airavata-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lah...@apache.org
Subject svn commit: r1409401 [1/2] - in /airavata/trunk/modules: airavata-rest-services/ airavata-rest-services/src/main/webapp/WEB-INF/ security/ security/src/ security/src/main/ security/src/main/java/ security/src/main/java/org/ security/src/main/java/org/a...
Date Wed, 14 Nov 2012 21:10:15 GMT
Author: lahiru
Date: Wed Nov 14 21:10:13 2012
New Revision: 1409401

URL: http://svn.apache.org/viewvc?rev=1409401&view=rev
Log:
committing amilas patch for https://issues.apache.org/jira/browse/AIRAVATA-560.

Added:
    airavata/trunk/modules/security/
    airavata/trunk/modules/security/pom.xml
    airavata/trunk/modules/security/src/
    airavata/trunk/modules/security/src/main/
    airavata/trunk/modules/security/src/main/java/
    airavata/trunk/modules/security/src/main/java/org/
    airavata/trunk/modules/security/src/main/java/org/apache/
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStore.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/
    airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/DBLookup.java
    airavata/trunk/modules/security/src/test/
    airavata/trunk/modules/security/src/test/java/
    airavata/trunk/modules/security/src/test/java/org/
    airavata/trunk/modules/security/src/test/java/org/apache/
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator1.java
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator2.java
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator3.java
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestUserStore.java
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/userstore/
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/userstore/JDBCUserStoreTest.java
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/userstore/LDAPUserStoreTest.java
    airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/userstore/SessionDBUserStoreTest.java
    airavata/trunk/modules/security/src/test/resources/
    airavata/trunk/modules/security/src/test/resources/authenticators.xml
    airavata/trunk/modules/security/src/test/resources/disabled-authenticator.xml
    airavata/trunk/modules/security/src/test/resources/jdbc-authenticator.xml
    airavata/trunk/modules/security/src/test/resources/ldap-authenticator.xml
    airavata/trunk/modules/security/src/test/resources/session-authenticator.xml
    airavata/trunk/modules/security/src/test/resources/testdb/
    airavata/trunk/modules/security/src/test/resources/testdb/test/
    airavata/trunk/modules/security/src/test/resources/testdb/test.trace.db
    airavata/trunk/modules/security/src/test/resources/testdb/test/test.trace.db
Modified:
    airavata/trunk/modules/airavata-rest-services/pom.xml
    airavata/trunk/modules/airavata-rest-services/src/main/webapp/WEB-INF/web.xml

Modified: airavata/trunk/modules/airavata-rest-services/pom.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/airavata-rest-services/pom.xml?rev=1409401&r1=1409400&r2=1409401&view=diff
==============================================================================
--- airavata/trunk/modules/airavata-rest-services/pom.xml (original)
+++ airavata/trunk/modules/airavata-rest-services/pom.xml Wed Nov 14 21:10:13 2012
@@ -8,168 +8,180 @@
     ANY ~ KIND, either express or implied. See the License for the specific language governing permissions and limitations under 
     the License. -->
 
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <parent>
         <groupId>org.apache.airavata</groupId>
         <artifactId>airavata</artifactId>
         <version>0.6-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
-    
-	<modelVersion>4.0.0</modelVersion>
-	<artifactId>airavata-rest-services</artifactId>
-	<packaging>war</packaging>
-	<name>airavata-rest-services</name>
-	<build>
-		<finalName>airavata-rest-services</finalName>
-		<plugins>
-			<plugin>
-				<groupId>org.codehaus.cargo</groupId>
-				<artifactId>cargo-maven2-plugin</artifactId>
-				<version>${cargo.version}</version>
-				<configuration>
-					<wait>true</wait>
-					<configuration>
-						<properties>
-							<cargo.servlet.port>9080</cargo.servlet.port>
-							<cargo.tomcat.ajp.port>9009</cargo.tomcat.ajp.port>
-							<cargo.rmi.port>9099</cargo.rmi.port>
-							<cargo.jvmargs>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>airavata-rest-services</artifactId>
+    <packaging>war</packaging>
+    <name>airavata-rest-services</name>
+    <build>
+        <finalName>airavata-rest-services</finalName>
+        <plugins>
+            <plugin>
+                <groupId>org.codehaus.cargo</groupId>
+                <artifactId>cargo-maven2-plugin</artifactId>
+                <version>${cargo.version}</version>
+                <configuration>
+                    <wait>true</wait>
+                    <configuration>
+                        <properties>
+                            <cargo.servlet.port>9080</cargo.servlet.port>
+                            <cargo.tomcat.ajp.port>9009</cargo.tomcat.ajp.port>
+                            <cargo.rmi.port>9099</cargo.rmi.port>
+                            <cargo.jvmargs>
                                 <![CDATA[-Xdebug -Xrunjdwp:transport=dt_socket,address=${cargo.debug.address},server=y,suspend=${cargo.debug.suspend} -noverify ${javaagent}]]>
-							</cargo.jvmargs>
-							<cargo.tomcat.context.reloadable>true</cargo.tomcat.context.reloadable>
-						</properties>
-						<home>${project.build.directory}/tomcat6x</home>
-						<deployables>
-							<deployable>
-								<groupId>org.apache.airavata</groupId>
-								<artifactId>airavata-rest-services</artifactId>
-								<type>war</type>
-								<properties>
-									<context>/airavata-services</context>
-								</properties>
-							</deployable>
-						</deployables>
-					</configuration>
-					<container>
-						<containerId>tomcat6x</containerId>
-						<timeout>180000</timeout>
-						<zipUrlInstaller>
-							<url>
-								http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.32/bin/apache-tomcat-6.0.32.tar.gz
-							</url>
-						</zipUrlInstaller>
-						<systemProperties>
+                            </cargo.jvmargs>
+                            <cargo.tomcat.context.reloadable>true</cargo.tomcat.context.reloadable>
+                        </properties>
+                        <home>${project.build.directory}/tomcat6x</home>
+                        <deployables>
+                            <deployable>
+                                <groupId>org.apache.airavata</groupId>
+                                <artifactId>airavata-rest-services</artifactId>
+                                <type>war</type>
+                                <properties>
+                                    <context>/airavata-services</context>
+                                </properties>
+                            </deployable>
+                        </deployables>
+                    </configuration>
+                    <container>
+                        <containerId>tomcat6x</containerId>
+                        <timeout>180000</timeout>
+                        <zipUrlInstaller>
+                            <url>
+                                http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.32/bin/apache-tomcat-6.0.32.tar.gz
+                            </url>
+                        </zipUrlInstaller>
+                        <systemProperties>
 
-						</systemProperties>
-					</container>
-				</configuration>
-			</plugin>
-		</plugins>
+                        </systemProperties>
+                    </container>
+                </configuration>
+            </plugin>
+        </plugins>
 
-	</build>
-	<dependencies>
-		<dependency>
-			<groupId>com.sun.jersey</groupId>
-			<artifactId>jersey-servlet</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.jersey</groupId>
-			<artifactId>jersey-json</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.jersey.contribs</groupId>
-			<artifactId>jersey-multipart</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.jersey.jersey-test-framework</groupId>
-			<artifactId>jersey-test-framework-grizzly2</artifactId>
-			<version>${jersey.version}</version>
-			<scope>test</scope>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.jersey</groupId>
-			<artifactId>jersey-server</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
-		<dependency>
+    </build>
+    <dependencies>
+        <dependency>
+            <groupId>com.sun.jersey</groupId>
+            <artifactId>jersey-servlet</artifactId>
+            <version>${jersey.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.sun.jersey</groupId>
+            <artifactId>jersey-json</artifactId>
+            <version>${jersey.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.sun.jersey.contribs</groupId>
+            <artifactId>jersey-multipart</artifactId>
+            <version>${jersey.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.sun.jersey.jersey-test-framework</groupId>
+            <artifactId>jersey-test-framework-grizzly2</artifactId>
+            <version>${jersey.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.sun.jersey</groupId>
+            <artifactId>jersey-server</artifactId>
+            <version>${jersey.version}</version>
+        </dependency>
+        <dependency>
             <groupId>com.sun.jersey</groupId>
             <artifactId>jersey-client</artifactId>
-			<version>${jersey.version}</version>
