public class DefaultSecurityService extends TurbineBaseService implements SecurityService
configuration, name, serviceBroker
initableBroker, isInitialized
SERVICE_NAME, USER_MANAGER_DEFAULT, USER_MANAGER_KEY
Constructor and Description |
---|
DefaultSecurityService() |
Modifier and Type | Method and Description |
---|---|
boolean |
accountExists(String userName)
Check whether a specified user's account exists.
|
boolean |
accountExists(User user)
Check whether a specified user's account exists.
|
<G extends org.apache.fulcrum.security.entity.Group> |
addGroup(G group)
Creates a new group with specified attributes.
|
<P extends org.apache.fulcrum.security.entity.Permission> |
addPermission(P permission)
Creates a new permission with specified attributes.
|
<R extends org.apache.fulcrum.security.entity.Role> |
addRole(R role)
Creates a new role with specified attributes.
|
void |
addUser(User user,
String password)
Creates new user account with specified attributes.
|
void |
changePassword(User user,
String oldPassword,
String newPassword)
Change the password for an User.
|
void |
forcePassword(User user,
String password)
Forcibly sets new password for an User.
|
<A extends org.apache.fulcrum.security.acl.AccessControlList> |
getACL(User user)
Constructs an AccessControlList for a specific user.
|
org.apache.fulcrum.security.util.GroupSet |
getAllGroups()
Retrieves all groups defined in the system.
|
org.apache.fulcrum.security.util.PermissionSet |
getAllPermissions()
Retrieves all permissions defined in the system.
|
org.apache.fulcrum.security.util.RoleSet |
getAllRoles()
Retrieves all roles defined in the system.
|
<U extends User> |
getAnonymousUser()
Constructs an User object to represent an anonymous user of the
application.
|
<U extends User> |
getAuthenticatedUser(String username,
String password)
Authenticates an user, and constructs an User object to represent
him/her.
|
<G extends org.apache.fulcrum.security.entity.Group> |
getGlobalGroup()
Provides a reference to the Group object that represents the
global group.
|
<G extends org.apache.fulcrum.security.entity.Group> |
getGroupById(int id)
Retrieve a Group object with specified Id.
|
<G extends org.apache.fulcrum.security.entity.Group> |
getGroupByName(String name)
Retrieve a Group object with specified name.
|
<G extends org.apache.fulcrum.security.entity.Group> |
getGroupInstance()
Construct a blank Group object.
|
<G extends org.apache.fulcrum.security.entity.Group> |
getGroupInstance(String groupName)
Construct a blank Group object.
|
<P extends org.apache.fulcrum.security.entity.Permission> |
getPermissionById(int id)
Retrieve a Permission object with specified Id.
|
<P extends org.apache.fulcrum.security.entity.Permission> |
getPermissionByName(String name)
Retrieve a Permission object with specified name.
|
<P extends org.apache.fulcrum.security.entity.Permission> |
getPermissionInstance()
Construct a blank Permission object.
|
<P extends org.apache.fulcrum.security.entity.Permission> |
getPermissionInstance(String permName)
Construct a blank Permission object.
|
org.apache.fulcrum.security.util.PermissionSet |
getPermissions(org.apache.fulcrum.security.entity.Role role)
Retrieves all permissions associated with a role.
|
<R extends org.apache.fulcrum.security.entity.Role> |
getRoleById(int id)
Retrieve a Role object with specified Id.
|
<R extends org.apache.fulcrum.security.entity.Role> |
getRoleByName(String name)
Retrieve a Role object with specified name.
|
<R extends org.apache.fulcrum.security.entity.Role> |
getRoleInstance()
Construct a blank Role object.
|
<R extends org.apache.fulcrum.security.entity.Role> |
getRoleInstance(String roleName)
Construct a blank Role object.
|
<U extends User> |
getUser(String username)
Constructs an User object to represent a registered user of the
application.
