agilermi.authentication

Class StandardRMIAuthenticator

java.lang.Object

agilermi.authentication.StandardRMIAuthenticator

All Implemented Interfaces:

RMIAuthenticator, java.io.Serializable

public class StandardRMIAuthenticator
extends java.lang.Object
implements RMIAuthenticator, java.io.Serializable

Standard authenticator implementation that maintain authentication information in central memory. It stores authentication identifiers and the SHA-1 values of related pass-phrases. It allows to add authorization rules.

Author:

Salvatore Giampa'

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
StandardRMIAuthenticator()

Method Summary

Modifier and Type	Method and Description
void	addRole(java.lang.String authId, java.lang.String role) Add a role to a user
boolean	authenticate(java.net.InetSocketAddress remoteAddress, java.lang.String authId, java.lang.String passphrase) Authenticate a user that established the connection from the given address.
boolean	authorize(java.lang.String authId, java.lang.Object object, java.lang.reflect.Method method) Authorize a user to invoke a specific method on a specific object.
boolean	changePassphrase(java.lang.String authId, java.lang.String passphrase) Change the pass-phrase of a registered authentication identifier
void	createRole(java.lang.String role) Create a new user role
void	deleteRole(java.lang.String role) Delete a user role
boolean	getDefaultAuthorization() Returns the default authorization, that is the default return value of the authorize(String, Object, Method) method when no criterion has been found
boolean	isRegistered(java.lang.String authId) Gets the registration status for the given identifier
static void	main(java.lang.String[] args)
boolean	register(java.lang.String authId, java.lang.String passphrase) Register a new identity
void	removeRole(java.lang.String authId, java.lang.String role) Remove a role from a user
void	setDefaultAuthorization(boolean authorizeByDefault) Sets the default authorization, that is the default return value of the authorize(String, Object, Method) method when no criterion has been found
void	setIdAuthorization(java.lang.String authId, java.lang.Class<?> cls, int authorized) Set class couple authorization for a user
void	setIdAuthorization(java.lang.String authId, java.lang.reflect.Method method, int authorized) Set method couple authorization for a user
void	setIdAuthorization(java.lang.String authId, java.lang.Object object, int authorized) Set object couple authorization for a user
void	setIdAuthorization(java.lang.String authId, java.lang.Object object, java.lang.reflect.Method method, int authorized) Set object-method couple authorization for a user
void	setRoleAuthorization(java.lang.String role, java.lang.Class<?> cls, int authorized) Set class authorization for a role
void	setRoleAuthorization(java.lang.String role, java.lang.reflect.Method method, int authorized) Set method authorization for a role
void	setRoleAuthorization(java.lang.String role, java.lang.Object object, int authorized) Set object authorization for a role
void	setRoleAuthorization(java.lang.String role, java.lang.Object object, java.lang.reflect.Method method, int authorized) Set object-method couple authorization for a role
void	unregister(java.lang.String authId) Unregister an identity.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

StandardRMIAuthenticator

public StandardRMIAuthenticator()

Method Detail

authenticate

public boolean authenticate(java.net.InetSocketAddress remoteAddress,
                            java.lang.String authId,
                            java.lang.String passphrase)

Description copied from interface: RMIAuthenticator

Authenticate a user that established the connection from the given address. This method allows or disallows the RMIRegistry to accept the incoming connection

Specified by:

authenticate in interface RMIAuthenticator

Parameters:

remoteAddress - the address of the remote machine

authId - the authentication identifier of the user

passphrase - the passphrase to use for authentication

Returns:

true if the user has been authenticated successfully, false otherwise.

register

public boolean register(java.lang.String authId,
                        java.lang.String passphrase)

Register a new identity

Parameters:

authId - authentication id

passphrase - authentication pass-phrase

Returns:

true if registration was successful, false if a user with the given identifier was already registered

isRegistered

public boolean isRegistered(java.lang.String authId)

Gets the registration status for the given identifier

Parameters:

authId - the authentication identifier to check

Returns:

true if the identifier was registered, false otherwise

changePassphrase

public boolean changePassphrase(java.lang.String authId,
                                java.lang.String passphrase)

Change the pass-phrase of a registered authentication identifier

Parameters:

authId - authentication identifier

passphrase - new pass-phrase

Returns:

true if operation was successful, false if the user is not registered or the hash algorithm is not available

unregister

public void unregister(java.lang.String authId)

Unregister an identity.