-		</dependency>
+            <version>${jersey.version}</version>
+        </dependency>
+	<dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-core</artifactId>
+            <version>1.2.1</version>
+        </dependency>
+	<dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+            <version>1.3.168</version>
+            <scope>test</scope>
+        </dependency>
         <!--dependency>
             <groupId>mysql</groupId>
             <artifactId>mysql-connector-java</artifactId>
             <version>5.1.6</version>
         </dependency-->
 
-		<!-- Airavata -->
-		<dependency>
-			<groupId>org.apache.airavata</groupId>
-			<artifactId>airavata-gfac-schema-utils</artifactId>
-			<version>${project.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.airavata</groupId>
-			<artifactId>airavata-registry-api</artifactId>
-			<version>${project.version}</version>
-		</dependency>
+        <!-- Airavata -->
+        <dependency>
+            <groupId>org.apache.airavata</groupId>
+            <artifactId>airavata-gfac-schema-utils</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.airavata</groupId>
+            <artifactId>airavata-registry-api</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.airavata</groupId>
+            <artifactId>airavata-security</artifactId>
+            <version>${project.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.apache.airavata</groupId>
             <artifactId>airavata-jpa-registry</artifactId>
             <version>${project.version}</version>
         </dependency>
-		<!-- Logging -->
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-api</artifactId>
-			<version>${org.slf4j.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-simple</artifactId>
-			<version>${org.slf4j.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>jcl-over-slf4j</artifactId>
-			<version>${org.slf4j.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-log4j12</artifactId>
-			<version>${org.slf4j.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>log4j</groupId>
-			<artifactId>log4j</artifactId>
-			<version>${log4j.version}</version>
-		</dependency>
-        <!--dependency>
-              <groupId>org.apache.airavata</groupId>
-              <artifactId>airavata-security</artifactId>
-              <version>0.5-incubating-SNAPSHOT</version>
-          </dependency-->
-	</dependencies>
-	<properties>
-		<jersey.version>1.13</jersey.version>
-		<grizzly.version>2.0.0-M3</grizzly.version>
-		<org.slf4j.version>1.6.1</org.slf4j.version>
-		<log4j.version>1.2.16</log4j.version>
-		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-		<cargo.version>1.2.1</cargo.version>
-		<!-- if you want a remote debugging on a different a address override on
-			command line with -Dcargo.debug.addres=xxxx -->
-		<cargo.debug.address>8000</cargo.debug.address>
-		<!-- if you want to start remote debugging session suspended override on
-			command line with -Dcargo.debug.suspend=y -->
-		<cargo.debug.suspend>n</cargo.debug.suspend>
-		<javaagent />
-	</properties>
-	  <repositories>
+        <!-- Logging -->
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>${org.slf4j.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-simple</artifactId>
+            <version>${org.slf4j.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>jcl-over-slf4j</artifactId>
+            <version>${org.slf4j.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
+            <version>${org.slf4j.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>log4j</groupId>
+            <artifactId>log4j</artifactId>
+            <version>${log4j.version}</version>
+        </dependency>
+    </dependencies>
+    <properties>
+        <jersey.version>1.13</jersey.version>
+        <grizzly.version>2.0.0-M3</grizzly.version>
+        <org.slf4j.version>1.6.1</org.slf4j.version>
+        <log4j.version>1.2.16</log4j.version>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <cargo.version>1.2.1</cargo.version>
+        <!-- if you want a remote debugging on a different a address override on
+              command line with -Dcargo.debug.addres=xxxx -->
+        <cargo.debug.address>8000</cargo.debug.address>
+        <!-- if you want to start remote debugging session suspended override on
+              command line with -Dcargo.debug.suspend=y -->
+        <cargo.debug.suspend>n</cargo.debug.suspend>
+        <javaagent/>
+    </properties>
+    <repositories>
         <repository>
             <id>central</id>
             <name>Maven Central</name>

Modified: airavata/trunk/modules/airavata-rest-services/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/airavata-rest-services/src/main/webapp/WEB-INF/web.xml?rev=1409401&r1=1409400&r2=1409401&view=diff
==============================================================================
--- airavata/trunk/modules/airavata-rest-services/src/main/webapp/WEB-INF/web.xml (original)
+++ airavata/trunk/modules/airavata-rest-services/src/main/webapp/WEB-INF/web.xml Wed Nov 14 21:10:13 2012
@@ -5,10 +5,7 @@
     <listener>
       <listener-class>org.apache.airavata.services.registry.rest.utils.RegistryListener</listener-class>
     </listener>
-     <!--context-param>
-      <param-name>configFile</param-name>
-      <param-value>/WEB-INF/classes/service.properties</param-value>
-    </context-param-->
+
     <servlet>
         <servlet-name>Airavata Web Application</servlet-name>
         <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
@@ -16,12 +13,26 @@
             <param-name>com.sun.jersey.config.property.packages</param-name>
             <param-value>org.apache.airavata.services.registry.rest;org.codehaus.jackson.jaxrs</param-value>
         </init-param>
-        <!--init-param>
-            <param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name>
-            <param-value>org.apache.airavata.services.registry.rest.security.AuthenticationFilter</param-value>
-        </init-param-->
         <load-on-startup>1</load-on-startup>
     </servlet>
+
+    <!-- ========================= Security Related Configurations go here ================================== -->
+    <filter>
+        <filter-name>AuthenticationFilter</filter-name>
+        <filter-class>org.apache.airavata.services.registry.rest.security.HttpAuthenticatorFilter</filter-class>
+        <init-param>
+            <param-name>authenticatorConfigurations</param-name>
+            <param-value>authenticators.xml</param-value>
+        </init-param>
+    </filter>
+
+    <filter-mapping>
+        <filter-name>AuthenticationFilter</filter-name>
+        <url-pattern>/api/*</url-pattern>
+    </filter-mapping>
+
+    <!-- ================================ End Security Related Configurations =============================== -->
+
     <servlet-mapping>
         <servlet-name>Airavata Web Application</servlet-name>
         <url-pattern>/*</url-pattern>

Added: airavata/trunk/modules/security/pom.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/pom.xml?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/pom.xml (added)
+++ airavata/trunk/modules/security/pom.xml Wed Nov 14 21:10:13 2012
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file 
+    distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under 
+    the Apache License, Version 2.0 (theÏ "License"); you may not use this file except in compliance with the License. You may 
+    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to 
+    in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF 
+    ANY ~ KIND, either express or implied. See the License for the specific language governing permissions and limitations under 
+    the License. -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <groupId>org.apache.airavata</groupId>
+        <artifactId>airavata</artifactId>
+        <version>0.6-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>airavata-security</artifactId>
+    <name>Airavata Security Implementation</name>
+    <description>Module for managing security features in Airavata</description>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-simple</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-core</artifactId>
+            <version>1.2.1</version>
+        </dependency>
+        <dependency>
+            <groupId>commons-dbcp</groupId>
+            <artifactId>commons-dbcp</artifactId>
+            <version>1.4</version>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.7</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+            <version>1.3.168</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>${surefire.version}</version>
+                <configuration>
+                    <testSourceDirectory>${basedir}\src\test\java\</testSourceDirectory>
+                </configuration>
+            </plugin>
+        </plugins>
+        <testSourceDirectory>${project.basedir}/src/test/java</testSourceDirectory>
+        <testOutputDirectory>${project.build.directory}/test-classes</testOutputDirectory>
+        <testResources>
+            <testResource>
+                <directory>${project.basedir}/src/test/resources</directory>
+            </testResource>
+        </testResources>
+    </build>
+</project>

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,120 @@
+package org.apache.airavata.security;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.text.SimpleDateFormat;
+import java.util.Calendar;
+
+/**
+ * An abstract implementation of the authenticator.
