Package com.netscape.cms.authentication
Class FlatFileAuth
- java.lang.Object
-
- com.netscape.cms.authentication.FlatFileAuth
-
- All Implemented Interfaces:
IExtendedPluginInfo
,IProfileAuthenticator
,IAuthManager
public class FlatFileAuth extends java.lang.Object implements IProfileAuthenticator, IExtendedPluginInfo
This represents the authentication manager that authenticates user against a file where id, and password are stored.- Version:
- $Revision$, $Date$
-
-
Field Summary
Fields Modifier and Type Field Description protected java.util.Hashtable<java.lang.String,java.util.Hashtable<java.lang.String,java.lang.String>>
entries
Hashtable of entries from Auth File.protected java.lang.String
FFAUTH
static org.slf4j.Logger
logger
protected java.lang.String
mAuthAttrs
protected AuthManagerConfig
mConfig
configuration storeprotected static java.lang.String[]
mConfigParams
protected boolean
mDeferOnFailure
protected long
mFileLastRead
protected java.lang.String
mFilename
protected java.lang.String
mImplName
name of the authentication manager pluginprotected java.lang.String
mKeyAttributes
protected java.lang.String
mName
name of this authentication manager instanceprotected static java.lang.String
PROP_AUTHATTRS
protected static java.lang.String
PROP_DEFERONFAILURE
protected static java.lang.String
PROP_FILENAME
protected static java.lang.String
PROP_KEYATTRIBUTES
-
Fields inherited from interface org.dogtagpki.server.authentication.IAuthManager
CRED_CERT_SERIAL_TO_REVOKE, CRED_CMC_SELF_SIGNED, CRED_CMC_SIGNING_CERT, CRED_HOST_NAME, CRED_SESSION_ID, CRED_SSL_CLIENT_CERT
-
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
-
Fields inherited from interface com.netscape.cms.profile.IProfileAuthenticator
AUTHENTICATED_NAME
-
-
Constructor Summary
Constructors Constructor Description FlatFileAuth()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description IAuthToken
authenticate(IAuthCredentials authCred)
Authenticate the requestjava.lang.String[]
getConfigParams()
Returns a list of configuration parameters, so the console can prompt the user when configuring.AuthManagerConfig
getConfigStore()
Returns the configuration store used by this authentication managerjava.lang.String[]
getExtendedPluginInfo(java.util.Locale locale)
This method returns an array of strings.java.lang.String
getImplName()
Get name of authentication manager plugin.java.lang.String
getName()
Get the name of this authentication manager instance.java.lang.String
getName(java.util.Locale locale)
Retrieves the localizable name of this policy.protected boolean
getPropertyB(java.lang.String propertyName, boolean b)
Get the named property, If the property is not set, use b as the default, and create a new value for the property in the config file.protected java.lang.String
getPropertyS(java.lang.String propertyName, java.lang.String s)
Get the named property If the property is not set, use s as the default, and create a new value for the property in the config file.java.lang.String[]
getRequiredCreds()
Return a list of HTTP parameters which will be taken from the request posting and placed into the AuthCredentials block Note that this method will not be called until after the init() method is calledjava.lang.String
getText(java.util.Locale locale)
Retrieves the localizable description of this policy.IDescriptor
getValueDescriptor(java.util.Locale locale, java.lang.String name)
Retrieves the descriptor of the given value property by name.java.util.Enumeration<java.lang.String>
getValueNames()
Retrieves a list of names of the value parameter.void
init(Profile profile, IConfigStore config)
Initializes this default policy.void
init(java.lang.String name, java.lang.String implName, AuthManagerConfig config)
Initialize this authentication manager.boolean
isSSLClientRequired()
Checks if this authenticator requires SSL client authentication.boolean
isValueWriteable(java.lang.String name)
Checks if the value of the given property should be serializable into the request.void
populate(IAuthToken token, IRequest request)
Populates authentication specific information into the request for auditing purposes.protected java.util.Hashtable<java.lang.String,java.util.Hashtable<java.lang.String,java.lang.String>>
readFile(java.io.File f, java.lang.String[] keys)
Read a file with the following format:void
shutdown()
Prepare this authentication manager for a shutdown.java.lang.String[]
unionOfStrings(java.lang.String[][] stringArrays)
Return a string array which is the union of all the string arrays passed in.
