Index: topia-service/src/java/org/codelutin/topia/taas/TaasUtil.java diff -u /dev/null topia-service/src/java/org/codelutin/topia/taas/TaasUtil.java:1.1 --- /dev/null Thu Nov 29 16:08:34 2007 +++ topia-service/src/java/org/codelutin/topia/taas/TaasUtil.java Thu Nov 29 16:08:29 2007 @@ -0,0 +1,214 @@ +/* *##% +* Copyright (C) 2002, 2003, 2004, 2005 Code Lutin, +* Cédric Pineau, Benjamin Poussin, +* +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +*##%*/ + +/* * +* TopiaSecurityUtil.java +* +* Created: 15 févr. 2006 +* +* @author Arnaud Thimel +* @version $Revision: 1.1 $ +* +* Mise a jour: $Date: 2007-11-29 16:08:29 $ +* par : $Author: ruchaud $ +*/ + +package org.codelutin.topia.taas; + +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.StringTokenizer; + +import org.apache.commons.lang.ArrayUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import sun.misc.BASE64Encoder; + +/** + * Classe utilitaire + * + * @author ruchaud + * + */ +public class TaasUtil { + + /** to use log facility, just put in your code: log.info(\"...\"); */ + static private Log log = LogFactory.getLog(TaasUtil.class); + + public static final int LOAD = 0x1; + public static final String LOAD_TEXT = "LOAD"; + public static final int CREATE = 0x2; + public static final String CREATE_TEXT = "CREATE"; + public static final int UPDATE = 0x4; + public static final String UPDATE_TEXT = "UPDATE"; + public static final int DELETE = 0x8; + public static final String DELETE_TEXT = "DELETE"; + + /** + * Applique un algorithme de hashage sur la chaine de caratère passée en + * paramètre + * @param msg la chaine de caratère sur laquelle on veut opérer le hashage + * @return La chaine de caractère une fois l'algorithme appliqué + */ + public static String hash(String msg) { + return digestSHAHex(msg); + } + + /** + * Applique un algorithme de hashage sur la chaine de caratère passée en + * paramètre + * @param msg la chaine de caratère sur laquelle on veut opérer le hashage + * @return La chaine de caractère une fois l'algorithme appliqué + */ + public static String digestSHABase64(String msg) { + if (msg == null) { + return null; + } + try { + MessageDigest digest = MessageDigest.getInstance("SHA"); + byte[] bytes = msg.getBytes(); + bytes = digest.digest(bytes); + BASE64Encoder encoder = new sun.misc.BASE64Encoder(); + String msgHashed = encoder.encode(bytes); + return msgHashed; + } catch (NoSuchAlgorithmException nsee) { + return msg; + } + } + + /** + * Fait le checksum SHA de la chaine de caractere le resultat est retourne + * sous forme de chaine Hexadecimal. + */ + static public String digestSHAHex(String ch){ + if(ch == null){ + return null; + } + try{ + MessageDigest md = MessageDigest.getInstance("SHA"); + md.update(ch.getBytes()); + byte[] digest = md.digest(); + + StringBuffer result = new StringBuffer(); + for (int i=0; i < digest.length; i++) { + String hex = Integer.toHexString(0xFF & digest[i]); + if (hex.length() == 1) { + result.append("0" + hex); + } else { + result.append(hex); + } + } + + return result.toString(); + }catch(NoSuchAlgorithmException eee){ + log.warn("Impossible de trouve l'algo SHA", eee); + return ch; + } + } + + /** + * Transforme actions en un entier. + * @param actions - + * combinaison de mots cles "load" "update" "create" et "delete" + * separes par des virgules. Ex : "load,update" + * @return 0 si aucune permission. Une combinaison des permissions + */ + public static int actionsString2Int(String actions) { + int result = 0x0; + StringTokenizer tokens = new StringTokenizer(actions, ","); + while (tokens.hasMoreTokens()) { + String action = tokens.nextToken().trim(); + if (LOAD_TEXT.equalsIgnoreCase(action)) { + result |= LOAD; + } else if (CREATE_TEXT.equalsIgnoreCase(action)) { + result |= CREATE; + } else if (UPDATE_TEXT.equalsIgnoreCase(action)) { + result |= UPDATE; + } else if (DELETE_TEXT.equalsIgnoreCase(action)) { + result |= DELETE; + } else { + throw new IllegalArgumentException("action not supported: " + + action); + } + } + return result; + } + + /** + * Transforme actions en une chaîne de caractères + * @param actions les actions sous forme d'un entier + * @return La chaine des actions passé en paramètre + */ + public static String actionsInt2String(int actions) { + StringBuffer result = new StringBuffer(); + if ((actions & LOAD) == LOAD) { + result.append(LOAD_TEXT); + result.append(","); + } + if ((actions & CREATE) == CREATE) { + result.append(CREATE_TEXT); + result.append(","); + } + if ((actions & UPDATE) == UPDATE) { + result.append(UPDATE_TEXT); + result.append(","); + } + if ((actions & DELETE) == DELETE) { + result.append(DELETE_TEXT); + result.append(","); + } + + if (result.length() > 0) { + return result.substring(0, result.length() - 1); + } else { + return ""; + } + } + + /** + * Détermine si la classe implémente une interface + *