+ */
+@SuppressWarnings("UnusedDeclaration")
+public abstract class AbstractAuthenticator implements Authenticator {
+
+    protected static final String DATE_TIME_FORMAT = "yyyy-MM-dd HH:mm:ss";
+
+    protected static Logger log = LoggerFactory.getLogger(AbstractAuthenticator.class);
+
+    public static int DEFAULT_AUTHENTICATOR_PRIORITY = 5;
+
+    protected String authenticatorName;
+
+    private int priority = DEFAULT_AUTHENTICATOR_PRIORITY;
+
+    protected boolean enabled = true;
+
+    protected UserStore userStore;
+
+    public AbstractAuthenticator() {
+
+    }
+
+    public AbstractAuthenticator(String name) {
+        this.authenticatorName = name;
+    }
+
+    public void setUserStore(UserStore store) {
+        this.userStore = store;
+    }
+
+    public UserStore getUserStore() {
+        return this.userStore;
+    }
+
+    public int getPriority() {
+        return priority;
+    }
+
+    public boolean canProcess(Object credentials) {
+        return false;
+    }
+
+    public String getAuthenticatorName() {
+        return authenticatorName;
+    }
+
+    public void setAuthenticatorName(String authenticatorName) {
+        this.authenticatorName = authenticatorName;
+    }
+
+    public void setPriority(int priority) {
+        this.priority = priority;
+    }
+
+    public void setEnabled(boolean enabled) {
+        this.enabled = enabled;
+    }
+
+    public boolean isEnabled() {
+        return enabled;
+    }
+
+    public boolean authenticate(Object credentials) throws AuthenticationException {
+
+        boolean authenticated = doAuthentication(credentials);
+
+        if (authenticated) {
+            onSuccessfulAuthentication(credentials);
+        } else {
+            onFailedAuthentication(credentials);
+        }
+
+        return authenticated;
+    }
+
+
+    /**
+     * Gets the current time converted to format in DATE_TIME_FORMAT.
+     * @return Current time as a string.
+     */
+    protected String getCurrentTime() {
+        Calendar cal = Calendar.getInstance();
+        SimpleDateFormat simpleDateFormat = new SimpleDateFormat(DATE_TIME_FORMAT);
+        return simpleDateFormat.format(cal.getTime());
+    }
+
+    /**
+     * The actual authenticating logic goes here. If user is successfully authenticated this should return
+     * <code>true</code> else this should return <code>false</code>. If an error occurred while authenticating
+     * this will throw an exception.
+     * @param credentials The object which contains request credentials. This could be request most of the time.
+     * @return <code>true</code> if successfully authenticated else <code>false</code>.
+     * @throws AuthenticationException If system error occurs while authenticating.
+     */
+    protected abstract boolean doAuthentication(Object credentials) throws AuthenticationException;
+
+    /**
+     * If authentication is successful we can do post authentication actions in following method.
+     * E.g :- adding user to session, audit logging etc ...
+     * @param authenticationInfo A generic object with authentication information.
+     */
+    public abstract void onSuccessfulAuthentication(Object authenticationInfo);
+
+    /**
+     * If authentication is failed we can do post authentication actions in following method.
+     * E.g :- adding user to session, audit logging etc ...
+     * @param authenticationInfo A generic object with authentication information.
+     */
+    public abstract void onFailedAuthentication(Object authenticationInfo);
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,105 @@
+package org.apache.airavata.security;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+/**
+ * An abstract authenticator class which reads database configurations.
+ */
+@SuppressWarnings("UnusedDeclaration")
+public abstract class AbstractDatabaseAuthenticator extends AbstractAuthenticator {
+
+    private String databaseURL;
+
+    private String databaseDriver;
+
+    private String databaseUserName;
+
+    private String databasePassword;
+
+    public AbstractDatabaseAuthenticator() {
+        super();
+    }
+
+    public AbstractDatabaseAuthenticator(String name) {
+        super(name);
+    }
+
+    /**
+     * We are reading database parameters in this case.
+     *
+     * @param node An XML configuration node.
+     */
+    public void configure(Node node) {
+
+        /**
+         <specificConfigurations>
+         <database>
+         <jdbcUrl></jdbcUrl>
+         <databaseDriver></databaseDriver>
+         <userName></userName>
+         <password></password>
+         </database>
+         </specificConfigurations>
+         */
+
+        NodeList databaseNodeList = node.getChildNodes();
+
+        Node databaseNode = null;
+
+        for (int k = 0; k < databaseNodeList.getLength(); ++k) {
+
+            Node n = databaseNodeList.item(k);
+
+            if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
+                databaseNode = n;
+            }
+        }
+
+        if (databaseNode != null) {
+            NodeList nodeList = databaseNode.getChildNodes();
+
+            for (int i = 0; i < nodeList.getLength(); ++i) {
+                Node n = nodeList.item(i);
+
+                if (n.getNodeType() == Node.ELEMENT_NODE) {
+
+                    Element element = (Element) n;
+
+                    if (element.getNodeName().equals("jdbcUrl")) {
+                        databaseURL = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("databaseDriver")) {
+                        databaseDriver = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("userName")) {
+                        databaseUserName = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("password")) {
+                        databasePassword = element.getFirstChild().getNodeValue();
+                    }
+                }
+            }
+        }
+
+        StringBuilder stringBuilder = new StringBuilder("Configuring DB parameters for authenticator with JDBC URL - ");
+        stringBuilder.append(databaseURL).append(" DB driver - ").append(" DB user - ").
+                append(databaseUserName).append(" DB password - xxxxxx");
+
+        log.info(stringBuilder.toString());
+    }
+
+    public String getDatabaseURL() {
+        return databaseURL;
+    }
+
+    public String getDatabaseDriver() {
+        return databaseDriver;
+    }
+
+    public String getDatabaseUserName() {
+        return databaseUserName;
+    }
+
+    public String getDatabasePassword() {
+        return databasePassword;
+    }
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AuthenticationException.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,22 @@
+package org.apache.airavata.security;
+
+/**
+ * Wraps errors during authentication. This exception will be thrown if there is a system error during authentication.
+ */
+public class AuthenticationException extends Exception {
+
+
+    public AuthenticationException() {
+        super();
+    }
+
+    public AuthenticationException (String message) {
+        super(message);
+    }
+
+    public AuthenticationException (String message, Exception e) {
+        super(message, e);
+    }
+
+
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authenticator.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,71 @@
+package org.apache.airavata.security;
+
+import org.w3c.dom.Node;
+
+/**
+ * A generic interface to do request authentication. Specific authenticator will implement authenticate method.
+ */
+@SuppressWarnings("UnusedDeclaration")
+public interface Authenticator {
+
+    /**
+     * Authenticates the request with given credentials.
+     * @param credentials Credentials can be a session ticket, password or session id.
+     * @return <code>true</code> if request is successfully authenticated else <code>false</code>.
+     * @throws AuthenticationException If a system error occurred during authentication process.
+     */
+    boolean authenticate(Object credentials) throws AuthenticationException;
+
+    /**
+     * Checks whether given user is already authenticated.
+     * @param credentials The token to be authenticated.
+     * @return <code>true</code> if token is already authenticated else <code>false</code>.
+     */
+    boolean isAuthenticated(Object credentials);
+
+    /**
+     * Says whether current authenticator can handle given credentials.
+     * @param credentials Credentials used during authentication.
+     * @return <code>true</code> is can authenticate else <code>false</code>.
+     */
+    boolean canProcess(Object credentials);
+
+    /**
+     * Gets the priority of this authenticator.
+     * @return Higher the priority higher the precedence of selecting the authenticator.
+     */
+    int getPriority();
+
+    /**
+     * Returns the authenticator name. Each authenticator is associated with an identifiable name.
+     * @return The authenticator name.
+     */
+    String getAuthenticatorName();
+
+    /**
+     * Authenticator specific configurations goes into this method.
+     * @param node An XML configuration node.
+     * @throws RuntimeException If an error occurred while configuring the authenticator.
