Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep
Home >> All >> com >> clra >> xml >> [ security Javadoc ]

Source code: com/clra/xml/security/DBAuthenticationHandler.java


1   /*
2    * Copyright (c) Carnegie Lake Rowing Association 2002. All rights reserved.
3    * Based on Apache Axis org.apache.axis.handlers.DBAuthenticationHandler
4    * Distributed under the GPL license. See doc/COPYING.
5    * $RCSfile: DBAuthenticationHandler.java,v $
6    * $Date: 2003/03/05 01:21:03 $
7    * $Revision: 1.1 $
8    */
9   
10  package com.clra.xml.security;
11  
12  import org.apache.axis.AxisFault;
13  import org.apache.axis.MessageContext;
14  import org.apache.axis.handlers.BasicHandler;
15  import org.apache.axis.security.AuthenticatedUser;
16  import org.apache.axis.security.SecurityProvider;
17  import org.apache.axis.utils.Messages;
18  
19  import org.apache.axis.components.logger.LogFactory;
20  import org.apache.commons.logging.Log;
21  
22  /**
23   * An minor rewrite of the Axis SimpleAuthenticationHandler, which checks
24   * to see if a user specified in the MessageContext is allowed to continue.
25   * This code differs from the Axis code by using the DBSecurityProvider.
26   *
27   * @version $Revision: 1.1 $  ($Date: 2003/03/05 01:21:03 $)
28   * @author Doug Davis (dug@us.ibm.com)
29   * @author Sam Ruby (rubys@us.ibm.com)
30   * @author <a href="mailto:rphall@pluto.njcc.com">Rick Hall</a>
31   */
32  public class DBAuthenticationHandler extends BasicHandler {
33  
34      protected static Log log =
35          LogFactory.getLog(DBAuthenticationHandler.class.getName());
36  
37      /**
38       * Authenticate the user and password from the msgContext
39       */
40      public void invoke(MessageContext msgContext) throws AxisFault {
41          if (log.isDebugEnabled()) {
42              log.debug("Enter: DBAuthenticationHandler::invoke");
43          }
44  
45          SecurityProvider provider =
46              (SecurityProvider)msgContext.getProperty("securityProvider");
47          if (provider == null) {
48              provider = new DBSecurityProvider();
49              msgContext.setProperty("securityProvider", provider);
50          }
51  
52          if (provider != null) {
53              String  userID = msgContext.getUsername();
54              if (log.isDebugEnabled()) {
55                  log.debug( Messages.getMessage("user00", userID) );
56              }
57  
58              // in order to authenticate, the user must exist
59              if ( userID == null || userID.equals(""))
60                  throw new AxisFault( "Server.Unauthenticated",
61                      Messages.getMessage("cantAuth00", userID),
62                      null, null );
63  
64              String passwd = msgContext.getPassword();
65              if (log.isDebugEnabled()) {
66                  log.debug( Messages.getMessage("password00", passwd) );
67              }
68  
69              AuthenticatedUser authUser = provider.authenticate(msgContext);
70  
71              // if a password is defined, then it must match
72              if ( authUser == null)
73                  throw new AxisFault( "Server.Unauthenticated",
74                      Messages.getMessage("cantAuth01", userID),
75                      null, null );
76  
77              if (log.isDebugEnabled()) {
78                  log.debug( Messages.getMessage("auth00", userID) );
79              }
80  
81              msgContext.setProperty(MessageContext.AUTHUSER, authUser);
82          }
83  
84          if (log.isDebugEnabled()) {
85              log.debug("Exit: DBAuthenticationHandler::invoke");
86          }
87      }
88  
89  } // DBAuthenticationHandler
90  
91  /*
92   * $Log: DBAuthenticationHandler.java,v $
93   * Revision 1.1  2003/03/05 01:21:03  rphall
94   * Added security to SOAP service
95   *
96   */
97