Parameters:

authId - the authentication identifier to unregister

createRole

public void createRole(java.lang.String role)

Create a new user role

Parameters:

role - the role to create

deleteRole

public void deleteRole(java.lang.String role)

Delete a user role

Parameters:

role - the role to delete

addRole

public void addRole(java.lang.String authId,
                    java.lang.String role)

Add a role to a user

Parameters:

authId - the identifier of the user

role - the role to add

removeRole

public void removeRole(java.lang.String authId,
                       java.lang.String role)

Remove a role from a user

Parameters:

authId - the identifier of the user

role - the role to remove

setDefaultAuthorization

public void setDefaultAuthorization(boolean authorizeByDefault)

Sets the default authorization, that is the default return value of the authorize(String, Object, Method) method when no criterion has been found

Parameters:

authorizeByDefault - the default authorization

getDefaultAuthorization

public boolean getDefaultAuthorization()

Returns the default authorization, that is the default return value of the authorize(String, Object, Method) method when no criterion has been found

Returns:

the default authorization

setIdAuthorization

public void setIdAuthorization(java.lang.String authId,
                               java.lang.Object object,
                               java.lang.reflect.Method method,
                               int authorized)

Set object-method couple authorization for a user

Parameters:

authId - the authentication identifier to authorize

object - the object on which authorization is set

method - the method on which authorization is set

authorized - 0=authorized, 1=not authorized, otherwise=default authorization

setIdAuthorization

public void setIdAuthorization(java.lang.String authId,
                               java.lang.reflect.Method method,
                               int authorized)

Set method couple authorization for a user

Parameters:

authId - the authentication identifier to authorize

method - the method on which authorization is set

authorized - 0=authorized, 1=not authorized, otherwise=default authorization

setIdAuthorization

public void setIdAuthorization(java.lang.String authId,
                               java.lang.Object object,
                               int authorized)

Set object couple authorization for a user

Parameters:

authId - the authentication identifier to authorize

object - the object on which authorization is set

authorized - 0=authorized, 1=not authorized, otherwise=default authorization

setIdAuthorization

public void setIdAuthorization(java.lang.String authId,
                               java.lang.Class<?> cls,
                               int authorized)

Set class couple authorization for a user

Parameters:

authId - the authentication identifier to authorize

cls - the class on which authorization is set

authorized - 0=authorized, 1=not authorized, otherwise=default authorization

setRoleAuthorization

public void setRoleAuthorization(java.lang.String role,
                                 java.lang.Object object,
                                 java.lang.reflect.Method method,
                                 int authorized)

Set object-method couple authorization for a role

Parameters:

role - the role to authorize

object - the object on which authorization is set

method - the method on which authorization is set

authorized - 0=authorized, 1=not authorized, otherwise=default authorization

setRoleAuthorization

public void setRoleAuthorization(java.lang.String role,
                                 java.lang.reflect.Method method,
                                 int authorized)

Set method authorization for a role

Parameters:

role - the role to authorize

method - the method on which authorization is set

authorized - 0=authorized, 1=not authorized, otherwise=default authorization

setRoleAuthorization

public void setRoleAuthorization(java.lang.String role,
                                 java.lang.Object object,
                                 int authorized)

Set object authorization for a role

Parameters:

role - the role to authorize

object - the object on which authorization is set

authorized - 0=authorized, 1=not authorized, otherwise=default authorization

setRoleAuthorization

public void setRoleAuthorization(java.lang.String role,
                                 java.lang.Class<?> cls,
                                 int authorized)

Set class authorization for a role

Parameters:

role - the role to authorize

cls - the class on which authorization is set

authorized - 0=authorized, 1=not authorized, otherwise=default authorization

authorize

public boolean authorize(java.lang.String authId,
                         java.lang.Object object,
                         java.lang.reflect.Method method)

Description copied from interface: RMIAuthenticator

Authorize a user to invoke a specific method on a specific object. This method allows to establish fine-grained authorization.

Specified by:

authorize in interface RMIAuthenticator

Parameters:

authId - the user authentication identifier, the same that ha been used to authenticate the user in the RMIAuthenticator.authenticate(InetSocketAddress, String, String) method

object - the object to which the user requires the access

method - the method that the user wants invoke

Returns:

true if the user is authorized, false otherwise

main

public static void main(java.lang.String[] args)
                 throws java.lang.NoSuchMethodException,
                        java.lang.SecurityException

Throws:

java.lang.NoSuchMethodException

java.lang.SecurityException