org.apache.jetspeed.security.spi.impl
Class LdapSecurityMappingHandler

java.lang.Object
  extended byorg.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandler
All Implemented Interfaces:
SecurityMappingHandler

public class LdapSecurityMappingHandler
extends Object
implements SecurityMappingHandler

Author:
Mike Long
David Le Strat
See Also:
SecurityMappingHandler

Field Summary
private  LdapPrincipalDao groupDao
           
private  HierarchyResolver groupHierarchyResolver
          The group hierarchy resolver.
private static org.apache.commons.logging.Log LOG
          The logger.
private  HierarchyResolver roleHierarchyResolver
          The role hierarchy resolver.
private  LdapUserPrincipalDao userDao
           
 
Constructor Summary
LdapSecurityMappingHandler()
           
LdapSecurityMappingHandler(LdapUserPrincipalDao userDao, LdapPrincipalDao groupDao)
           
 
Method Summary
private  void addGroupToUser(String username, String groupFullPathName)
           
private  void createResolvedGroupPrincipalSet(String username, Set groupPrincipals, String[] groups, int i)
           
private  org.apache.jetspeed.security.GroupPrincipal getGroup(String uid)
           
 HierarchyResolver getGroupHierarchyResolver()
           Gets the HierarchyResolver to be used for resolving group hierarchy.
 Set getGroupPrincipals(String userPrincipalUid)
          This method returns the set of group principals associated with a user.
 Set getGroupPrincipalsInRole(String roleFullPathName)
           Gets the group principals for the given role according to the relevant hierarchy resolution rules.
 HierarchyResolver getRoleHierarchyResolver()
           Gets the HierarchyResolver to be used for resolving role hierarchy.
 Set getRolePrincipals(String username)
           Gets the role principals for the given user according to the relevant hierarchy resolution rules.
 Set getRolePrincipalsInGroup(String groupFullPathName)
           Gets the role principals for the given group according to the relevant hierarchy resolution rules.
private  org.apache.jetspeed.security.UserPrincipal getUser(String uid)
           
private  void getUserPrincipalsInGroup(Set userPrincipals, String[] fullPaths)
           Gets the user principals in groups.
 Set getUserPrincipalsInGroup(String groupFullPathName)
           This method is the analog of the getGroupPrincipals except it returns the set of user principals in a group.
 Set getUserPrincipalsInRole(String roleFullPathName)
           Gets the user principals for the given role according to the relevant hierarchy resolution rules.
 void removeRolePrincipal(String username, String roleFullPathName)
           Removes the role principal on a given user.
 void removeRolePrincipalInGroup(String groupFullPathName, String roleFullPathName)
           Removes the role principal on a given user.
private  void removeUserFromGroup(String username, String groupFullPathName)
           
 void removeUserPrincipalInGroup(String username, String groupFullPathName)
           Removes the user principal from the given group.
 void setGroupHierarchyResolver(HierarchyResolver groupHierarchyResolver)
           Sets the HierarchyResolver used for resolving group hierarchy.
 void setRoleHierarchyResolver(HierarchyResolver roleHierarchyResolver)
           Sets the HierarchyResolver to be used for resolving role hierachy.
 void setRolePrincipal(String username, String roleFullPathName)
           Sets the role principal on a given user.
 void setRolePrincipalInGroup(String groupFullPathName, String roleFullPathName)
           Sets the role principal on a given user.
 void setUserPrincipalInGroup(String username, String groupFullPathName)
           Sets the user principal in the given group.
private  void verifyUserAndGroupExist(String username, String groupFullPathName)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

userDao

private LdapUserPrincipalDao userDao

groupDao

private LdapPrincipalDao groupDao

LOG

private static final org.apache.commons.logging.Log LOG
The logger.


roleHierarchyResolver

private HierarchyResolver roleHierarchyResolver
The role hierarchy resolver.


groupHierarchyResolver

private HierarchyResolver groupHierarchyResolver
The group hierarchy resolver.

Constructor Detail

LdapSecurityMappingHandler

public LdapSecurityMappingHandler(LdapUserPrincipalDao userDao,
                                  LdapPrincipalDao groupDao)
Parameters:
userDao -
groupDao -

LdapSecurityMappingHandler

public LdapSecurityMappingHandler()
                           throws org.apache.jetspeed.security.SecurityException,
                                  NamingException
Throws:
NamingException - A NamingException.
org.apache.jetspeed.security.SecurityException - A SecurityException.
Method Detail

getRoleHierarchyResolver

public HierarchyResolver getRoleHierarchyResolver()
Description copied from interface: SecurityMappingHandler

Gets the HierarchyResolver to be used for resolving role hierarchy.

Specified by:
getRoleHierarchyResolver in interface SecurityMappingHandler
Returns:
The role HierarchyResolver.
See Also:
SecurityMappingHandler.getRoleHierarchyResolver()

setRoleHierarchyResolver

public void setRoleHierarchyResolver(HierarchyResolver roleHierarchyResolver)
Description copied from interface: SecurityMappingHandler

Sets the HierarchyResolver to be used for resolving role hierachy.