-
-
-
Field Detail
-
logger
public static org.slf4j.Logger logger
-
PROP_FILENAME
protected static final java.lang.String PROP_FILENAME
- See Also:
- Constant Field Values
-
PROP_KEYATTRIBUTES
protected static final java.lang.String PROP_KEYATTRIBUTES
- See Also:
- Constant Field Values
-
PROP_AUTHATTRS
protected static final java.lang.String PROP_AUTHATTRS
- See Also:
- Constant Field Values
-
PROP_DEFERONFAILURE
protected static final java.lang.String PROP_DEFERONFAILURE
- See Also:
- Constant Field Values
-
mFilename
protected java.lang.String mFilename
-
mFileLastRead
protected long mFileLastRead
-
mKeyAttributes
protected java.lang.String mKeyAttributes
-
mAuthAttrs
protected java.lang.String mAuthAttrs
-
mDeferOnFailure
protected boolean mDeferOnFailure
-
mConfigParams
protected static java.lang.String[] mConfigParams
-
mName
protected java.lang.String mName
name of this authentication manager instance
-
FFAUTH
protected java.lang.String FFAUTH
-
mImplName
protected java.lang.String mImplName
name of the authentication manager plugin
-
mConfig
protected AuthManagerConfig mConfig
configuration store
-
entries
protected java.util.Hashtable<java.lang.String,java.util.Hashtable<java.lang.String,java.lang.String>> entries
Hashtable of entries from Auth File. Hash index is the concatenation of the attributes from matchAttributes property
-
-
Method Detail
-
getExtendedPluginInfo
public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
Description copied from interface:IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name; [,required]; ;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use" - Specified by:
getExtendedPluginInfo
in interfaceIExtendedPluginInfo
-
getPropertyS
protected java.lang.String getPropertyS(java.lang.String propertyName, java.lang.String s) throws EBaseException
Get the named property If the property is not set, use s as the default, and create a new value for the property in the config file.- Parameters:
propertyName
- Property names
- The default value of the property- Throws:
EBaseException
-
isSSLClientRequired
public boolean isSSLClientRequired()
Description copied from interface:IProfileAuthenticator
Checks if this authenticator requires SSL client authentication.- Specified by:
isSSLClientRequired
in interfaceIProfileAuthenticator
- Returns:
- client authentication required or not
-
getPropertyB
protected boolean getPropertyB(java.lang.String propertyName, boolean b) throws EBaseException
Get the named property, If the property is not set, use b as the default, and create a new value for the property in the config file.- Parameters:
propertyName
- Property nameb
- The default value of the property- Throws:
EBaseException
-
init
public void init(java.lang.String name, java.lang.String implName, AuthManagerConfig config) throws EBaseException
Description copied from interface:IAuthManager
Initialize this authentication manager.- Specified by:
init
in interfaceIAuthManager
- Parameters:
name
- The name of this authentication manager instance.implName
- The name of the authentication manager plugin.config
- The configuration store for this authentication manager.- Throws:
EBaseException
- If an initialization error occurred.
-
unionOfStrings
public java.lang.String[] unionOfStrings(java.lang.String[][] stringArrays)
Return a string array which is the union of all the string arrays passed in. The strings are treated as case sensitive
-
readFile
protected java.util.Hashtable<java.lang.String,java.util.Hashtable<java.lang.String,java.lang.String>> readFile(java.io.File f, java.lang.String[] keys) throws java.io.IOException
Read a file with the following format:param1: valuea param2: valueb -blank-line- param1: valuec param2: valued
- Parameters:
f
- The file to readkeys
- The parameters to concat together to form the hash key- Returns:
- a hashtable of hashtables.
