FileDocCategorySizeDatePackage
SimpleSecurityProvider.javaAPI DocApache Axis 1.44809Sat Apr 22 18:57:26 BST 2006org.apache.axis.security.simple

SimpleSecurityProvider

public class SimpleSecurityProvider extends Object implements org.apache.axis.security.SecurityProvider
SimpleSecurityProvider
author
Glen Daniels (gdaniels@apache.org)

Fields Summary
protected static Log
log
HashMap
users
HashMap
perms
boolean
initialized
Constructors Summary
Methods Summary
public org.apache.axis.security.AuthenticatedUserauthenticate(org.apache.axis.MessageContext msgContext)
Authenticate a user from a username/password pair.

param
username the user name to check
param
password the password to check
return
an AuthenticatedUser or null


        if (!initialized) {
            initialize(msgContext);
        }

        String username = msgContext.getUsername();
        String password = msgContext.getPassword();

        if (users != null) {
            if (log.isDebugEnabled()) {
                log.debug( Messages.getMessage("user00", username) );
            }

            // in order to authenticate, the user must exist
            if ( username == null ||
                 username.equals("") ||
                 !users.containsKey(username) )
                return null;

            String valid = (String) users.get(username);

            if (log.isDebugEnabled()) {
                log.debug( Messages.getMessage("password00", password) );
            }

            // if a password is defined, then it must match
            if ( valid.length()>0 && !valid.equals(password) )
                return null;

            if (log.isDebugEnabled()) {
                log.debug( Messages.getMessage("auth00", username) );
            }

            return new SimpleAuthenticatedUser(username);
        }

        return null;
private synchronized voidinitialize(org.apache.axis.MessageContext msgContext)


    // load the users list
        
    
        if (initialized) return;

        String configPath = msgContext.getStrProp(Constants.MC_CONFIGPATH);
        if (configPath == null) {
            configPath = "";
        } else {
            configPath += File.separator;
        }
        File userFile = new File(configPath + "users.lst");
        if (userFile.exists()) {
            users = new HashMap();

            try {

                FileReader        fr   = new FileReader( userFile );
                LineNumberReader  lnr  = new LineNumberReader( fr );
                String            line = null ;

                // parse lines into user and passwd tokens and add result to hash table
                while ( (line = lnr.readLine()) != null ) {
                    StringTokenizer  st = new StringTokenizer( line );
                    if ( st.hasMoreTokens() ) {
                        String userID = st.nextToken();
                        String passwd = (st.hasMoreTokens()) ? st.nextToken() : "";

                        if (log.isDebugEnabled()) {
                            log.debug( Messages.getMessage("fromFile00", 
                                userID, passwd) );
                        }

                        users.put(userID, passwd);
                    }
                }

                lnr.close();

            } catch( Exception e ) {
                log.error( Messages.getMessage("exception00"), e );
                return;
            }
        }
        initialized = true;
public booleanuserMatches(org.apache.axis.security.AuthenticatedUser user, java.lang.String principal)
See if a user matches a principal name. The name might be a user or a group.

return
true if the user matches the passed name

        if (user == null) return principal == null;
        return user.getName().compareToIgnoreCase(principal) == 0;