Specified by:
setRoleHierarchyResolver in interface SecurityMappingHandler
Parameters:
roleHierarchyResolver - The role HierarchyResolver.
See Also:
SecurityMappingHandler.setRoleHierarchyResolver(org.apache.jetspeed.security.HierarchyResolver)

getGroupHierarchyResolver

public HierarchyResolver getGroupHierarchyResolver()
Description copied from interface: SecurityMappingHandler

Gets the HierarchyResolver to be used for resolving group hierarchy.

Specified by:
getGroupHierarchyResolver in interface SecurityMappingHandler
Returns:
Returns the groupHierarchyResolver.

setGroupHierarchyResolver

public void setGroupHierarchyResolver(HierarchyResolver groupHierarchyResolver)
Description copied from interface: SecurityMappingHandler

Sets the HierarchyResolver used for resolving group hierarchy.

Specified by:
setGroupHierarchyResolver in interface SecurityMappingHandler
Parameters:
groupHierarchyResolver - The group HierarchyResolver.
See Also:
SecurityMappingHandler.setGroupHierarchyResolver(org.apache.jetspeed.security.HierarchyResolver)

getRolePrincipals

public Set getRolePrincipals(String username)
Description copied from interface: SecurityMappingHandler

Gets the role principals for the given user according to the relevant hierarchy resolution rules.

Specified by:
getRolePrincipals in interface SecurityMappingHandler
Parameters:
username - The user name.
Returns:
A set of Principal

See Also:
SecurityMappingHandler.getRolePrincipals(java.lang.String)

setRolePrincipal

public void setRolePrincipal(String username,
                             String roleFullPathName)
                      throws org.apache.jetspeed.security.SecurityException
Description copied from interface: SecurityMappingHandler

Sets the role principal on a given user. Existence of the role or the user must be checked prior to invoking this method. If a principal does not exist in the security mapping store, it will be created for the purpose of security mapping only.

Specified by:
setRolePrincipal in interface SecurityMappingHandler
Parameters:
username - The user to add the role principal to.
roleFullPathName - The full path of the role principal to add.
Throws:
org.apache.jetspeed.security.SecurityException - Throws a SecurityException. An exeption needs to be thrown if the user does not exist.
See Also:
SecurityMappingHandler.setRolePrincipal(java.lang.String, java.lang.String)

removeRolePrincipal

public void removeRolePrincipal(String username,
                                String roleFullPathName)
                         throws org.apache.jetspeed.security.SecurityException
Description copied from interface: SecurityMappingHandler

Removes the role principal on a given user.

If a mapping only record does not have any mapping, this method will remove the record as well.

Specified by:
removeRolePrincipal in interface SecurityMappingHandler
Parameters:
username - The user to remove the role principal from.
roleFullPathName - The full path of the role principal to remove.
Throws:
org.apache.jetspeed.security.SecurityException - Throws a SecurityException. An exeption needs to be thrown if the user does not exist.
See Also:
SecurityMappingHandler.removeRolePrincipal(java.lang.String, java.lang.String)

getRolePrincipalsInGroup

public Set getRolePrincipalsInGroup(String groupFullPathName)
Description copied from interface: SecurityMappingHandler

Gets the role principals for the given group according to the relevant hierarchy resolution rules.

Specified by:
getRolePrincipalsInGroup in interface SecurityMappingHandler
Parameters:
groupFullPathName - The group full path name.
Returns:
A set of Principal

See Also:
SecurityMappingHandler.getRolePrincipalsInGroup(java.lang.String)

setRolePrincipalInGroup

public void setRolePrincipalInGroup(String groupFullPathName,
                                    String roleFullPathName)
                             throws org.apache.jetspeed.security.SecurityException
Description copied from interface: SecurityMappingHandler

Sets the role principal on a given user.

Specified by:
setRolePrincipalInGroup in interface SecurityMappingHandler
Parameters:
groupFullPathName - The group to add the role principal to.
roleFullPathName - The full path of the role principal to add.
Throws:
org.apache.jetspeed.security.SecurityException - Throws a SecurityException. An exeption needs to be thrown if the group does not exist.
See Also:
SecurityMappingHandler.setRolePrincipalInGroup(java.lang.String, java.lang.String)

removeRolePrincipalInGroup

public void removeRolePrincipalInGroup(String groupFullPathName,
                                       String roleFullPathName)
                                throws org.apache.jetspeed.security.SecurityException
Description copied from interface: SecurityMappingHandler

Removes the role principal on a given user.

Specified by:
removeRolePrincipalInGroup in interface SecurityMappingHandler
Parameters:
groupFullPathName - The group to remove the role principal from.
roleFullPathName - The full path of the role principal to remove.
Throws:
org.apache.jetspeed.security.SecurityException - Throws a SecurityException. An exeption needs to be thrown if the group does not exist.
See Also:
SecurityMappingHandler.removeRolePrincipalInGroup(java.lang.String, java.lang.String)

getGroupPrincipals

public Set getGroupPrincipals(String userPrincipalUid)
This method returns the set of group principals associated with a user.

