File Doc Category Size Date Package
Identifier.java API Doc Example 13903 Mon Apr 03 21:02:52 BST 2000 com.imaginary.lwp

Identifier

java.lang.Object

public class Identifier extends Object implements Serializable

A client token for identifying itself to the server. When a user logs in to the system successfully, the client is provided with an Identifier instance that it passes back to the server any time it is involved in a transaction. The server then uses that identifier to validate access to the resource in question.
Last modified $Date: 1999/11/20 17:33:19 $

version: $Revision: 1.4 $
author: George Reese (borg@imaginary.com)

Fields Summary
private static HashMap
authenticated
A list of already authenticated people.
private static HashMap
identifiers
Stores the current identifiers for a client.
private static SecureRandom
randomizer
The random key generator.
private static Identifier
serverID
The server's ID.
private long
key
A token that makes sure this identifier works only for this session.
private String
userID
The user ID associated with this user.
Constructors Summary
public Identifier()
Empty constructor required by serialization.
super();
Identifier(String uid)
Constructs an identifier associated with a specific system user under a default role.
param
uid the user ID of the person this identifier represents
this(uid, null);
Identifier(String uid, AuthenticationRole r)
Constructs an identifier associated with the specified user under the specified role.
param
uid the user ID this identifier represents
param
r the role under which this UID is authenticated
synchronized( authenticated ) { if( authenticated.containsKey(uid) ) { HashMap map = (HashMap)authenticated.get(uid); if( map.containsKey(r) ) { AuthenticationMonitor mon; mon = (AuthenticationMonitor)map.get(r); key = mon.id.key; userID = mon.id.userID; mon.lastTouched = (new Date()).getTime(); } else { AuthenticationMonitor mon = new AuthenticationMonitor(); key = getRandomNumber(); if( uid.equals("guest") ) { userID = "guest" + key; if( userID.length() > 15 ) { userID = userID.substring(0, 14); } } else { userID = uid; } mon.id = this; mon.lastTouched = (new Date()).getTime(); map.put(r, mon); } } else { AuthenticationMonitor mon = new AuthenticationMonitor(); HashMap map = new HashMap(); key = getRandomNumber(); if( uid.equals("guest") ) { userID = "guest" + key; if( userID.length() > 15 ) { userID = userID.substring(0, 14); } } else { userID = uid; } mon.id = this; mon.lastTouched = (new Date()).getTime(); map.put(r, mon); authenticated.put(uid, map); } }
Methods Summary
public static com.imaginary.lwp.Identifier currentIdentifier()
Provides a client application with its identifier so that it can pass it to a transactional method.
return
the current client identifier
return currentIdentifier((AuthenticationRole)null);
public static com.imaginary.lwp.Identifier currentIdentifier(java.lang.Object cred)
param
cred a credentials object to use for the role
return
the current identifier for the role with the specified credentials
return (Identifier)identifiers.get(new AuthenticationRole(cred));
public static com.imaginary.lwp.Identifier currentIdentifier(AuthenticationRole r)
param
r the role whose identifier is being sought
return
the current identifier for the specified role
return (Identifier)identifiers.get(r);
public boolean equals(java.lang.Object ob)
param
the object to compare to
return
true if the object is an Identifier and it shares the same key as this object
if( ob instanceof Identifier ) { Identifier id = (Identifier)ob; if( key != id.key ) { return false; } return true; } return false;
private static long getRandomNumber()
Generates a secure, random long used for key generation.
return
a random long
byte[] value = new byte[60]; long l = 0; if( randomizer == null ) { randomizer = new SecureRandom(); } randomizer.nextBytes(value); for(int i=0; i<60; i++) { l = l + (value[i]<<i); } return l;
public static com.imaginary.lwp.Identifier getServerID()
if( serverID == null ) { serverID = new Identifier("LWPSERVER"); } return serverID;
public java.lang.String getUserID()
return
the user ID associated with this identifier
return userID;
public int hashCode()
A hash code based on the key.
return (new Long(key)).hashCode();
static boolean isAuthenticated(com.imaginary.lwp.Identifier id)
Looks through the list of authenticated users for any authentication matching the specified identifier.
param
id the identifier being validated
return