|
<U extends User> |
getUserInstance()
Construct a blank User object.
|
<U extends User> |
getUserInstance(String userName)
Construct a blank User object.
|
UserManager |
getUserManager()
Returns the configured UserManager.
|
void |
grant(org.apache.fulcrum.security.entity.Role role,
org.apache.fulcrum.security.entity.Permission permission)
Grants a Role a Permission
|
void |
grant(User user,
org.apache.fulcrum.security.entity.Group group,
org.apache.fulcrum.security.entity.Role role)
Grant an User a Role in a Group.
|
void |
init()
Initializes the SecurityService, locating the appropriate UserManager
This is a zero parameter variant which queries the Turbine Servlet
for its config.
|
boolean |
isAnonymousUser(User user)
Checks whether a passed user object matches the anonymous user pattern
according to the configured user manager
|
protected void |
lockExclusive()
Acquire an exclusive lock on the security information repository.
|
protected void |
lockShared()
Acquire a shared lock on the security information repository.
|
void |
removeGroup(org.apache.fulcrum.security.entity.Group group)
Removes a Group from the system.
|
void |
removePermission(org.apache.fulcrum.security.entity.Permission permission)
Removes a Permission from the system.
|
void |
removeRole(org.apache.fulcrum.security.entity.Role role)
Removes a Role from the system.
|
void |
removeUser(User user)
Removes an user account from the system.
|
void |
renameGroup(org.apache.fulcrum.security.entity.Group group,
String name)
Renames an existing Group.
|
void |
renamePermission(org.apache.fulcrum.security.entity.Permission permission,
String name)
Renames an existing Permission.
|
void |
renameRole(org.apache.fulcrum.security.entity.Role role,
String name)
Renames an existing Role.
|
void |
revoke(org.apache.fulcrum.security.entity.Role role,
org.apache.fulcrum.security.entity.Permission permission)
Revokes a Permission from a Role.
|
void |
revoke(User user,
org.apache.fulcrum.security.entity.Group group,
org.apache.fulcrum.security.entity.Role role)
Revoke a Role in a Group from an User.
|
void |
revokeAll(org.apache.fulcrum.security.entity.Role role)
Revokes all permissions from a Role.
|
void |
revokeAll(User user)
Revokes all roles from an User.
|
void |
saveOnSessionUnbind(User user)
Saves User data when the session is unbound.
|
void |
saveUser(User user)
Saves User's data in the permanent storage.
|
protected void |
unlockExclusive()
Release an exclusive lock on the security information repository.
|
protected void |
unlockShared()
Release a shared lock on the security information repository.
|
init, init, shutdown
getConfiguration, getName, getProperties, getServiceBroker, setName, setServiceBroker
getInit, getInitableBroker, setInit, setInitableBroker
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getConfiguration, getName, getProperties, setName, setServiceBroker
getInit, init, setInitableBroker, shutdown
public DefaultSecurityService()
public void init() throws InitializationException
init
in interface Initable
init
in class TurbineBaseService
InitializationException
- Something went wrong in the init stagepublic <U extends User> U getUserInstance() throws org.apache.fulcrum.security.util.UnknownEntityException
getUserInstance
in interface SecurityService
org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public <U extends User> U getUserInstance(String userName) throws org.apache.fulcrum.security.util.UnknownEntityException
getUserInstance
in interface SecurityService
userName
- The name of the user.org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public <G extends org.apache.fulcrum.security.entity.Group> G getGroupInstance() throws org.apache.fulcrum.security.util.UnknownEntityException
getGroupInstance
in interface SecurityService
org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public <G extends org.apache.fulcrum.security.entity.Group> G getGroupInstance(String groupName) throws org.apache.fulcrum.security.util.UnknownEntityException
getGroupInstance
in interface SecurityService
groupName
- The name of the Grouporg.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public <P extends org.apache.fulcrum.security.entity.Permission> P getPermissionInstance() throws org.apache.fulcrum.security.util.UnknownEntityException
getPermissionInstance
in interface SecurityService
org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public <P extends org.apache.fulcrum.security.entity.Permission> P getPermissionInstance(String permName) throws org.apache.fulcrum.security.util.UnknownEntityException
getPermissionInstance
in interface SecurityService
permName
- The name of the permission.org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public <R extends org.apache.fulcrum.security.entity.Role> R getRoleInstance() throws org.apache.fulcrum.security.util.UnknownEntityException
getRoleInstance
in interface SecurityService
org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public <R extends org.apache.fulcrum.security.entity.Role> R getRoleInstance(String roleName) throws org.apache.fulcrum.security.util.UnknownEntityException
getRoleInstance
in interface SecurityService
roleName
- The name of the role.org.apache.fulcrum.security.util.UnknownEntityException