Specified by:
getGroupPrincipals in interface SecurityMappingHandler
Parameters:
userPrincipalUid - The user name.
Returns:
A set of GroupPrincipal

See Also:
SecurityMappingHandler.getGroupPrincipals(java.lang.String)

getGroupPrincipalsInRole

public Set getGroupPrincipalsInRole(String roleFullPathName)
Description copied from interface: SecurityMappingHandler

Gets the group principals for the given role according to the relevant hierarchy resolution rules.

Specified by:
getGroupPrincipalsInRole in interface SecurityMappingHandler
Parameters:
roleFullPathName - The role full path name.
Returns:
A set of Principal

See Also:
SecurityMappingHandler.getGroupPrincipalsInRole(java.lang.String)

getUserPrincipalsInRole

public Set getUserPrincipalsInRole(String roleFullPathName)
Description copied from interface: SecurityMappingHandler

Gets the user principals for the given role according to the relevant hierarchy resolution rules.

Specified by:
getUserPrincipalsInRole in interface SecurityMappingHandler
Parameters:
roleFullPathName - The role full path name.
Returns:
A set of Principal

See Also:
SecurityMappingHandler.getUserPrincipalsInRole(java.lang.String)

getUserPrincipalsInGroup

public Set getUserPrincipalsInGroup(String groupFullPathName)

This method is the analog of the getGroupPrincipals except it returns the set of user principals in a group.

Specified by:
getUserPrincipalsInGroup in interface SecurityMappingHandler
Parameters:
groupFullPathName - The group full path name.
Returns:
A set of Principal

See Also:
SecurityMappingHandler.getUserPrincipalsInGroup(java.lang.String)

getUserPrincipalsInGroup

private void getUserPrincipalsInGroup(Set userPrincipals,
                                      String[] fullPaths)
                               throws org.apache.jetspeed.security.SecurityException

Gets the user principals in groups.

Parameters:
userPrincipals -
fullPaths -
Throws:
org.apache.jetspeed.security.SecurityException - A SecurityException.

setUserPrincipalInGroup

public void setUserPrincipalInGroup(String username,
                                    String groupFullPathName)
                             throws org.apache.jetspeed.security.SecurityException
Description copied from interface: SecurityMappingHandler

Sets the user principal in the given group.

Existence of the group or the user must be checked prior to invoking this method. If a principal does not exist in the security mapping store, it will be created for the purpose of security mapping only.

Specified by:
setUserPrincipalInGroup in interface SecurityMappingHandler
Parameters:
username - The user to add to the group principal.
groupFullPathName - The full path of the group principal.
Throws:
org.apache.jetspeed.security.SecurityException - Throws a SecurityException. An exeption needs to be thrown if the user does not exist.
See Also:
SecurityMappingHandler.setUserPrincipalInGroup(java.lang.String, java.lang.String)

removeUserPrincipalInGroup

public void removeUserPrincipalInGroup(String username,
                                       String groupFullPathName)
                                throws org.apache.jetspeed.security.SecurityException
Description copied from interface: SecurityMappingHandler

Removes the user principal from the given group.

Specified by:
removeUserPrincipalInGroup in interface SecurityMappingHandler
Parameters:
username - The user to remove from the group principal.
groupFullPathName - The full path of the group principal.
Throws:
org.apache.jetspeed.security.SecurityException - Throws a SecurityException. An exeption needs to be thrown if the user does not exist.
See Also:
SecurityMappingHandler.removeUserPrincipalInGroup(java.lang.String, java.lang.String)

verifyUserAndGroupExist

private void verifyUserAndGroupExist(String username,
                                     String groupFullPathName)
                              throws org.apache.jetspeed.security.SecurityException
Parameters:
username -
groupFullPathName -
Throws:
org.apache.jetspeed.security.SecurityException

createResolvedGroupPrincipalSet

private void createResolvedGroupPrincipalSet(String username,
                                             Set groupPrincipals,
                                             String[] groups,
                                             int i)
Parameters:
username -
groupPrincipals -
groups -
i -

removeUserFromGroup

private void removeUserFromGroup(String username,
                                 String groupFullPathName)
                          throws org.apache.jetspeed.security.SecurityException
Parameters:
username -
groupFullPathName -
Throws:
org.apache.jetspeed.security.SecurityException

getUser

private org.apache.jetspeed.security.UserPrincipal getUser(String uid)
                                                    throws org.apache.jetspeed.security.SecurityException
Parameters:
uid -
Returns:
Throws:
org.apache.jetspeed.security.SecurityException - A SecurityException.

getGroup

private org.apache.jetspeed.security.GroupPrincipal getGroup(String uid)
                                                      throws org.apache.jetspeed.security.SecurityException
Parameters:
uid -
Returns:
Throws:
org.apache.jetspeed.security.SecurityException - A SecurityException.

addGroupToUser

private void addGroupToUser(String username,
                            String groupFullPathName)
                     throws org.apache.jetspeed.security.SecurityException
Parameters:
username -
groupFullPathName -
Throws:
org.apache.jetspeed.security.SecurityException - A SecurityException.


Copyright © 1999-2005 Apache Software Foundation. All Rights Reserved.