1 package org.apache.turbine.services.security.ldap;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 import java.io.ByteArrayOutputStream;
20 import java.io.PrintWriter;
21 import java.sql.Connection;
22 import java.util.Hashtable;
23 import javax.naming.NamingException;
24 import javax.naming.directory.Attribute;
25 import javax.naming.directory.Attributes;
26 import javax.naming.directory.BasicAttribute;
27 import javax.naming.directory.BasicAttributes;
28 import javax.servlet.http.HttpSessionBindingEvent;
29
30 import org.apache.commons.logging.Log;
31 import org.apache.commons.logging.LogFactory;
32 import org.apache.torque.om.BaseObject;
33 import org.apache.torque.om.StringKey;
34 import org.apache.turbine.om.security.User;
35 import org.apache.turbine.services.security.TurbineSecurity;
36
37 /***
38 * LDAPUser implements User and provides access to a user who accesses the
39 * system via LDAP.
40 *
41 * @author <a href="mailto:cberry@gluecode.com">Craig D. Berry</a>
42 * @author <a href="mailto:tadewunmi@gluecode.com">Tracy M. Adewunmi</a>
43 * @author <a href="mailto:lflournoy@gluecode.com">Leonard J. Flournoy </a>
44 * @author <a href="mailto:dlr@finemaltcoding.com">Daniel Rall</a>
45 * @author <a href="mailto:hhernandez@itweb.com.mx">Humberto Hernandez</a>
46 * @version $Id: LDAPUser.java,v 1.12.2.2 2004/05/20 03:06:48 seade Exp $
47 */
48 public class LDAPUser extends BaseObject implements User
49 {
50
51 /*** Logging */
52 private static Log log = LogFactory.getLog(LDAPUser.class);
53
54
55
56 /*** Date when the user was created */
57 private java.util.Date createDate = null;
58
59 /*** Date when the user was last accessed */
60 private java.util.Date lastAccessDate = null;
61
62 /*** timeout */
63 private int timeout = 15;
64
65 /*** This is data that will survive a servlet engine restart. */
66 private Hashtable permStorage = null;
67
68 /*** This is data that will not survive a servlet engine restart. */
69 private Hashtable tempStorage = null;
70
71 /***
72 * Constructor.
73 * Create a new User and set the createDate.
74 */
75 public LDAPUser()
76 {
77 createDate = new java.util.Date();
78 tempStorage = new Hashtable(10);
79 permStorage = new Hashtable(10);
80 setHasLoggedIn(new Boolean(false));
81 }
82
83 /***
84 * Populates the user with values obtained from the LDAP Service.
85 * This method could be redefined in subclasses.
86 * @param attribs The attributes obtained from LDAP.
87 * @throws NamingException if there was an error with JNDI.
88 */
89 public void setLDAPAttributes(Attributes attribs)
90 throws NamingException
91 {
92
93 Attribute attr;
94 String attrName;
95
96
97 attrName = LDAPSecurityConstants.getUserIdAttribute();
98 if (attrName != null)
99 {
100 attr = attribs.get(attrName);
101 if (attr != null && attr.get() != null)
102 {
103 try
104 {
105 setPrimaryKey(new StringKey(attr.get().toString()));
106 }
107 catch (Exception ex)
108 {
109 log.error("Exception caught:", ex);
110 }
111 }
112 }
113
114
115 attrName = LDAPSecurityConstants.getNameAttribute();
116 if (attrName != null)
117 {
118 attr = attribs.get(attrName);
119 if (attr != null && attr.get() != null)
120 {
121 setUserName(attr.get().toString());
122 }
123 }
124 else
125 {
126 log.error("There is no LDAP attribute for the username.");
127 }
128
129
130 attrName = LDAPSecurityConstants.getFirstNameAttribute();
131 if (attrName != null)
132 {
133 attr = attribs.get(attrName);
134 if (attr != null && attr.get() != null)
135 {
136 setFirstName(attr.get().toString());
137 }
138 }
139
140
141 attrName = LDAPSecurityConstants.getLastNameAttribute();
142 if (attrName != null)
143 {
144 attr = attribs.get(attrName);
145 if (attr != null && attr.get() != null)
146 {
147 setLastName(attr.get().toString());
148 }
149 }
150
151
152 attrName = LDAPSecurityConstants.getEmailAttribute();
153 if (attrName != null)
154 {
155 attr = attribs.get(attrName);
156 if (attr != null && attr.get() != null)
157 {
158 setEmail(attr.get().toString());
159 }
160 }
161 }
162
163 /***
164 * Get the JNDI Attributes used to store the user in LDAP.