- if the object could not be instantiated.public UserManager getUserManager()
getUserManager
in interface SecurityService
public boolean accountExists(User user) throws org.apache.fulcrum.security.util.DataBackendException
accountExists
in interface SecurityService
user
- The user to be checked.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.public boolean accountExists(String userName) throws org.apache.fulcrum.security.util.DataBackendException
accountExists
in interface SecurityService
userName
- The name of the user to be checked.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.public <U extends User> U getAuthenticatedUser(String username, String password) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.PasswordMismatchException
getAuthenticatedUser
in interface SecurityService
username
- The user name.password
- The user password.org.apache.fulcrum.security.util.PasswordMismatchException
- if the supplied password was incorrect.org.apache.fulcrum.security.util.UnknownEntityException
- if the user's account does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the storage.public <U extends User> U getUser(String username) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getUser
in interface SecurityService
username
- The user name.org.apache.fulcrum.security.util.UnknownEntityException
- if the user's account does not existorg.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the storage.public <U extends User> U getAnonymousUser() throws org.apache.fulcrum.security.util.UnknownEntityException
getAnonymousUser
in interface SecurityService
org.apache.fulcrum.security.util.UnknownEntityException
- if the implementation of User interface
could not be determined, or does not exist.public boolean isAnonymousUser(User user)
isAnonymousUser
in interface SecurityService
user
- An user objectpublic void saveUser(User user) throws org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.DataBackendException
saveUser
in interface SecurityService
user
- the User object to saveorg.apache.fulcrum.security.util.UnknownEntityException
- if the user's account does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the storage.public void saveOnSessionUnbind(User user) throws org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.DataBackendException
saveOnSessionUnbind
in interface SecurityService
user
- the user objectorg.apache.fulcrum.security.util.UnknownEntityException
- if the user's account does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public void addUser(User user, String password) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.EntityExistsException
addUser
in interface SecurityService
user
- the object describing account to be created.password
- The password to use for the account.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the
data backend.org.apache.fulcrum.security.util.EntityExistsException
- if the user account already exists.public void removeUser(User user) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
removeUser
in interface SecurityService
user
- the object describing the account to be removed.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the user account is not present.public void changePassword(User user, String oldPassword, String newPassword) throws org.apache.fulcrum.security.util.PasswordMismatchException, org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.DataBackendException
changePassword
in interface SecurityService
user
- an User to change password for.oldPassword
- the current password supplied by the user.newPassword
- the current password requested by the user.org.apache.fulcrum.security.util.PasswordMismatchException
- if the supplied password was incorrect.org.apache.fulcrum.security.util.UnknownEntityException
- if the user's record does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the storage.public void forcePassword(User user, String password) throws org.apache.fulcrum.security.util.UnknownEntityException, org.apache.fulcrum.security.util.DataBackendException
forcePassword
in interface SecurityService
user
- an User to change password for.password
- the new password.org.apache.fulcrum.security.util.UnknownEntityException
- if the user's record does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the storage.protected void lockShared()
protected void unlockShared()
protected void lockExclusive()
synchronized
themselves!protected void unlockExclusive()
synchronized
!public <G extends org.apache.fulcrum.security.entity.Group> G getGlobalGroup()
getGlobalGroup
in interface SecurityService
public <G extends org.apache.fulcrum.security.entity.Group> G getGroupByName(String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getGroupByName
in interface SecurityService
name
- the name of the Group.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the
data backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the group does not exist.public <G extends org.apache.fulcrum.security.entity.Group> G getGroupById(int id) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getGroupById
in interface SecurityService
id
- the id of the Group.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public <R extends org.apache.fulcrum.security.entity.Role> R getRoleByName(String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getRoleByName