+     */
+    void configure(Node node) throws RuntimeException;
+
+    /**
+     * Return <code>true</code> if current authenticator is enabled. Else <code>false</code>.
+     * @return <code>true</code> if enabled.
+     */
+    boolean isEnabled();
+
+    /**
+     * User store that should be used by this authenticator. When authenticating a request
+     * authenticator should use the user store set by this method.
+     * @param userStore The user store to be used.
+     */
+    void setUserStore(UserStore userStore);
+
+    /**
+     * Gets the user store used by this authenticator.
+     * @return The user store used by this authenticator.
+     */
+    UserStore getUserStore();
+
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/Authoriser.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,18 @@
+package org.apache.airavata.security;
+
+/**
+ * An interface which can be used to authorise accessing resources.
+ */
+@SuppressWarnings("UnusedDeclaration")
+public interface Authoriser {
+
+    /**
+     * Checks whether user has sufficient privileges to perform action on the given resource.
+     * @param userName  The user who is performing the action.
+     * @param resource The resource which user is trying to access.
+     * @param action  The action (GET, PUT etc ...)
+     * @return Returns <code>true</code> if user is authorised to perform the action, else false.
+     */
+    boolean isAuthorised (String userName, String resource, String action);
+
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStore.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStore.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStore.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,72 @@
+/*
+ *
+ *  *
+ *  * Licensed to the Apache Software Foundation (ASF) under one
+ *  * or more contributor license agreements.  See the NOTICE file
+ *  * distributed with this work for additional information
+ *  * regarding copyright ownership.  The ASF licenses this file
+ *  * to you under the Apache License, Version 2.0 (the
+ *  * "License"); you may not use this file except in compliance
+ *  * with the License.  You may obtain a copy of the License at
+ *  *
+ *  *   http://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing,
+ *  * software distributed under the License is distributed on an
+ *  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  * KIND, either express or implied.  See the License for the
+ *  * specific language governing permissions and limitations
+ *  * under the License.
+ *  *
+ *
+ */
+
+package org.apache.airavata.security;
+
+import org.w3c.dom.Node;
+
+/**
+ * An interface to wrap the functionality of a user store. A user store is place where we keep user attribute
+ * information. Usually this contains, user id, user name, password etc ...
+ * We also authenticate users against the credentials stored in a user store. In addition to user attributes
+ * we also store role information and group information.
+ * This interface provide methods to manipulated data in a user store.
+ * Such operations are as follows,
+ * <ol>
+ *     <li>authenticate user</li>
+ *     <li>add user</li>
+ *     <li>delete user</li>
+ *     <li>add a role</li>
+ *     <li>delete a role</li>
+ *     <li>... etc ...</li>
+ * </ol>
+ */
+public interface UserStore {
+
+    /**
+     * Checks whether given user exists in the user store and its credentials match with the credentials stored
+     * in the user store.
+     * @param userName Name of the user to authenticate.
+     * @param credentials User credentials as an object. User credentials may not be a string always.
+     * @return True if user exists in the user store and its credentials match with the credentials in user store.
+     *          <code>false</code> else.
+     * @throws UserStoreException if a system wide error occurred while authenticating the user.
+     */
+    boolean authenticate(String userName, Object credentials) throws UserStoreException;
+
+    /**
+     * Authenticates a user using a token.
+     * @param credentials The token information.
+     * @return <code>true</code> if authentication successful else <code>false</code>.
+     * @throws UserStoreException if a system wide error occurred while authenticating the user.
+     */
+    boolean authenticate(Object credentials) throws UserStoreException;
+
+    /**
+     * This method will do necessary configurations of the user store.
+     * @param node An XML configuration node.
+     * @throws RuntimeException If an error occurred while configuring the authenticator.
+     */
+    void configure(Node node) throws UserStoreException;
+
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/UserStoreException.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,47 @@
+/*
+ *
+ *  *
+ *  * Licensed to the Apache Software Foundation (ASF) under one
+ *  * or more contributor license agreements.  See the NOTICE file
+ *  * distributed with this work for additional information
+ *  * regarding copyright ownership.  The ASF licenses this file
+ *  * to you under the Apache License, Version 2.0 (the
+ *  * "License"); you may not use this file except in compliance
+ *  * with the License.  You may obtain a copy of the License at
+ *  *
+ *  *   http://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing,
+ *  * software distributed under the License is distributed on an
+ *  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  * KIND, either express or implied.  See the License for the
+ *  * specific language governing permissions and limitations
+ *  * under the License.
+ *  *
+ *
+ */
+
+package org.apache.airavata.security;
+
+/**
+ * Exception class to wrap user store errors.
+ */
+public class UserStoreException extends Exception {
+
+    public UserStoreException() {
+        super();
+    }
+
+    public UserStoreException(String message) {
+        super(message);
+    }
+
+    public UserStoreException(String message, Exception e) {
+        super(message, e);
+    }
+
+    public UserStoreException(Exception e) {
+        super(e);
+    }
+
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AbstractConfigurationReader.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,58 @@
+/*
+ *
+ *  *
+ *  * Licensed to the Apache Software Foundation (ASF) under one
+ *  * or more contributor license agreements.  See the NOTICE file
+ *  * distributed with this work for additional information
+ *  * regarding copyright ownership.  The ASF licenses this file
+ *  * to you under the Apache License, Version 2.0 (the
+ *  * "License"); you may not use this file except in compliance
+ *  * with the License.  You may obtain a copy of the License at
+ *  *
+ *  *   http://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing,
+ *  * software distributed under the License is distributed on an
+ *  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  * KIND, either express or implied.  See the License for the
+ *  * specific language governing permissions and limitations
+ *  * under the License.
+ *  *
+ *
+ */
+
+package org.apache.airavata.security.configurations;
+
+
+import org.xml.sax.SAXException;
+
+import javax.xml.parsers.ParserConfigurationException;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * Abstract implementation to read configurations.
+ */
+public abstract class AbstractConfigurationReader {
+
+    public void init(String fileName) throws IOException, SAXException, ParserConfigurationException {
+
+        File configurationFile = new File(fileName);
+
+        if (!configurationFile.canRead()) {
+            throw new IOException("Error reading configuration file " + configurationFile.getAbsolutePath());
+        }
+
+        FileInputStream streamIn = new FileInputStream(configurationFile);
+
+        try {
+            init(streamIn);
+        } finally {
+            streamIn.close();
+        }
+    }
+
+    public abstract void init(InputStream inputStream) throws IOException, ParserConfigurationException, SAXException;
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReader.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,225 @@
+package org.apache.airavata.security.configurations;
+
+import org.apache.airavata.security.AbstractAuthenticator;
+import org.apache.airavata.security.Authenticator;
+import org.apache.airavata.security.UserStore;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.xml.sax.SAXException;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.List;
+
+/**
+ * This class will read authenticators.xml and load all configurations related to authenticators.