165 * This method could be redefined in a subclass.
166 *
167 * @throws NamingException if there is a JNDI error.
168 * @return The JNDI attributes of the user.
169 */
170 public Attributes getLDAPAttributes()
171 throws NamingException
172 {
173 Attributes attribs = new BasicAttributes();
174 String attrName;
175
176
177 attrName = "objectClass";
178 if (attrName != null)
179 {
180 Object value = "turbineUser";
181
182 if (value != null)
183 {
184 Attribute attr = new BasicAttribute(attrName, value);
185
186 attribs.put(attr);
187 }
188 }
189
190
191 attrName = LDAPSecurityConstants.getUserIdAttribute();
192 if (attrName != null)
193 {
194 Object value = getPrimaryKey();
195
196 if (value != null)
197 {
198 Attribute attr = new BasicAttribute(attrName, value);
199
200 attribs.put(attr);
201 }
202 }
203
204
205 attrName = LDAPSecurityConstants.getNameAttribute();
206 if (attrName != null)
207 {
208 Object value = getName();
209
210 if (value != null)
211 {
212 Attribute attr = new BasicAttribute(attrName, value);
213
214 attribs.put(attr);
215 }
216 }
217
218
219 attrName = LDAPSecurityConstants.getFirstNameAttribute();
220 if (attrName != null)
221 {
222 Object value = getFirstName();
223
224 if (value != null)
225 {
226 Attribute attr = new BasicAttribute(attrName, value);
227
228 attribs.put(attr);
229 }
230 }
231
232
233 attrName = LDAPSecurityConstants.getLastNameAttribute();
234 if (attrName != null)
235 {
236 Object value = getLastName();
237
238 if (value != null)
239 {
240 Attribute attr = new BasicAttribute(attrName, value);
241
242 attribs.put(attr);
243 }
244 }
245
246
247 attrName = LDAPSecurityConstants.getEmailAttribute();
248 if (attrName != null)
249 {
250 Object value = getEmail();
251
252 if (value != null)
253 {
254 Attribute attr = new BasicAttribute(attrName, value);
255
256 attribs.put(attr);
257 }
258 }
259
260
261 attrName = LDAPSecurityConstants.getPasswordAttribute();
262 if (attrName != null)
263 {
264 Object value = getPassword();
265
266 if (value != null)
267 {
268 Attribute attr = new BasicAttribute(attrName, value);
269
270 attribs.put(attr);
271 }
272 }
273
274 return attribs;
275 }
276
277 /***
278 * Gets the distinguished name (DN) of the User.
279 * This method could be redefined in a subclass.
280 * @return The Distinguished Name of the user.
281 */
282 public String getDN()
283 {
284 String filterAttribute = LDAPSecurityConstants.getNameAttribute();
285 String userBaseSearch = LDAPSecurityConstants.getBaseSearch();
286 String userName = getName();
287
288 String dn = filterAttribute + "=" + userName + "," + userBaseSearch;
289
290 return dn;
291 }
292
293 /***
294 * Gets the access counter for a user during a session.
295 *
296 * @return The access counter for the user for the session.
297 */
298 public int getAccessCounterForSession()
299 {
300 try
301 {
302 return ((Integer) getTemp(User.SESSION_ACCESS_COUNTER)).intValue();
303 }
304 catch (Exception e)
305 {
306 return 0;
307 }
308 }
309
310 /***
311 * Gets the access counter for a user from perm storage.
312 *
313 * @return The access counter for the user.
314 */
315 public int getAccessCounter()
316 {
317 try
318 {
319 return ((Integer) getPerm(User.ACCESS_COUNTER)).intValue();
320 }
321 catch (Exception e)
322 {
323 return 0;
324 }
325 }
326
327 /***
328 * Gets the create date for this User. This is the time at which
329 * the user object was created.
330 *
331 * @return A Java Date with the date of creation for the user.
332 */
333 public java.util.Date getCreateDate()
334 {
335 return createDate;
336 }
337
338 /***
339 * Returns the value of Confirmed variable
340 * @return the confirm value.
341 */
342 public String getConfirmed()
343 {
344 String tmp = null;
345
346 tmp = (String) getPerm(User.CONFIRM_VALUE);
347 if (tmp != null && tmp.length() == 0)
348 {
349 tmp = null;
350 }
351 return tmp;
352 }
353
354 /***
355 * Returns the Email for this user. If this is defined, then
356 * the user is considered logged in.
357 *
358 * @return A String with the user's Email.
359 */
360 public String getEmail()
361 {
362 String tmp = null;
363
364 tmp = (String) getPerm(User.EMAIL);
365 if (tmp != null && tmp.length() == 0)
366 {
367 tmp = null;
368 }
369 return tmp;
370 }
371
372 /***
373 * Gets the last access date for this User. This is the last time
374 * that the user object was referenced.
375 *
376 * @return A Java Date with the last access date for the user.
377 */
378 public java.util.Date getLastAccessDate()
379 {
380 if (lastAccessDate == null)
381 {
382 setLastAccessDate();
383 }
384 return lastAccessDate;
385 }
386
387 /***
388 * Get last login date/time for this user.
389 *
390 * @return A Java Date with the last login date for the user.
391 */
392 public java.util.Date getLastLogin()
393 {
394 return (java.util.Date) getPerm(User.LAST_LOGIN);
395 }
396
397 /***
398 * Get password for this user.
399 *
400 * @return A String with the password for the user.
401 */
402 public String getPassword()
403 {
404 return (String) getPerm(User.PASSWORD);
405 }
406
407 /***
408 * Get an object from permanent storage.
409 * @param name The object's name.
410 * @return An Object with the given name.
411 */
412 public Object getPerm(String name)
413 {
414 return permStorage.get(name);
415 }
416
417 /***
418 * Get an object from permanent storage; return default if value
419 * is null.
420 *
421 * @param name The object's name.
422 * @param def A default value to return.
423 * @return An Object with the given name.
424 */
425 public Object getPerm(String name, Object def)
426 {
427 try
428 {
429 Object val = permStorage.get(name);
430
431 if (val == null)
432 {
433 return def;
434 }
435 return val;
436 }
437 catch (Exception e)
438 {
439 return def;
440 }
441 }
442
443 /***
444 * This should only be used in the case where we want to save the
445 * data to the database.
446 *
447 * @return A Hashtable.
448 */
449 public Hashtable getPermStorage()
450 {
451 if (this.permStorage == null)
452 {
453 this.permStorage = new Hashtable();
454 }
455 return this.permStorage;
456 }
457
458 /***
459 * Get an object from temporary storage.
460 *
461 * @param name The object's name.
462 * @return An Object with the given name.
463 */
464 public Object getTemp(String name)
465 {
466 return tempStorage.get(name);
467 }
468
469 /***
470 * Get an object from temporary storage; return default if value
471 * is null.
472 *
473 * @param name The object's name.
474 * @param def A default value to return.
475 * @return An Object with the given name.
476 */
477 public Object getTemp(String name, Object def)
478 {
479 Object val;
480
481 try
482 {
483 val = tempStorage.get(name);
484 if (val == null)
485 {
486 val = def;
487 }
488 }
489 catch (Exception e)
490 {
491 val = def;
492 }
493 return val;
494 }
495
496 /***
497 * A User object can have a variable Timeout, which is defined in
498 * minutes. If the user has been timed out, then the
499 * hasLoggedIn() value will return false.
500 *
501 * @return An int specifying the timeout.
502 */
503 public int getTimeout()
504 {
505 return this.timeout;
506 }
507
508 /***
509 * Returns the username for this user. If this is defined, then
510 * the user is considered logged in.
511 *
512 * @return A String with the username.
513 * @deprecated Use getName() instead
514 */
515 public String getUserName()
516 {
517 return getName();
518 }
519
520 /***
521 * Returns the first name for this user. If this is defined, then
522 * the user is considered logged in.
523 *
524 * @return A String with the user's first name.
525 */
526 public String getFirstName()
527 {
528 String tmp = null;
529
530 tmp = (String) getPerm(User.FIRST_NAME);
531 if (tmp != null && tmp.length() == 0)
532 {
533 tmp = null;
534 }
535 return tmp;
536 }
537
538 /***
539 * Returns the last name for this user. If this is defined, then
540 * the user is considered logged in.
541 *
542 * @return A String with the user's last name.
543 */
544 public String getLastName()
545 {
546 String tmp = null;
547
548 tmp = (String) getPerm(User.LAST_NAME);
549 if (tmp != null && tmp.length() == 0)
550 {
551 tmp = null;
552 }
553 return tmp;
554 }
555
556 /***
557 * The user is considered logged in if they have not timed out.
558 *
559 * @return True if the user has logged in.
560 */
561 public boolean hasLoggedIn()
562 {
563 Boolean tmp = getHasLoggedIn();
564
565 if (tmp != null && tmp.booleanValue())
566 {
567 return true;
568 }
569 else
570 {
571 return false;
572 }
573 }
574
575 /***
576 * This method reports whether or not the user has been confirmed
577 * in the system by checking the <code>CONFIRM_VALUE</code>
578 * column to see if it is equal to <code>CONFIRM_DATA</code>.
579 *
580 * @return True if the user has been confirmed.
581 */
582 public boolean isConfirmed()
583 {
584 return ((String) getTemp(CONFIRM_VALUE, "")).equals(CONFIRM_DATA);
585 }
586
587 /***
588 * Increments the permanent hit counter for the user.
589 */
590 public void incrementAccessCounter()
591 {
592 setAccessCounter(getAccessCounter() + 1);
593 }
594
595 /***
596 * Increments the session hit counter for the user.
597 */
598 public void incrementAccessCounterForSession()
599 {
600 setAccessCounterForSession(getAccessCounterForSession() + 1);
601 }
602
603 /***
604 * Remove an object from temporary storage and return the object.
605 *
606 * @param name The name of the object to remove.
607 * @return An Object.
608 */
609 public Object removeTemp(String name)
610 {
611 return tempStorage.remove(name);
612 }
613
614 /***
615 * Sets the access counter for a user, saved in perm storage.
616 *
617 * @param cnt The new count.
618 */
619 public void setAccessCounter(int cnt)
620 {
621 setPerm(User.ACCESS_COUNTER, new Integer(cnt));
622 }
623
624 /***
625 * Sets the session access counter for a user, saved in temp
626 * storage.
627 *
628 * @param cnt The new count.
629 */
630 public void setAccessCounterForSession(int cnt)
631 {
632 setTemp(User.SESSION_ACCESS_COUNTER, new Integer(cnt));
633 }
634
635 /***
636 * Set the users confirmed variable
637 *
638 * @param confirm The new confim value.
639 */
640 public void setConfirmed(String confirm)
641 {
642 getPerm(User.CONFIRM_VALUE, confirm);
643 }
644
645 /***
646 * Sets the last access date for this User. This is the last time
647 * that the user object was referenced.
648 */
649 public void setLastAccessDate()
650 {
651 lastAccessDate = new java.util.Date();
652 }
653
654 /***
655 * Sets the create date for this User. This is the time at which
656 * the user object was created.
657 *
658 * @param date The create date.
659 */
660 public void setCreateDate(java.util.Date date)
661 {
662 createDate = date;
663 }
664
665 /***
666 * Set the users Email
667 *
668 * @param email The new email.
669 */
670 public void setEmail(String email)
671 {
672 setPerm(User.EMAIL, email);
673 }
674
675 /***
676 * Set the users First Name
677 *
678 * @param fname The new firstname.
679 */
680 public void setFirstName(String fname)
681 {
682 setPerm(User.FIRST_NAME, fname);
683 }
684
685 /***
686 * Set last login date/time.
687 *
688 * @param date The last login date.
689 */
690 public void setLastLogin(java.util.Date date)
691 {
692 setPerm(User.LAST_LOGIN, date);
693 }
694
695 /***
696 * Set the users Last Name
697 * Sets the last name for this user.
698 *
699 * @param lname The new lastname.
700 */
701 public void setLastName(String lname)
702 {
703 setPerm(User.LAST_NAME, lname);
704 }
705
706 /***
707 * Set password.
708 *
709 * @param password The new password.
710 */
711 public void setPassword(String password)
712 {
713 setPerm(User.PASSWORD, password);
714 }
715
716 /***
717 * Put an object into permanent storage.
718 *
719 * @param name The object's name.
720 * @param value The object.
721 */
722 public void setPerm(String name, Object value)
723 {
724 permStorage.put(name, value);
725 }
726
727 /***
728 * This should only be used in the case where we want to save the
729 * data to the database.
730 *
731 * @param stuff A Hashtable.
732 */
733 public void setPermStorage(Hashtable stuff)
734 {
735 this.permStorage = stuff;
736 }
737
738 /***
739 * This should only be used in the case where we want to save the
740 * data to the database.
741 *
742 * @return A Hashtable.
743 */
744 public Hashtable getTempStorage()
745 {
746 if (this.tempStorage == null)
747 {
748 this.tempStorage = new Hashtable();
749 }
750 return this.tempStorage;
751 }
752
753 /***
754 * This should only be used in the case where we want to save the
755 * data to the database.
756 *
757 * @param storage A Hashtable.