+ * interface A <---- class B <---- class C + *

+ * interface D <---- class E + *

+ * isImplement(C, A) = true + *

+ * isImplement(E, A) = false + * + * @param klass la classe + * @param iface l'interface + * @return vrai si la classe implémente l'interface sinon faux + */ + public static boolean isImplement(Class klass, Class iface) { + boolean result = false; + + Class[] interfaces = klass.getInterfaces(); + result |= ArrayUtils.contains(interfaces, iface); + + Class superclass = klass.getSuperclass(); + if(!result && superclass != null) { + result |= isImplement(superclass, iface); + } + + return result; + } +} //TopiaSecurityUtil Index: topia-service/src/java/org/codelutin/topia/taas/TaasService.java diff -u /dev/null topia-service/src/java/org/codelutin/topia/taas/TaasService.java:1.1 --- /dev/null Thu Nov 29 16:08:34 2007 +++ topia-service/src/java/org/codelutin/topia/taas/TaasService.java Thu Nov 29 16:08:29 2007 @@ -0,0 +1,101 @@ +/* *##% +* Copyright (C) 2002, 2003, 2004, 2005 Code Lutin, +* Cédric Pineau, Benjamin Poussin, +* +* +* This program is free software; you can redistribute it and/or +* modify it under the terms of the GNU General Public License +* as published by the Free Software Foundation; either version 2 +* of the License, or (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program; if not, write to the Free Software +* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +*##%*/ + +/* * +* TopiaSecurityVetoableListener.java +* +* Created: 10 févr. 2006 +* +* @author Arnaud Thimel +* @version $Revision: 1.1 $ +* +* Mise a jour: $Date: 2007-11-29 16:08:29 $ +* par : $Author: ruchaud $ +*/ +package org.codelutin.topia.taas; + +import javax.security.auth.login.Configuration; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.codelutin.topia.TopiaContext; +import org.codelutin.topia.TopiaException; +import org.codelutin.topia.event.TopiaTransactionEvent; +import org.codelutin.topia.event.TopiaTransactionVetoable; +import org.codelutin.topia.framework.TopiaContextImplementor; +import org.codelutin.topia.framework.TopiaService; +import org.codelutin.topia.taas.entities.TaasAuthorizationImpl; +import org.codelutin.topia.taas.event.TaasEntityVetoable; +import org.codelutin.topia.taas.jaas.TaasConfiguration; +import org.codelutin.topia.taas.jaas.TaasLoginModule; +import org.codelutin.topia.taas.jaas.TaasPolicy; + + +public class TaasService implements TopiaService, TopiaTransactionVetoable { + + static private Log log = LogFactory.getLog(TaasService.class); + + public static final String CONF_KEY = "taas.service"; + public static final String CONF_LOGIN_MODULE = TaasLoginModule.class.getName(); + + private TaasEntityVetoable entityVetoable = new TaasEntityVetoable(); + private TaasPolicy policy = new TaasPolicy(this); + private TopiaContext rootContext; + + public Class[] getPersistenceClasses() { + return new Class [] { + TaasUserImpl.class, + TaasPrincipalImpl.class, + TaasAuthorizationImpl.class, + }; + } + + public String getServiceName() { + return "taas"; + } + + public boolean postInit(TopiaContextImplementor context) { + rootContext = context; + + initSecurity(rootContext); + policy.installPolicy(); + Configuration.setConfiguration(new TaasConfiguration("taas", this)); + + return true; + } + + public void beginTransaction(TopiaTransactionEvent event) { + TopiaContext context = event.getTopiaContext(); + initSecurity(context); + } + + private void initSecurity(TopiaContext context) { + context.addTopiaEntityVetoable(entityVetoable); + context.addTopiaTransactionVetoable(this); + } + + public boolean preInit(TopiaContextImplementor context) { + return true; + } + + public TopiaContext getRootContext() throws TopiaException { + return rootContext; + } +}