mirror of
				https://github.com/Alfresco/alfresco-community-repo.git
				synced 2025-10-15 15:02:20 +00:00 
			
		
		
		
	git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@5186 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
		
			
				
	
	
		
			512 lines
		
	
	
		
			13 KiB
		
	
	
	
		
			Java
		
	
	
	
	
	
			
		
		
	
	
			512 lines
		
	
	
		
			13 KiB
		
	
	
	
		
			Java
		
	
	
	
	
	
| /*
 | |
|  * Copyright (C) 2005-2007 Alfresco Software Limited.
 | |
|  *
 | |
|  * This program is free software; you can redistribute it and/or
 | |
|  * modify it under the terms of the GNU General Public License
 | |
|  * as published by the Free Software Foundation; either version 2
 | |
|  * of the License, or (at your option) any later version.
 | |
| 
 | |
|  * This program is distributed in the hope that it will be useful,
 | |
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of
 | |
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 | |
|  * GNU General Public License for more details.
 | |
| 
 | |
|  * You should have received a copy of the GNU General Public License
 | |
|  * along with this program; if not, write to the Free Software
 | |
|  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 | |
| 
 | |
|  * As a special exception to the terms and conditions of version 2.0 of 
 | |
|  * the GPL, you may redistribute this Program in connection with Free/Libre 
 | |
|  * and Open Source Software ("FLOSS") applications as described in Alfresco's 
 | |
|  * FLOSS exception.  You should have recieved a copy of the text describing 
 | |
|  * the FLOSS exception, and it is also available here: 
 | |
|  * http://www.alfresco.com/legal/licensing"
 | |
|  */
 | |
| package org.alfresco.repo.security.authentication;
 | |
| 
 | |
| import java.util.Date;
 | |
| 
 | |
| import net.sf.acegisecurity.UserDetails;
 | |
| import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;
 | |
| 
 | |
| import org.alfresco.error.AlfrescoRuntimeException;
 | |
| import org.springframework.dao.DataAccessException;
 | |
| 
 | |
| /**
 | |
|  * An authority DAO that has no implementation.
 | |
|  * 
 | |
|  * By default it will throw an exception if any method is called.
 | |
|  * 
 | |
|  * Any of the getter/setter methods can be enabled with a no action implementation.
 | |
|  * 
 | |
|  * This can support deleting users via the UI for LDAP and NTLM. The Alfresco person object is deleted from the UI.
 | |
|  * The call to delete the user will return with no action. 
 | |
|  * 
 | |
|  * The following methods will always fail.
 | |
|  * 
 | |
|  * getMD4HashedPassword(String userName)
 | |
|  * loadUserByUsername(String arg0) 
 | |
|  * getSalt(UserDetails user)
 | |
|  * 
 | |
|  * @author Andy Hind
 | |
|  */
 | |
| public class DefaultMutableAuthenticationDao implements MutableAuthenticationDao
 | |
| {
 | |
|     private boolean allowCreateUser = false;
 | |
| 
 | |
|     private boolean allowUpdateUser = false;
 | |
| 
 | |
|     private boolean allowDeleteUser = false;
 | |
| 
 | |
|     private boolean allowSetEnabled = false;
 | |
| 
 | |
|     private boolean allowGetEnabled = false;
 | |
| 
 | |
|     private boolean allowSetAccountExpires = false;
 | |
| 
 | |
|     private boolean allowGetAccountHasExpired = false;
 | |
| 
 | |
|     private boolean allowSetCredentialsExpire = false;
 | |
| 
 | |
|     private boolean allowGetCredentialsExpire = false;
 | |
| 
 | |
|     private boolean allowGetCredentialsHaveExpired = false;
 | |
| 
 | |
|     private boolean allowSetAccountLocked = false;
 | |
| 
 | |
|     private boolean allowGetAccountLocked = false;
 | |
| 
 | |
|     private boolean allowSetAccountExpiryDate = false;
 | |
| 
 | |
|     private boolean allowGetAccountExpiryDate = false;
 | |
| 
 | |
|     private boolean allowSetCredentialsExpiryDate = false;
 | |
| 
 | |
|     private boolean allowGetCredentialsExpiryDate = false;
 | |
|     
 | |
|     /**
 | |
|      * Create a user with the given userName and password
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @param rawPassword
 | |
|      * @throws AuthenticationException
 | |
|      */
 | |
|     public void createUser(String userName, char[] rawPassword) throws AuthenticationException
 | |
|     {
 | |
|         if (!allowCreateUser)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Create User is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Update a user's password.
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @param rawPassword
 | |
|      * @throws AuthenticationException
 | |
|      */
 | |
|     public void updateUser(String userName, char[] rawPassword) throws AuthenticationException
 | |
|     {
 | |
|         if (!allowUpdateUser)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Update user is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Delete a user.
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @throws AuthenticationException
 | |
|      */
 | |
|     public void deleteUser(String userName) throws AuthenticationException
 | |
|     {
 | |
|         if (!allowDeleteUser)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Delete user is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Check is a user exists.
 | |
|      * 
 | |