- Throws:
java.io.IOException
-
authenticate
public IAuthToken authenticate(IAuthCredentials authCred) throws EMissingCredential, EInvalidCredentials, EBaseException
Authenticate the request- Specified by:
authenticate
in interfaceIAuthManager
- Parameters:
authCred
- The authentication credentials- Returns:
- authentication token
- Throws:
EMissingCredential
- If a required credential for this authentication manager is missing.EInvalidCredentials
- If credentials cannot be authenticated.EBaseException
- If an internal error occurred.
-
getRequiredCreds
public java.lang.String[] getRequiredCreds()
Return a list of HTTP parameters which will be taken from the request posting and placed into the AuthCredentials block Note that this method will not be called until after the init() method is called- Specified by:
getRequiredCreds
in interfaceIAuthManager
- Returns:
- The required credential attributes.
-
getConfigParams
public java.lang.String[] getConfigParams()
Returns a list of configuration parameters, so the console can prompt the user when configuring.- Specified by:
getConfigParams
in interfaceIAuthManager
- Returns:
- a list of configuration parameters.
-
getConfigStore
public AuthManagerConfig getConfigStore()
Returns the configuration store used by this authentication manager- Specified by:
getConfigStore
in interfaceIAuthManager
- Specified by:
getConfigStore
in interfaceIProfileAuthenticator
- Returns:
- configuration store
-
shutdown
public void shutdown()
Description copied from interface:IAuthManager
Prepare this authentication manager for a shutdown. Called when the server is exiting for any cleanup needed.- Specified by:
shutdown
in interfaceIAuthManager
-
getName
public java.lang.String getName()
Description copied from interface:IAuthManager
Get the name of this authentication manager instance.- Specified by:
getName
in interfaceIAuthManager
- Returns:
- the name of this authentication manager.
-
getImplName
public java.lang.String getImplName()
Description copied from interface:IAuthManager
Get name of authentication manager plugin.- Specified by:
getImplName
in interfaceIAuthManager
- Returns:
- the name of the authentication manager plugin.
-
init
public void init(Profile profile, IConfigStore config) throws EProfileException
Description copied from interface:IProfileAuthenticator
Initializes this default policy.- Specified by:
init
in interfaceIProfileAuthenticator
- Parameters:
profile
- owner of this authenticatorconfig
- configuration store- Throws:
EProfileException
- failed to initialize
-
getName
public java.lang.String getName(java.util.Locale locale)
Retrieves the localizable name of this policy.- Specified by:
getName
in interfaceIProfileAuthenticator
- Parameters:
locale
- end user locale- Returns:
- localized authenticator name
-
getValueNames
public java.util.Enumeration<java.lang.String> getValueNames()
Retrieves a list of names of the value parameter.- Specified by:
getValueNames
in interfaceIProfileAuthenticator
- Returns:
- a list of property names
-
isValueWriteable
public boolean isValueWriteable(java.lang.String name)
Description copied from interface:IProfileAuthenticator
Checks if the value of the given property should be serializable into the request. Passsword or other security-related value may not be desirable for storage.- Specified by:
isValueWriteable
in interfaceIProfileAuthenticator
- Parameters:
name
- property name- Returns:
- true if the property is not security related
-
getValueDescriptor
public IDescriptor getValueDescriptor(java.util.Locale locale, java.lang.String name)
Description copied from interface:IProfileAuthenticator
Retrieves the descriptor of the given value property by name.- Specified by:
getValueDescriptor
in interfaceIProfileAuthenticator
- Parameters:
locale
- user localename
- property name- Returns:
- descriptor of the requested property
-
populate
public void populate(IAuthToken token, IRequest request) throws EProfileException
Description copied from interface:IProfileAuthenticator
Populates authentication specific information into the request for auditing purposes.- Specified by:
populate
in interfaceIProfileAuthenticator
- Parameters:
token
- authentication tokenrequest
- request- Throws:
EProfileException
- failed to populate
-
getText
public java.lang.String getText(java.util.Locale locale)
Retrieves the localizable description of this policy.- Specified by:
getText
in interfaceIProfileAuthenticator
- Parameters:
locale
- end user locale- Returns:
- localized authenticator description
-
-