+ */
+public class AuthenticatorConfigurationReader extends AbstractConfigurationReader {
+
+    private List<Authenticator> authenticatorList = new ArrayList<Authenticator>();
+
+    protected static Logger log = LoggerFactory.getLogger(AuthenticatorConfigurationReader.class);
+
+    protected static boolean authenticationEnabled = true;
+
+    public AuthenticatorConfigurationReader() {
+
+    }
+
+    public void init(InputStream inputStream) throws IOException, ParserConfigurationException, SAXException {
+
+        DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
+        DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
+        Document doc = dBuilder.parse(inputStream);
+        doc.getDocumentElement().normalize();
+
+        NodeList rootNodeList = doc.getElementsByTagName("authenticators");
+
+        if (rootNodeList == null || rootNodeList.getLength() == 0) {
+            throw new ParserConfigurationException("authenticators.xml should have authenticators root element.");
+        }
+
+        Node authenticatorsNode = rootNodeList.item(0);
+        NamedNodeMap rootAttributes = authenticatorsNode.getAttributes();
+
+        if (rootAttributes != null && rootAttributes.getNamedItem("enabled") != null) {
+
+            String enabledAttribute = rootAttributes.getNamedItem("enabled").getNodeValue();
+            if ( enabledAttribute != null) {
+
+                if (enabledAttribute.equals("false")) {
+                    authenticationEnabled = false;
+                }
+            }
+        }
+
+
+        NodeList authenticators = doc.getElementsByTagName("authenticator");
+
+        for (int i = 0; i < authenticators.getLength(); ++i) {
+            Node node = authenticators.item(i);
+
+            if (node.getNodeType() == Node.ELEMENT_NODE) {
+
+                NamedNodeMap namedNodeMap = node.getAttributes();
+
+                String name = namedNodeMap.getNamedItem("name").getNodeValue();
+                String className = namedNodeMap.getNamedItem("class").getNodeValue();
+                String enabled = namedNodeMap.getNamedItem("enabled").getNodeValue();
+                String priority = namedNodeMap.getNamedItem("priority").getNodeValue();
+                String userStoreClass = namedNodeMap.getNamedItem("userstore").getNodeValue();
+
+                if (className == null) {
+                    reportError("class");
+                }
+
+                if (userStoreClass == null) {
+                    reportError("userstore");
+                }
+
+                Authenticator authenticator = createAuthenticator(name, className, enabled,
+                        priority, userStoreClass);
+
+                NodeList configurationNodes = node.getChildNodes();
+
+                for (int j = 0; j < configurationNodes.getLength(); ++j) {
+
+                    Node configurationNode = configurationNodes.item(j);
+
+                    if (configurationNode.getNodeType() == Node.ELEMENT_NODE) {
+
+                        if (configurationNode.getNodeName().equals("specificConfigurations")) {
+                            authenticator.configure(configurationNode);
+                        }
+                    }
+                }
+
+                if (authenticator.isEnabled()) {
+                    authenticatorList.add(authenticator);
+                }
+
+                Collections.sort(authenticatorList, new AuthenticatorComparator());
+
+                StringBuilder stringBuilder = new StringBuilder("Successfully initialized authenticator ");
+                stringBuilder.append(name).append(" with class ").append(className).append(" enabled? ").append(enabled)
+                        .append(" priority = ").append(priority);
+
+                log.info(stringBuilder.toString());
+            }
+        }
+    }
+
+    private void reportError(String element) throws ParserConfigurationException {
+        throw new ParserConfigurationException("Error in configuration. Missing mandatory element "
+                + element);
+    }
+
+    protected Authenticator createAuthenticator(String name, String className, String enabled,
+                                                String priority, String userStoreClassName) {
+
+        log.info("Loading authenticator class " + className + " and name " + name);
+
+        // Load a class and instantiate an object
+        Class authenticatorClass;
+        try {
+            authenticatorClass = Class.forName(className, true, Thread.currentThread().getContextClassLoader());
+            //authenticatorClass = Class.forName(className);
+        } catch (ClassNotFoundException e) {
+            log.error("Error loading authenticator class " + className);
+            throw new RuntimeException("Error loading authenticator class " + className, e);
+
+        }
+
+        try {
+            AbstractAuthenticator authenticatorInstance = (AbstractAuthenticator) authenticatorClass.newInstance();
+            authenticatorInstance.setAuthenticatorName(name);
+
+            if (enabled != null) {
+                authenticatorInstance.setEnabled(Boolean.parseBoolean(enabled));
+            }
+
+            if (priority != null) {
+                authenticatorInstance.setPriority(Integer.parseInt(priority));
+            }
+
+            UserStore userStore = createUserStore(userStoreClassName);
+            authenticatorInstance.setUserStore(userStore);
+
+            return authenticatorInstance;
+
+        } catch (InstantiationException e) {
+            String error = "Error instantiating authenticator class " + className + " object.";
+            log.error(error);
+            throw new RuntimeException(error, e);
+
+        } catch (IllegalAccessException e) {
+            String error = "Not allowed to instantiate authenticator class " + className;
+            log.error(error);
+            throw new RuntimeException(error, e);
+        }
+
+    }
+
+    protected UserStore createUserStore(String userStoreClassName) {
+
+        try {
+            Class userStoreClass = Class.forName(userStoreClassName, true,
+                    Thread.currentThread().getContextClassLoader());
+
+            return (UserStore)userStoreClass.newInstance();
+        } catch (ClassNotFoundException e) {
+            log.error("Error loading authenticator class " + userStoreClassName);
+            throw new RuntimeException("Error loading authenticator class " + userStoreClassName, e);
+
+        } catch (InstantiationException e) {
+            String error = "Error instantiating authenticator class " + userStoreClassName + " object.";
+            log.error(error);
+            throw new RuntimeException(error, e);
+
+        } catch (IllegalAccessException e) {
+            String error = "Not allowed to instantiate authenticator class " + userStoreClassName;
+            log.error(error);
+            throw new RuntimeException(error, e);
+        }
+
+    }
+
+    public List<Authenticator> getAuthenticatorList() {
+        return Collections.unmodifiableList(authenticatorList);
+    }
+
+    /**
+     * We can specify whether authentication is enabled in the system for all request or not.
+     * This we can state in the configuration. AuthenticatorConfigurationReader will read that information
+     * and will populate that to static boolean authenticationEnabled. This method will say whether
+     * authentication is enabled in the system or disabled in the system.
+     * @return <code>true</code> if authentication is enabled. Else <code>false</code>.
+     */
+    public static boolean isAuthenticationEnabled() {
+        return authenticationEnabled;
+    }
+
+
+    /**
+     * Comparator to sort authenticators based on authenticator priority.
+     */
+    public class AuthenticatorComparator implements Comparator<Authenticator> {
+
+        @Override
+        public int compare(Authenticator o1, Authenticator o2) {
+            return (o1.getPriority() > o2.getPriority() ? -1 : (o1.getPriority() == o2.getPriority() ? 0 : 1));
+        }
+    }
+
+
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/AbstractJDBCUserStore.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,115 @@
+/*
+ *
+ *  *
+ *  * Licensed to the Apache Software Foundation (ASF) under one
+ *  * or more contributor license agreements.  See the NOTICE file
+ *  * distributed with this work for additional information
+ *  * regarding copyright ownership.  The ASF licenses this file
+ *  * to you under the Apache License, Version 2.0 (the
+ *  * "License"); you may not use this file except in compliance
+ *  * with the License.  You may obtain a copy of the License at
+ *  *
+ *  *   http://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing,
+ *  * software distributed under the License is distributed on an
+ *  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  * KIND, either express or implied.  See the License for the
+ *  * specific language governing permissions and limitations
+ *  * under the License.
+ *  *
+ *
+ */
+
+package org.apache.airavata.security.userstore;
+
+import org.apache.airavata.security.UserStore;
+import org.apache.airavata.security.UserStoreException;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+
+/**
+ * An abstract implementation of the UserStore. This will encapsulate
+ * JDBC configurations reading code.
+ */
+public abstract class AbstractJDBCUserStore implements UserStore {
+
+    private String databaseURL = null;
+    private String databaseDriver = null;
+    private String databaseUserName = null;
+    private String databasePassword = null;
+
+    public String getDatabaseURL() {
+        return databaseURL;
+    }
+
+    public String getDatabaseDriver() {
+        return databaseDriver;
+    }
+
+    public String getDatabaseUserName() {
+        return databaseUserName;
+    }
+
+    public String getDatabasePassword() {
+        return databasePassword;
+    }
+
+    /**
+     * Configures primary JDBC parameters. i.e
+     * @param node An XML configuration node.
