/*
* Copyright (c) 1998-2011 Caucho Technology -- all rights reserved
*
* This file is part of Resin(R) Open Source
*
* Each copy or derived work must preserve the copyright notice and this
* notice unmodified.
*
* Resin Open Source is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* Resin Open Source is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
* of NON-INFRINGEMENT. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License
* along with Resin Open Source; if not, write to the
* Free SoftwareFoundation, Inc.
* 59 Temple Place, Suite 330
* Boston, MA 02111-1307 USA
*
* @author Sam
*/
package com.caucho.server.security;
import javax.annotation.PostConstruct;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.security.Principal;
import java.util.ArrayList;
/**
* The AuthenticatorList is used to configure more than one authenticators in a
* list, each authenticator is tried in turn and if the authentication fails the
* next authenticator in the list is attempted.
*
* <code><pre>
* <authenticator type="com.caucho.server.security.AuthenticatorList">
* <init>
* <authenticator resin:type="com.caucho.server.security.XmlAuthenticator">
* <user>admin:NIHlOSafJN2H7emQCkOQ2w==:user,admin</user>
* </authenticator>
*
* <authenticator resin:type='com.caucho.server.security.JdbcAuthenticator'>
* <data-source>jdbc/users</data-source>
* <password-query>
* SELECT password FROM LOGIN WHERE username=?
* </password-query>
* <cookie-auth-query>
* SELECT username FROM LOGIN WHERE cookie=?
* </cookie-auth-query>
* <cookie-auth-update>
* UPDATE LOGIN SET cookie=? WHERE username=?
* </cookie-auth-update>
* <role-query>
* SELECT role FROM LOGIN WHERE username=?
* </role-query>
* </authenticator>
* </init>
* </authenticator>
*
* <login-config auth-method='basic'/>
*
* <security-constraint url-pattern='/users/*' role-name='user'/>
* <security-constraint url-pattern='/admin/*' role-name='admin'/>
*
* </pre></code>
*/
public class AuthenticatorList implements ServletAuthenticator {
private ArrayList<ServletAuthenticator> _authenticators
= new ArrayList<ServletAuthenticator>();
/**
* Sets the path to the XML file.
*/
public void addAuthenticator(ServletAuthenticator authenticator)
{
_authenticators.add(authenticator);
}
@PostConstruct
public void init()
throws ServletException
{
}
public Principal login(HttpServletRequest request,
HttpServletResponse response,
ServletContext application,
String user, String password)
throws ServletException
{
Principal result = null;
for (ServletAuthenticator authenticator : _authenticators) {
result = authenticator.login( request,
response,
application,
user,
password );
if (result != null)
break;
}
return result;
}
public Principal getUserPrincipal(HttpServletRequest request,
HttpServletResponse response,
ServletContext application)
throws ServletException
{
Principal result = null;
for (ServletAuthenticator authenticator : _authenticators) {
result = authenticator.getUserPrincipal( request,
response,
application );
if (result != null)
break;
}
return result;
}
public Principal loginDigest(HttpServletRequest request,
HttpServletResponse response,
ServletContext app,
String user, String realm,
String nonce, String uri,
String qop, String nc, String cnonce,
byte []clientDigset)
throws ServletException
{
Principal result = null;
for (ServletAuthenticator authenticator : _authenticators) {
result = authenticator.loginDigest( request,
response,
app,
user,
realm,
nonce,
uri,
qop,
nc,
cnonce,
clientDigset );
if (result != null)
break;
}
return result;
}
public boolean isUserInRole(HttpServletRequest request,
HttpServletResponse response,
ServletContext application,
Principal user, String role)
throws ServletException
{
boolean result = false;
for (ServletAuthenticator authenticator : _authenticators) {
result = authenticator.isUserInRole( request,
response,
application,
user,
role );
if (result)
break;
}
return result;
}
public void logout(ServletContext application,
HttpSession timeoutSession,
String sessionId,
Principal user)
throws ServletException
{
for (ServletAuthenticator authenticator : _authenticators) {
authenticator.logout(application,
timeoutSession,
sessionId,
user );
}
}
}