|      * If enabled returns true.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public boolean userExists(String userName)
 | |
|     {
 | |
|         // All users may exist
 | |
|         return true;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Enable/disable a user.
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @param enabled
 | |
|      */
 | |
|     public void setEnabled(String userName, boolean enabled)
 | |
|     {
 | |
|         if (!allowSetEnabled)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Set enabled is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Getter for user enabled
 | |
|      * 
 | |
|      * If enabled returns true.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public boolean getEnabled(String userName)
 | |
|     {
 | |
|         if (!allowGetEnabled)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Get enabled is not supported");
 | |
|         }
 | |
|         return true;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Set if the account should expire
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @param expires
 | |
|      */
 | |
|     public void setAccountExpires(String userName, boolean expires)
 | |
|     {
 | |
|         if (!allowSetAccountExpires)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Set account expires is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Does the account expire?
 | |
|      * 
 | |
|      * If enabled returns false.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
| 
 | |
|     public boolean getAccountExpires(String userName)
 | |
|     {
 | |
|         if (!allowSetAccountExpires)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Get account expires is not supported");
 | |
|         }
 | |
|         return false;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Has the account expired?
 | |
|      * 
 | |
|      * If enabled returns false.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public boolean getAccountHasExpired(String userName)
 | |
|     {
 | |
|         if (!allowGetAccountHasExpired)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Get account has expired is not supported");
 | |
|         }
 | |
|         return false;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Set if the password expires.
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @param expires
 | |
|      */
 | |
|     public void setCredentialsExpire(String userName, boolean expires)
 | |
|     {
 | |
|         if (!allowSetCredentialsExpire)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Set credentials expire is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Do the credentials for the user expire?
 | |
|      * 
 | |
|      * If enabled returns false.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public boolean getCredentialsExpire(String userName)
 | |
|     {
 | |
|         if (!allowGetCredentialsExpire)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Get credentials expire is not supported");
 | |
|         }
 | |
|         return false;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Have the credentials for the user expired?
 | |
|      * 
 | |
|      * If enabled returns false.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public boolean getCredentialsHaveExpired(String userName)
 | |
|     {
 | |
|         if (!allowGetCredentialsHaveExpired)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Get credentials have expired is not supported");
 | |
|         }
 | |
|         return false;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Set if the account is locked.
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @param locked
 | |
|      */
 | |
|     public void setLocked(String userName, boolean locked)
 | |
|     {
 | |
|         if (!allowSetAccountLocked)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Set account locked is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Is the account locked?
 | |
|      * 
 | |
|      * If enabled returns false.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public boolean getAccountlocked(String userName)
 | |
|     {
 | |
|         if (!allowGetAccountLocked)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Get account locked is not supported");
 | |
|         }
 | |
|         return false;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Set the date on which the account expires
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @param exipryDate
 | |
|      */
 | |
|     public void setAccountExpiryDate(String userName, Date exipryDate)
 | |
|     {
 | |
|         if (!allowSetAccountExpiryDate)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Set account expiry date is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Get the date when this account expires.
 | |
|      * 
 | |
|      * If enabled returns null.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public Date getAccountExpiryDate(String userName)
 | |
|     {
 | |
|         if (!allowGetAccountExpiryDate)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Get account expiry date is not supported");
 | |
|         }
 | |
|         return null;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Set the date when credentials expire.
 | |
|      * 
 | |