+     * @throws UserStoreException
+     */
+    public void configure(Node node) throws UserStoreException{
+
+        /**
+         <specificConfigurations>
+         <database>
+         <jdbcUrl></jdbcUrl>
+         <databaseDriver></databaseDriver>
+         <userName></userName>
+         <password></password>
+         </database>
+         </specificConfigurations>
+         */
+
+        NodeList databaseNodeList = node.getChildNodes();
+
+        Node databaseNode = null;
+
+        for (int k = 0; k < databaseNodeList.getLength(); ++k) {
+
+            Node n = databaseNodeList.item(k);
+
+            if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
+                databaseNode = n;
+            }
+        }
+
+        if (databaseNode != null) {
+            NodeList nodeList = databaseNode.getChildNodes();
+
+            for (int i = 0; i < nodeList.getLength(); ++i) {
+                Node n = nodeList.item(i);
+
+                if (n.getNodeType() == Node.ELEMENT_NODE) {
+
+                    Element element = (Element) n;
+
+                    if (element.getNodeName().equals("jdbcUrl")) {
+                        databaseURL = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("databaseDriver")) {
+                        databaseDriver = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("userName")) {
+                        databaseUserName = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("password")) {
+                        databasePassword = element.getFirstChild().getNodeValue();
+                    }
+                }
+            }
+        }
+
+    }
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,158 @@
+/*
+ *
+ *  *
+ *  * Licensed to the Apache Software Foundation (ASF) under one
+ *  * or more contributor license agreements.  See the NOTICE file
+ *  * distributed with this work for additional information
+ *  * regarding copyright ownership.  The ASF licenses this file
+ *  * to you under the Apache License, Version 2.0 (the
+ *  * "License"); you may not use this file except in compliance
+ *  * with the License.  You may obtain a copy of the License at
+ *  *
+ *  *   http://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing,
+ *  * software distributed under the License is distributed on an
+ *  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  * KIND, either express or implied.  See the License for the
+ *  * specific language governing permissions and limitations
+ *  * under the License.
+ *  *
+ *
+ */
+
+package org.apache.airavata.security.userstore;
+
+import org.apache.airavata.security.UserStore;
+import org.apache.airavata.security.UserStoreException;
+import org.apache.airavata.security.util.DBLookup;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.realm.jdbc.JdbcRealm;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import sun.reflect.generics.reflectiveObjects.NotImplementedException;
+
+import javax.sql.DataSource;
+
+/**
+ * The JDBC user store implementation.
+ */
+public class JDBCUserStore extends AbstractJDBCUserStore {
+
+    protected static Logger log = LoggerFactory.getLogger(JDBCUserStore.class);
+
+    private JdbcRealm jdbcRealm;
+
+    public JDBCUserStore() {
+        jdbcRealm = new JdbcRealm();
+    }
+
+    @Override
+    public boolean authenticate(String userName, Object credentials) throws UserStoreException{
+        AuthenticationToken authenticationToken = new UsernamePasswordToken(userName, (String)credentials);
+
+        AuthenticationInfo authenticationInfo;
+        try {
+            authenticationInfo = jdbcRealm.getAuthenticationInfo(authenticationToken);
+        } catch (AuthenticationException e) {
+            log.warn(e.getLocalizedMessage(), e);
+            return false;
+        }
+
+        return authenticationInfo != null;
+    }
+
+    @Override
+    public boolean authenticate(Object credentials) throws UserStoreException{
+        log.error("JDBC user store only supports user name, password based authentication.");
+        throw new NotImplementedException();
+    }
+
+    @Override
+    public void configure(Node node) throws UserStoreException {
+
+        super.configure(node);
+
+        /**
+         <specificConfigurations>
+         <database>
+         <jdbcUrl></jdbcUrl>
+         <databaseDriver></databaseDriver>
+         <userName></userName>
+         <password></password>
+         <userTableName></userTableName>
+         <userNameColumnName></userNameColumnName>
+         <passwordColumnName></passwordColumnName>
+         </database>
+         </specificConfigurations>
+         */
+
+        NodeList databaseNodeList = node.getChildNodes();
+
+        Node databaseNode = null;
+
+        for (int k = 0; k < databaseNodeList.getLength(); ++k) {
+
+            Node n = databaseNodeList.item(k);
+
+            if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
+                databaseNode = n;
+            }
+        }
+
+        String userTable = null;
+        String userNameColumn = null;
+        String passwordColumn = null;
+
+        if (databaseNode != null) {
+            NodeList nodeList = databaseNode.getChildNodes();
+
+            for (int i = 0; i < nodeList.getLength(); ++i) {
+                Node n = nodeList.item(i);
+
+                if (n.getNodeType() == Node.ELEMENT_NODE) {
+
+                    Element element = (Element) n;
+
+                    if (element.getNodeName().equals("userTableName")) {
+                        userTable = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("userNameColumnName")) {
+                        userNameColumn = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("passwordColumnName")) {
+                        passwordColumn = element.getFirstChild().getNodeValue();
+                    }
+                }
+            }
+        }
+
+        initializeDatabaseLookup(passwordColumn, userTable, userNameColumn);
+
+        StringBuilder stringBuilder = new StringBuilder("Configuring DB parameters for authenticator with User name Table - ");
+        stringBuilder.append(userTable).append(" User name column - ").append(userNameColumn).append(" Password column - ").
+                append(passwordColumn);
+
+        log.info(stringBuilder.toString());
+    }
+
+    protected void initializeDatabaseLookup(String passwordColumn, String userTable,
+                                            String userNameColumn) {
+
+        DBLookup dbLookup = new DBLookup(getDatabaseURL(), getDatabaseUserName(), getDatabasePassword(),
+                getDatabaseDriver());
+        DataSource dataSource = dbLookup.getDataSource();
+        jdbcRealm.setDataSource(dataSource);
+
+        StringBuilder stringBuilder = new StringBuilder();
+
+        stringBuilder.append("SELECT ").append(passwordColumn).append(" FROM ").append(userTable)
+                .append(" WHERE ").append(userNameColumn).append(" = ?");
+
+        jdbcRealm.setAuthenticationQuery(stringBuilder.toString());
+    }
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,148 @@
+/*
+ *
+ *  *
+ *  * Licensed to the Apache Software Foundation (ASF) under one
+ *  * or more contributor license agreements.  See the NOTICE file
+ *  * distributed with this work for additional information
+ *  * regarding copyright ownership.  The ASF licenses this file
+ *  * to you under the Apache License, Version 2.0 (the
+ *  * "License"); you may not use this file except in compliance
+ *  * with the License.  You may obtain a copy of the License at
+ *  *
+ *  *   http://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing,
+ *  * software distributed under the License is distributed on an
+ *  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  * KIND, either express or implied.  See the License for the
+ *  * specific language governing permissions and limitations
+ *  * under the License.
+ *  *
+ *
+ */
+
+package org.apache.airavata.security.userstore;
+
+import org.apache.airavata.security.UserStore;
+import org.apache.airavata.security.UserStoreException;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.realm.ldap.JndiLdapContextFactory;
+import org.apache.shiro.realm.ldap.JndiLdapRealm;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import sun.reflect.generics.reflectiveObjects.NotImplementedException;
+
+/**
+ * A user store which talks to LDAP server. User credentials and user information
+ * are stored in a LDAP server.
