If there are more than 5 successive login attempts the user is throttled back, required to wait 2 seconds for each attempt over 5. Once logged in all login attempt info is forgotten.

Specified by:
authenticate in interface SecurityAdministrator
Throws:
java.lang.SecurityException

doAuthenticate

protected abstract User doAuthenticate(java.lang.String app,
                                       java.lang.String user,
                                       java.lang.String password)
                                throws java.lang.SecurityException
Throws:
java.lang.SecurityException

getUserModuleClasses

public java.util.Collection<java.lang.Class<?>> getUserModuleClasses()
Description copied from interface: SecurityAdministrator
Gets the list of registered user module classes. This list is used during population of UserModules for a given user.

Specified by:
getUserModuleClasses in interface SecurityAdministrator

declarePermission

public Permission declarePermission(java.lang.Class<?> prefix,
                                    java.lang.String suffix)
                             throws java.lang.SecurityException
Override to persist permission

Specified by:
declarePermission in interface SecurityAdministrator
Returns:
created permission
Throws:
java.lang.SecurityException

declarePermission

public Permission declarePermission(java.lang.Class<?> prefix,
                                    java.lang.String suffix,
                                    java.lang.String[] params)
                             throws java.lang.SecurityException
Specified by:
declarePermission in interface SecurityAdministrator
Throws:
java.lang.SecurityException

declarePermission

public Permission declarePermission(Permission perm)
                             throws java.lang.SecurityException
Override to persist permission

Specified by:
declarePermission in interface SecurityAdministrator
Returns:
validated permission
Throws:
java.lang.SecurityException

onDeclare

protected void onDeclare(Permission perm)
                  throws java.lang.SecurityException
Override for goodness.

Parameters:
perm -
Throws:
java.lang.SecurityException

createUser

public final User createUser(java.lang.String name)
                      throws java.lang.SecurityException
Description copied from interface: SecurityAdministrator
Creates a new user with the given name. Override this method to use a custom user implementation

Specified by:
createUser in interface SecurityAdministrator
Throws:
java.lang.SecurityException

doCreateUser

protected abstract User doCreateUser(java.lang.String name)

createUser

protected abstract User createUser(java.lang.String name,
                                   java.lang.String userPassword,
                                   java.lang.String description)
                            throws java.lang.SecurityException
Throws:
java.lang.SecurityException

getDefaultUser

public User getDefaultUser()
                    throws java.lang.SecurityException
Specified by:
getDefaultUser in interface SecurityAdministrator
Throws:
java.lang.SecurityException

declarePermission

public Permission declarePermission(java.lang.String name)
Description copied from interface: SecurityAdministrator
Creates a permission with the given name. Using the stack to resolve the prefix.

Specified by:
declarePermission in interface SecurityAdministrator
Returns:
created permission.

deleteUser

public void deleteUser(java.lang.String name)
                throws NoSuchUserException,
                       java.lang.SecurityException
Description copied from interface: SecurityAdministrator
Deletes the user with the given name

Specified by:
deleteUser in interface SecurityAdministrator
Throws:
NoSuchUserException
java.lang.SecurityException

getAdministratorUser

public User getAdministratorUser()
Specified by:
getAdministratorUser in interface SecurityAdministrator
Returns:
the administrator user

authenticate

public User authenticate(java.lang.String userName,
                         java.lang.String password)
Description copied from interface: SecurityAdministrator
Authenticated user in default application

Specified by:
authenticate in interface SecurityAdministrator

logout

public void logout()
Description copied from interface: SecurityAdministrator
Logout user associated with current thread

Specified by:
logout in interface SecurityAdministrator

getRegisteredTemplateUser

public User getRegisteredTemplateUser()
Specified by:
getRegisteredTemplateUser in interface SecurityAdministrator
Returns:
the template:registered user
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD