UserPasswordAutenticationHandler xref

View Javadoc

1   /*
2    * Copyright (c) 2003 Peter Antman, Teknik i Media  <peter.antman@tim.se>
3    *
4    * $Id: UserPasswordAutenticationHandler.java,v 1.1.1.1 2004/05/19 12:26:42 pra Exp $
5    *
6    * This library is free software; you can redistribute it and/or
7    * modify it under the terms of the GNU Lesser General Public
8    * License as published by the Free Software Foundation; either
9    * version 2 of the License, or (at your option) any later version
10   * 
11   * This library is distributed in the hope that it will be useful,
12   * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14   * Lesser General Public License for more details.
15   * 
16   * You should have received a copy of the GNU Lesser General Public
17   * License along with this library; if not, write to the Free Software
18   * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
19   */
20  package org.backsource.axis;
21  import org.apache.axis.AxisFault;
22  import org.apache.axis.MessageContext;
23  import org.apache.axis.Handler;
24  import org.apache.axis.handlers.BasicHandler;
25  import org.apache.axis.components.logger.LogFactory;
26  import org.apache.axis.utils.Messages;
27  import org.apache.commons.logging.Log;
28  /***
29   * A truly simple handler that combines Authentication and Authorization into one handle that contains one user/password pair. 
30   *
31   * <p>Use this to set up  services that are really only to be used by one sender.</p>
32  <pre>  &lt;handler type="java:org.backsource.axis.UserPasswordAutenticationHandler"&gt;
33      &lt;parameter name="allowedUser" value="VV"/&gt;
34      &lt;parameter name="allowedPassword" value="VV1"/&gt;
35    &lt;/handler&gt;
36  </pre>
37  <p>The params may also be specifyed at service level, and will then owerride
38  the ones set at handler level.</p>
39    <handler type="java:org.backsource.axis.UserPasswordAutenticationHandler">
40      <parameter name="allowedUser" value="VV"/>
41      <parameter name="allowedPassword" value="VV1"/>
42    </handler>
43   *
44   * @author <a href="mailto:pra@tim.se">Peter Antman</a>
45   * @version $Revision: 1.1.1.1 $
46   */
47  
48  public class UserPasswordAutenticationHandler  extends BasicHandler{
49     protected static Log log =
50          LogFactory.getLog(UserPasswordAutenticationHandler.class.getName());
51  
52  
53  
54     public UserPasswordAutenticationHandler (){
55        
56     }   
57  
58     
59  
60     public void invoke(MessageContext msgContext) throws AxisFault {
61        Handler serviceHandler = msgContext.getService();
62        String allowedUser = (String)serviceHandler.getOption("allowedUser");
63        if (  allowedUser == null) {
64           allowedUser = (String)getOption("allowedUser");
65        } // end of if ()
66        String allowedPassword = (String)serviceHandler.getOption("allowedPassword");
67        if (   allowedPassword== null) {
68           allowedPassword = (String)getOption("allowedPassword");
69        } // end of if ()
70        if ( allowedUser == null || allowedPassword == null) {
71           log.error("No user/password setup user="+allowedUser + " password="+allowedPassword);
72           throw new AxisFault("Server.NoUser",
73                               Messages.getMessage("needUser00"), null, null);
74        } // end of if ()
75        
76        String  userID = msgContext.getUsername();
77        if (log.isDebugEnabled()) {
78                  log.debug( Messages.getMessage("user00", userID) );
79              }
80        // in order to authenticate, the user must exist
81        if ( userID == null || userID.equals(""))
82           throw new AxisFault( "Server.Unauthenticated",
83                                Messages.getMessage("cantAuth00", userID),
84                                null, null );
85        String passwd = msgContext.getPassword();
86        if (log.isDebugEnabled()) {
87           log.debug( Messages.getMessage("password00", passwd) );
88        }
89        if ( passwd == null || passwd.equals(""))
90           throw new AxisFault( "Server.Unauthenticated",
91                                Messages.getMessage("cantAuth00", userID),
92                                null, null );
93        if ( allowedUser.equals( userID) && allowedPassword.equals(passwd) ) {
94           return;
95        } else {
96           throw new AxisFault( "Server.Unauthenticated",
97                      Messages.getMessage("cantAuth01", userID),
98                      null, null );
99        } // end of else
100 
101    }
102 }// UserPasswordAutenticationHandler