+ */
+public class LDAPUserStore implements UserStore {
+
+    private JndiLdapRealm ldapRealm;
+
+    protected static Logger log = LoggerFactory.getLogger(LDAPUserStore.class);
+
+    public boolean authenticate(String userName, Object credentials) throws UserStoreException {
+
+        AuthenticationToken authenticationToken = new UsernamePasswordToken(userName, (String)credentials);
+
+        AuthenticationInfo authenticationInfo;
+        try {
+            authenticationInfo = ldapRealm.getAuthenticationInfo(authenticationToken);
+        } catch (AuthenticationException e) {
+            log.warn(e.getLocalizedMessage(), e);
+            return false;
+        }
+
+        return authenticationInfo != null;
+
+    }
+
+    @Override
+    public boolean authenticate(Object credentials) throws UserStoreException {
+        log.error("LDAP user store only supports authenticating with user name and password.");
+        throw new NotImplementedException();
+    }
+
+    public void configure(Node specificConfigurationNode) throws UserStoreException{
+
+        /**
+         * <specificConfiguration>
+         * <ldap>
+         * <url>ldap://localhost:10389</url>
+         * <systemUser>admin</systemUser>
+         * <systemUserPassword>secret</systemUserPassword>
+         * <userDNTemplate>uid={0},ou=system</userDNTemplate>
+         * </ldap>
+         * </specificConfiguration>
+         */
+
+        Node configurationNode = null;
+        if (specificConfigurationNode != null) {
+            NodeList nodeList = specificConfigurationNode.getChildNodes();
+
+            for (int i=0; i < nodeList.getLength(); ++i) {
+                Node n = nodeList.item(i);
+                if (n.getNodeType() == Node.ELEMENT_NODE) {
+                    configurationNode = n;
+                }
+            }
+        }
+
+        String url = null;
+        String systemUser = null;
+        String systemUserPassword = null;
+        String userTemplate = null;
+
+        if (configurationNode != null) {
+            NodeList nodeList = configurationNode.getChildNodes();
+
+            for (int i = 0; i < nodeList.getLength(); ++i) {
+                Node n = nodeList.item(i);
+
+                if (n.getNodeType() == Node.ELEMENT_NODE) {
+
+                    Element element = (Element) n;
+
+                    if (element.getNodeName().equals("url")) {
+                        url = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("systemUser")) {
+                        systemUser = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("systemUserPassword")) {
+                        systemUserPassword = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("userDNTemplate")) {
+                        userTemplate = element.getFirstChild().getNodeValue();
+                    }
+                }
+            }
+        }
+
+        initializeLDAP(url, systemUser, systemUserPassword, userTemplate);
+
+    }
+
+    protected void initializeLDAP(String ldapUrl, String systemUser, String systemUserPassword,
+                                  String userNameTemplate) {
+
+        JndiLdapContextFactory jndiLdapContextFactory = new JndiLdapContextFactory();
+
+        jndiLdapContextFactory.setUrl(ldapUrl);
+        jndiLdapContextFactory.setSystemUsername(systemUser);
+        jndiLdapContextFactory.setSystemPassword(systemUserPassword);
+
+        ldapRealm = new JndiLdapRealm();
+
+        ldapRealm.setContextFactory(jndiLdapContextFactory);
+        ldapRealm.setUserDnTemplate(userNameTemplate);
+
+
+        ldapRealm.init();
+
+    }
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/SessionDBUserStore.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,141 @@
+/*
+ *
+ *  *
+ *  * Licensed to the Apache Software Foundation (ASF) under one
+ *  * or more contributor license agreements.  See the NOTICE file
+ *  * distributed with this work for additional information
+ *  * regarding copyright ownership.  The ASF licenses this file
+ *  * to you under the Apache License, Version 2.0 (the
+ *  * "License"); you may not use this file except in compliance
+ *  * with the License.  You may obtain a copy of the License at
+ *  *
+ *  *   http://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing,
+ *  * software distributed under the License is distributed on an
+ *  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  * KIND, either express or implied.  See the License for the
+ *  * specific language governing permissions and limitations
+ *  * under the License.
+ *  *
+ *
+ */
+
+package org.apache.airavata.security.userstore;
+
+import org.apache.airavata.security.UserStoreException;
+import org.apache.airavata.security.util.DBLookup;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import sun.reflect.generics.reflectiveObjects.NotImplementedException;
+
+import java.sql.SQLException;
+
+/**
+ * User store which works on sessions. Will talk to database to check
+ * whether session ids are stored in the database.
+ */
+public class SessionDBUserStore extends AbstractJDBCUserStore {
+
+    private String sessionTable;
+    private String sessionColumn;
+    private String comparingColumn;
+
+    protected DBLookup dbLookup;
+
+    protected static Logger log = LoggerFactory.getLogger(SessionDBUserStore.class);
+
+
+    @Override
+    public boolean authenticate(String userName, Object credentials) throws UserStoreException {
+        // This user store only supports session tokens.
+        throw new NotImplementedException();
+    }
+
+    @Override
+    public boolean authenticate(Object credentials) throws UserStoreException {
+
+        String sessionTicket = (String)credentials;
+
+        try {
+            String sessionString = dbLookup.getMatchingColumnValue(sessionTable, sessionColumn, sessionTicket);
+            return (sessionString != null);
+        } catch (SQLException e) {
+            throw new UserStoreException("Error querying database for session information.", e);
+        }
+    }
+
+    @Override
+    public void configure(Node node) throws UserStoreException {
+
+        super.configure(node);
+        /**
+         <specificConfigurations>
+         <sessionTable>
+         </sessionTable>
+         <sessionColumn></sessionColumn>
+         <comparingColumn></comparingColumn>
+         </specificConfigurations>
+         */
+
+        NodeList databaseNodeList = node.getChildNodes();
+
+        Node databaseNode = null;
+
+        for (int k = 0; k < databaseNodeList.getLength(); ++k) {
+
+            Node n = databaseNodeList.item(k);
+
+            if (n != null && n.getNodeType() == Node.ELEMENT_NODE) {
+                databaseNode = n;
+            }
+        }
+
+        if (databaseNode != null) {
+            NodeList nodeList = databaseNode.getChildNodes();
+
+            for (int i = 0; i < nodeList.getLength(); ++i) {
+                Node n = nodeList.item(i);
+
+                if (n.getNodeType() == Node.ELEMENT_NODE) {
+
+                    Element element = (Element) n;
+
+                    if (element.getNodeName().equals("sessionTable")) {
+                        sessionTable = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("sessionColumn")) {
+                        sessionColumn = element.getFirstChild().getNodeValue();
+                    } else if (element.getNodeName().equals("comparingColumn")) {
+                        comparingColumn = element.getFirstChild().getNodeValue();
+                    }
+                }
+            }
+        }
+
+        initializeDatabaseLookup();
+
+        StringBuilder stringBuilder = new StringBuilder("Configuring DB parameters for authenticator with Session Table - ");
+        stringBuilder.append(sessionTable).append(" Session column - ").append(sessionColumn).append(" Comparing column - ").
+                append(comparingColumn);
+
+        log.info(stringBuilder.toString());
+    }
+
+    private void initializeDatabaseLookup() throws RuntimeException {
+
+        this.dbLookup = new DBLookup(getDatabaseURL(), getDatabaseUserName(), getDatabasePassword(), getDatabaseDriver());
+
+        try {
+            this.dbLookup.init();
+        } catch (ClassNotFoundException e) {
+            throw new RuntimeException("Error loading database driver. Driver class not found.", e);
+        } catch (InstantiationException e) {
+            throw new RuntimeException("Error loading database driver. Error instantiating driver object.", e);
+        } catch (IllegalAccessException e) {
+            throw new RuntimeException("Error loading database driver. Illegal access to driver object.", e);
+        }
+    }
+}

Added: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/DBLookup.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/DBLookup.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/DBLookup.java (added)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/DBLookup.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,108 @@
+package org.apache.airavata.security.util;
+
+import org.apache.commons.dbcp.BasicDataSource;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.sql.DataSource;
+import java.sql.*;
+import java.util.Properties;
+
+/**
+ * Database lookup.