|      * If enabled does nothing.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @param exipryDate
 | |
|      */
 | |
|     public void setCredentialsExpiryDate(String userName, Date exipryDate)
 | |
|     {
 | |
|         if (!allowSetCredentialsExpiryDate)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Set credentials expiry date is not supported");
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Get the date when the credentials/password expire.
 | |
|      * 
 | |
|      * If enabled returns null.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public Date getCredentialsExpiryDate(String userName)
 | |
|     {
 | |
|         if (!allowGetCredentialsExpiryDate)
 | |
|         {
 | |
|             throw new AlfrescoRuntimeException("Get credentials expiry date is not supported");
 | |
|         }
 | |
|         return null;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Get the MD4 password hash
 | |
|      * 
 | |
|      * Always throws an exception.
 | |
|      * 
 | |
|      * @param userName
 | |
|      * @return
 | |
|      */
 | |
|     public String getMD4HashedPassword(String userName)
 | |
|     {
 | |
|         throw new AlfrescoRuntimeException("Not implemented");
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Return the user details for the specified user
 | |
|      * 
 | |
|      *  Always throws an exception.
 | |
|      * 
 | |
|      * @param user
 | |
|      *            String
 | |
|      * @return UserDetails
 | |
|      * @exception UsernameNotFoundException
 | |
|      * @exception DataAccessException
 | |
|      */
 | |
|     public UserDetails loadUserByUsername(String arg0) throws UsernameNotFoundException, DataAccessException
 | |
|     {
 | |
|         throw new AlfrescoRuntimeException("Not implemented");
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Return salt for user
 | |
|      * 
 | |
|      * Always throws an exception.
 | |
|      * 
 | |
|      * @param user
 | |
|      *            UserDetails
 | |
|      * @return Object
 | |
|      */
 | |
|     public Object getSalt(UserDetails user)
 | |
|     {
 | |
|         throw new AlfrescoRuntimeException("Not implemented");
 | |
|     }
 | |
| 
 | |
|     
 | |
|     // -------- //
 | |
|     // Bean IOC //
 | |
|     // -------- //
 | |
|     
 | |
|     public void setAllowCreateUser(boolean allowCreateUser)
 | |
|     {
 | |
|         this.allowCreateUser = allowCreateUser;
 | |
|     }
 | |
| 
 | |
|     public void setAllowDeleteUser(boolean allowDeleteUser)
 | |
|     {
 | |
|         this.allowDeleteUser = allowDeleteUser;
 | |
|     }
 | |
| 
 | |
|     public void setAllowGetAccountExpiryDate(boolean allowGetAccountExpiryDate)
 | |
|     {
 | |
|         this.allowGetAccountExpiryDate = allowGetAccountExpiryDate;
 | |
|     }
 | |
| 
 | |
|     public void setAllowGetAccountHasExpired(boolean allowGetAccountHasExpired)
 | |
|     {
 | |
|         this.allowGetAccountHasExpired = allowGetAccountHasExpired;
 | |
|     }
 | |
| 
 | |
|     public void setAllowGetAccountLocked(boolean allowGetAccountLocked)
 | |
|     {
 | |
|         this.allowGetAccountLocked = allowGetAccountLocked;
 | |
|     }
 | |
| 
 | |
|     public void setAllowGetCredentialsExpire(boolean allowGetCredentialsExpire)
 | |
|     {
 | |
|         this.allowGetCredentialsExpire = allowGetCredentialsExpire;
 | |
|     }
 | |
| 
 | |
|     public void setAllowGetCredentialsExpiryDate(boolean allowGetCredentialsExpiryDate)
 | |
|     {
 | |
|         this.allowGetCredentialsExpiryDate = allowGetCredentialsExpiryDate;
 | |
|     }
 | |
| 
 | |
|     public void setAllowGetCredentialsHaveExpired(boolean allowGetCredentialsHaveExpired)
 | |
|     {
 | |
|         this.allowGetCredentialsHaveExpired = allowGetCredentialsHaveExpired;
 | |
|     }
 | |
| 
 | |
|     public void setAllowGetEnabled(boolean allowGetEnabled)
 | |
|     {
 | |
|         this.allowGetEnabled = allowGetEnabled;
 | |
|     }
 | |
| 
 | |
|     public void setAllowSetAccountExpires(boolean allowSetAccountExpires)
 | |
|     {
 | |
|         this.allowSetAccountExpires = allowSetAccountExpires;
 | |
|     }
 | |
| 
 | |
|     public void setAllowSetAccountExpiryDate(boolean allowSetAccountExpiryDate)
 | |
|     {
 | |
|         this.allowSetAccountExpiryDate = allowSetAccountExpiryDate;
 | |
|     }
 | |
| 
 | |
|     public void setAllowSetAccountLocked(boolean allowSetAccountLocked)
 | |
|     {
 | |
|         this.allowSetAccountLocked = allowSetAccountLocked;
 | |
|     }
 | |
| 
 | |
|     public void setAllowSetCredentialsExpire(boolean allowSetCredentialsExpire)
 | |
|     {
 | |
|         this.allowSetCredentialsExpire = allowSetCredentialsExpire;
 | |
|     }
 | |
| 
 | |
|     public void setAllowSetCredentialsExpiryDate(boolean allowSetCredentialsExpiryDate)
 | |
|     {
 | |
|         this.allowSetCredentialsExpiryDate = allowSetCredentialsExpiryDate;
 | |
|     }
 | |
| 
 | |
|     public void setAllowSetEnabled(boolean allowSetEnabled)
 | |
|     {
 | |
|         this.allowSetEnabled = allowSetEnabled;
 | |
|     }
 | |
| 
 | |
|     public void setAllowUpdateUser(boolean allowUpdateUser)
 | |
|     {
 | |
|         this.allowUpdateUser = allowUpdateUser;
 | |
|     }
 | |
| }
 |