true if the id was created by this server
synchronized( authenticated ) { Iterator it; HashMap map; if( id == null ) { System.out.println("ID was null."); return false; } if( id.userID.equals("LWPSERVER") ) { if( id.key == getServerID().key ) { return true; } else { return false; } } if( !authenticated.containsKey(id.userID) ) { return false; } map = (HashMap)authenticated.get(id.userID); it = map.entrySet().iterator(); while( it.hasNext() ) { Map.Entry ent = (Map.Entry)it.next(); AuthenticationMonitor mon; mon = (AuthenticationMonitor)ent.getValue(); if( mon.id.key == id.key ) { mon.lastTouched = (new Date()).getTime(); return true; } } return false; }
public static com.imaginary.lwp.Identifier login(java.lang.String uid, java.lang.String pw)
Authenticates the specified user ID against the specified password. This method finds the server and sends the user ID and password to it for authentication. If the password does not match the currently stored password, then an exception is thrown. Otherwise it will store the identifier the server hands back. This method authenticates for a default role.
param
uid the user ID of the person using the system
param
pw the password of the user to use for authentication
throws
com.imaginary.lwp.AuthenticationException the login attempt failed
return login(uid, pw, null);
public static com.imaginary.lwp.Identifier login(java.lang.String uid, java.lang.String pw, AuthenticationRole r)
Authenticates the specified user ID against the specified password. This method finds the server and sends the user ID and password to it for authentication. If the password does not match the currently stored password, then an exception is thrown. Otherwise it will store the identifier the server hands back.
param
uid the user ID of the person using the system
param
pw the password of the user to use for authentication
param
r the role under which the user is being authenticated
throws
com.imaginary.lwp.AuthenticationException the login attempt failed
String url = System.getProperty(LWPProperties.RMI_URL); ObjectServer server; try { Identifier id; server = (ObjectServer)Naming.lookup(url); id = server.login(uid, pw, r); if( id != null ) { identifiers.put(r, id); } return id; } catch( MalformedURLException e ) { throw new AuthenticationException(e); } catch( NotBoundException e ) { throw new AuthenticationException(e); } catch( RemoteException e ) { throw new AuthenticationException(e); }
static void monitor()
A thread that goes through the list of authenticated users and throws out people who have not touched the system in a while.
Thread t = new Thread() { public void run() { ArrayList uids = new ArrayList(); while( true ) { Iterator keys; try { Thread.sleep(600000); } catch( InterruptedException e ) { } synchronized( authenticated ) { Iterator it = authenticated.keySet().iterator(); while( it.hasNext() ) { uids.add(it.next()); } } keys = uids.iterator(); while( keys.hasNext() ) { String uid = (String)keys.next(); long time = (new Date()).getTime(); try { Thread.sleep(1000); } catch( InterruptedException e ) { } synchronized( authenticated ) { if( authenticated.containsKey(uid) ) { HashMap map = (HashMap)authenticated.get(uid); Iterator roles = map.keySet().iterator(); while( roles.hasNext() ) { AuthenticationRole r; AuthenticationMonitor mon; long diff; r = (AuthenticationRole)roles.next(); mon = (AuthenticationMonitor)map.get(r); diff = time - mon.lastTouched; // 30 minutes if( diff > 1800000 ) { map.remove(r); if( map.size() < 1 ) { authenticated.remove(uid); } } } } } } } } }; t.setPriority(Thread.MIN_PRIORITY); t.start();
public java.lang.String toLocaleString(java.util.Locale loc)
return
the return value from toString()
see
#toString()
return toString();
public java.lang.String toString()
return
a human-readable version of this identifier
return userID;
static boolean validateCreate(com.imaginary.lwp.Identifier id, BaseEntity ent)
This implementation currently only verifies that the user is authenticated.
return isAuthenticated(id);
static boolean validateRead(com.imaginary.lwp.Identifier id, BaseEntity ent)
return isAuthenticated(id);
static boolean validateRemove(com.imaginary.lwp.Identifier id, BaseEntity ent)
This implementation currently only verifies that the user is authenticated.
return isAuthenticated(id);
static boolean validateStore(com.imaginary.lwp.Identifier id, BaseEntity ent)
This implementation currently only verifies that the user is authenticated.
return isAuthenticated(id);