+ */
+public class DBLookup {
+
+    private String jdbcUrl;
+    private String databaseUserName;
+    private String databasePassword;
+    private String driverName;
+
+    protected static Logger log = LoggerFactory.getLogger(DBLookup.class);
+
+    private Properties properties;
+
+
+    public DBLookup(String jdbcUrl, String userName, String password, String driver) {
+
+        this.jdbcUrl = jdbcUrl;
+        this.databaseUserName = userName;
+        this.databasePassword = password;
+        this.driverName = driver;
+    }
+
+    public void init() throws ClassNotFoundException, InstantiationException, IllegalAccessException {
+        properties = new Properties();
+
+        properties.put("user", databaseUserName);
+        properties.put("password", databasePassword);
+        properties.put("characterEncoding", "ISO-8859-1");
+        properties.put("useUnicode", "true");
+
+        loadDriver();
+    }
+
+    public String getMatchingColumnValue(String tableName, String selectColumn, String whereValue)
+            throws SQLException {
+        return getMatchingColumnValue(tableName, selectColumn, selectColumn, whereValue);
+    }
+
+    public String getMatchingColumnValue(String tableName, String selectColumn, String whereColumn, String whereValue)
+            throws SQLException {
+
+        StringBuilder stringBuilder = new StringBuilder();
+
+        stringBuilder.append("SELECT ").append(selectColumn).append(" FROM ").append(tableName)
+                .append(" WHERE ").append(whereColumn).append(" = ?");
+
+        String sql = stringBuilder.toString();
+
+        Connection connection = getConnection();
+
+        PreparedStatement ps = connection.prepareStatement(sql);
+        ResultSet rs = null;
+
+        try {
+            ps.setString(1, whereValue);
+            rs = ps.executeQuery();
+
+            if (rs.next()) {
+                return rs.getString(1);
+            }
+
+        } finally {
+            try {
+                if (rs != null) {
+                    rs.close();
+                }
+
+                ps.close();
+                connection.close();
+
+            } catch (Exception ignore) {
+                log.error("An error occurred while closing database connections ", ignore);
+            }
+        }
+
+        return null;
+    }
+
+    private void loadDriver() throws ClassNotFoundException, IllegalAccessException, InstantiationException {
+        Class.forName(driverName).newInstance();
+    }
+
+    public DataSource getDataSource() {
+        BasicDataSource ds = new BasicDataSource();
+        ds.setDriverClassName(this.driverName);
+        ds.setUsername(this.databaseUserName);
+        ds.setPassword(this.databasePassword);
+        ds.setUrl(this.jdbcUrl);
+
+        return ds;
+    }
+
+    public Connection getConnection() throws SQLException {
+        return DriverManager.getConnection(jdbcUrl, properties);
+    }
+
+}

Added: airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java (added)
+++ airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,97 @@
+package org.apache.airavata.security.configurations;
+
+import junit.framework.TestCase;
+import org.apache.airavata.security.Authenticator;
+import org.apache.airavata.security.userstore.JDBCUserStore;
+import org.apache.airavata.security.userstore.LDAPUserStore;
+
+import java.io.File;
+import java.util.List;
+
+/**
+ * A test class for authenticator configuration reader.
+ * Reads the authenticators.xml in resources directory.
+ */
+public class AuthenticatorConfigurationReaderTest extends TestCase {
+
+    private String configurationFile = this.getClass().getClassLoader().getResource("authenticators.xml").getFile();
+
+    public void setUp() throws Exception {
+
+        File f = new File(".");
+        System.out.println(f.getAbsolutePath());
+
+        File file = new File(configurationFile);
+
+        if (!file.exists() && !file.canRead()) {
+            throw new Exception("Error reading configuration file " + configurationFile);
+
+        }
+    }
+
+    public void testInit() throws Exception {
+
+        AuthenticatorConfigurationReader authenticatorConfigurationReader
+                = new AuthenticatorConfigurationReader();
+        authenticatorConfigurationReader.init(configurationFile);
+
+        assertTrue(AuthenticatorConfigurationReader.isAuthenticationEnabled());
+
+        List<Authenticator> authenticators = authenticatorConfigurationReader.getAuthenticatorList();
+
+        assertEquals(authenticators.size(), 3);
+
+        for (Authenticator authenticator : authenticators) {
+            if (authenticator instanceof TestDBAuthenticator1) {
+                assertEquals("dbAuthenticator1", authenticator.getAuthenticatorName());
+                assertEquals(6, authenticator.getPriority());
+                assertEquals(true, authenticator.isEnabled());
+                assertEquals("jdbc:sql:thin:@//myhost:1521/mysql1", ((TestDBAuthenticator1) authenticator).getDatabaseURL());
+                assertEquals("org.myqsql.Driver1", ((TestDBAuthenticator1) authenticator).getDatabaseDriver());
+                assertEquals("mysql1", ((TestDBAuthenticator1) authenticator).getDatabaseUserName());
+                assertEquals("secret1", ((TestDBAuthenticator1) authenticator).getDatabasePassword());
+                assertNotNull(authenticator.getUserStore());
+                assertTrue(authenticator.getUserStore() instanceof JDBCUserStore);
+            } else if (authenticator instanceof TestDBAuthenticator2) {
+                assertEquals("dbAuthenticator2", authenticator.getAuthenticatorName());
+                assertEquals(7, authenticator.getPriority());
+                assertEquals(true, authenticator.isEnabled());
+                assertEquals("jdbc:sql:thin:@//myhost:1521/mysql2", ((TestDBAuthenticator2) authenticator).getDatabaseURL());
+                assertEquals("org.myqsql.Driver2", ((TestDBAuthenticator2) authenticator).getDatabaseDriver());
+                assertEquals("mysql2", ((TestDBAuthenticator2) authenticator).getDatabaseUserName());
+                assertEquals("secret2", ((TestDBAuthenticator2) authenticator).getDatabasePassword());
+                assertNotNull(authenticator.getUserStore());
+                assertTrue(authenticator.getUserStore() instanceof LDAPUserStore);
+            }  else if (authenticator instanceof TestDBAuthenticator3) {
+                assertEquals("dbAuthenticator3", authenticator.getAuthenticatorName());
+                assertEquals(8, authenticator.getPriority());
+                assertEquals(true, authenticator.isEnabled());
+                assertEquals("jdbc:sql:thin:@//myhost:1521/mysql3", ((TestDBAuthenticator3) authenticator).getDatabaseURL());
+                assertEquals("org.myqsql.Driver3", ((TestDBAuthenticator3) authenticator).getDatabaseDriver());
+                assertEquals("mysql3", ((TestDBAuthenticator3) authenticator).getDatabaseUserName());
+                assertEquals("secret3", ((TestDBAuthenticator3) authenticator).getDatabasePassword());
+                assertNotNull(authenticator.getUserStore());
+                assertTrue(authenticator.getUserStore() instanceof JDBCUserStore);
+            }
+        }
+
+        assertEquals(8, authenticators.get(0).getPriority());
+        assertEquals(7, authenticators.get(1).getPriority());
+        assertEquals(6, authenticators.get(2).getPriority());
+
+    }
+
+    public void testDisabledAuthenticator() throws Exception {
+
+        String disabledConfiguration
+                = this.getClass().getClassLoader().getResource("disabled-authenticator.xml").getFile();
+
+
+        AuthenticatorConfigurationReader authenticatorConfigurationReader
+                = new AuthenticatorConfigurationReader();
+        authenticatorConfigurationReader.init(disabledConfiguration);
+
+        assertFalse(AuthenticatorConfigurationReader.isAuthenticationEnabled());
+
+    }
+}

Added: airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator1.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator1.java?rev=1409401&view=auto
==============================================================================
--- airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator1.java (added)
+++ airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator1.java Wed Nov 14 21:10:13 2012
@@ -0,0 +1,37 @@
+package org.apache.airavata.security.configurations;
+
+import org.apache.airavata.security.AbstractDatabaseAuthenticator;
+import org.apache.airavata.security.AuthenticationException;
+
+public class TestDBAuthenticator1 extends AbstractDatabaseAuthenticator {
+
+    public TestDBAuthenticator1() {
+        super();
+    }
+
+    @Override
+    public void onSuccessfulAuthentication(Object authenticationInfo) {
+        //To change body of implemented methods use File | Settings | File Templates.
+    }
+
+    @Override
+    public void onFailedAuthentication(Object authenticationInfo) {
+        //To change body of implemented methods use File | Settings | File Templates.
+    }
+
+    @Override
+    public boolean authenticate(Object credentials) throws AuthenticationException {
+        return false;  //To change body of implemented methods use File | Settings | File Templates.
+    }
+
+    @Override
+    protected boolean doAuthentication(Object credentials) throws AuthenticationException {
+        return false;  //To change body of implemented methods use File | Settings | File Templates.
+    }
+
+    @Override
+    public boolean isAuthenticated(Object credentials) {
+        return false;  //To change body of implemented methods use File | Settings | File Templates.
+    }
+}
+



Mime
View raw message