758 */
759 public void setTempStorage(Hashtable storage)
760 {
761 this.tempStorage = storage;
762 }
763
764 /***
765 * This gets whether or not someone has logged in. hasLoggedIn()
766 * returns this value as a boolean. This is private because you
767 * should use hasLoggedIn() instead.
768 *
769 * @return True if someone has logged in.
770 */
771 private Boolean getHasLoggedIn()
772 {
773 return (Boolean) getTemp(User.HAS_LOGGED_IN);
774 }
775
776 /***
777 * This sets whether or not someone has logged in. hasLoggedIn()
778 * returns this value.
779 *
780 * @param value Whether someone has logged in or not.
781 */
782 public void setHasLoggedIn(Boolean value)
783 {
784 setTemp(User.HAS_LOGGED_IN, value);
785 }
786
787 /***
788 * Put an object into temporary storage.
789 *
790 * @param name The object's name.
791 * @param value The object.
792 */
793 public void setTemp(String name, Object value)
794 {
795 tempStorage.put(name, value);
796 }
797
798 /***
799 * A User object can have a variable Timeout which is defined in
800 * minutes. If the user has been timed out, then the
801 * hasLoggedIn() value will return false.
802 *
803 * @param time The user's timeout.
804 */
805 public void setTimeout(int time)
806 {
807 this.timeout = time;
808 }
809
810 /***
811 * Sets the username for this user.
812 *
813 * @param username The user's username.
814 */
815 public void setUserName(String username)
816 {
817 setPerm(User.USERNAME, username);
818 }
819
820 /***
821 * Updates the last login date in the database.
822 *
823 * @exception Exception a generic exception.
824 */
825 public void updateLastLogin() throws Exception
826 {
827 setPerm(User.LAST_LOGIN, new java.util.Date());
828 }
829
830 /***
831 * Implement this method if you wish to be notified when the User
832 * has been Bound to the session.
833 *
834 * @param hsbe The HttpSessionBindingEvent.
835 */
836 public void valueBound(HttpSessionBindingEvent hsbe)
837 {
838
839 }
840
841 /***
842 * Implement this method if you wish to be notified when the User
843 * has been Unbound from the session.
844 *
845 * @param hsbe The HttpSessionBindingEvent.
846 */
847 public void valueUnbound(HttpSessionBindingEvent hsbe)
848 {
849 try
850 {
851 if (hasLoggedIn())
852 {
853 TurbineSecurity.saveUser(this);
854 }
855 }
856 catch (Exception e)
857 {
858 log.error("BaseUser.valueUnbobund(): "
859 + e.getMessage());
860 log.error(e);
861
862
863
864
865 ByteArrayOutputStream ostr = new ByteArrayOutputStream();
866
867 e.printStackTrace(new PrintWriter(ostr, true));
868 String stackTrace = ostr.toString();
869
870 System.out.println(stackTrace);
871 }
872 }
873
874 /***
875 * Returns the username for this user. If this is defined, then
876 * the user is considered logged in.
877 *
878 * @return A String with the username.
879 */
880 public String getName()
881 {
882 String tmp = null;
883
884 tmp = (String) getPerm(User.USERNAME);
885 if (tmp != null && tmp.length() == 0)
886 {
887 tmp = null;
888 }
889 return tmp;
890 }
891
892 /***
893 * Not implemented.
894 * @param name the name of the User.
895 */
896 public void setName(String name)
897 {
898 }
899
900 /***
901 * Not implemented.
902 * @return 0
903 */
904 public int getId()
905 {
906 return 0;
907 }
908
909 /***
910 * Not implemented.
911 * @return null
912 */
913 public Integer getIdAsObj()
914 {
915 return new Integer(0);
916 }
917
918 /***
919 * Not implemented.
920 *
921 * @param id The id of the User.
922 */
923 public void setId(int id)
924 {
925 }
926
927 /***
928 * Saves this object to the data store.
929 * @throws Exception if it cannot be saved
930 */
931 public void save()
932 throws Exception
933 {
934 if (TurbineSecurity.accountExists(this))
935 {
936 TurbineSecurity.saveUser(this);
937 }
938 else
939 {
940 TurbineSecurity.addUser(this, getPassword());
941 }
942 }
943
944 /***
945 * not implemented
946 *
947 * @param conn the database connection
948 * @throws Exception if there is an error
949 */
950 public void save(Connection conn) throws Exception
951 {
952 throw new Exception("not implemented");
953 }
954
955 /***
956 * not implemented
957 *
958 * @param dbname the database name
959 * @throws Exception if there is an error
960 */
961 public void save(String dbname) throws Exception
962 {
963 throw new Exception("not implemented");
964 }
965
966 }