in interface SecurityService
name
- the name of the Role.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the
data backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the role does not exist.public <R extends org.apache.fulcrum.security.entity.Role> R getRoleById(int id) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getRoleById
in interface SecurityService
id
- the id of the Role.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public <P extends org.apache.fulcrum.security.entity.Permission> P getPermissionByName(String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getPermissionByName
in interface SecurityService
name
- the name of the Permission.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the
data backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not exist.public <P extends org.apache.fulcrum.security.entity.Permission> P getPermissionById(int id) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getPermissionById
in interface SecurityService
id
- the id of the Permission.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not
exist in the database.org.apache.fulcrum.security.util.DataBackendException
- if there is a problem accessing the
storage.public org.apache.fulcrum.security.util.GroupSet getAllGroups() throws org.apache.fulcrum.security.util.DataBackendException
getAllGroups
in interface SecurityService
org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the
data backend.public org.apache.fulcrum.security.util.RoleSet getAllRoles() throws org.apache.fulcrum.security.util.DataBackendException
getAllRoles
in interface SecurityService
org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the
data backend.public org.apache.fulcrum.security.util.PermissionSet getAllPermissions() throws org.apache.fulcrum.security.util.DataBackendException
getAllPermissions
in interface SecurityService
org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the
data backend.public <A extends org.apache.fulcrum.security.acl.AccessControlList> A getACL(User user) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getACL
in interface SecurityService
user
- the user for whom the AccessControlList are to be retrievedorg.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if user account is not present.public void grant(User user, org.apache.fulcrum.security.entity.Group group, org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
grant
in interface SecurityService
user
- the user.group
- the group.role
- the role.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if user account, group or role is not
present.public void revoke(User user, org.apache.fulcrum.security.entity.Group group, org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
revoke
in interface SecurityService
user
- the user.group
- the group.role
- the role.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if user account, group or role is not
present.public void revokeAll(User user) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
revokeAll
in interface SecurityService
user
- the User.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the account is not present.public void grant(org.apache.fulcrum.security.entity.Role role, org.apache.fulcrum.security.entity.Permission permission) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
grant
in interface SecurityService
role
- the Role.permission
- the Permission.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if role or permission is not present.public void revoke(org.apache.fulcrum.security.entity.Role role, org.apache.fulcrum.security.entity.Permission permission) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
revoke
in interface SecurityService
role
- the Role.permission
- the Permission.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if role or permission is not present.public void revokeAll(org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
revokeAll
in interface SecurityService
role
- the Roleorg.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the Role is not present.public org.apache.fulcrum.security.util.PermissionSet getPermissions(org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
getPermissions
in interface SecurityService
role
- the role name, for which the permissions are to be retrieved.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the role is not present.public <G extends org.apache.fulcrum.security.entity.Group> G addGroup(G group) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.EntityExistsException
addGroup
in interface SecurityService
group
- the object describing the group to be created.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.EntityExistsException
- if the group already exists.public <R extends org.apache.fulcrum.security.entity.Role> R addRole(R role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.EntityExistsException
addRole
in interface SecurityService
role
- the objects describing the role to be created.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.EntityExistsException
- if the role already exists.public <P extends org.apache.fulcrum.security.entity.Permission> P addPermission(P permission) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.EntityExistsException
addPermission
in interface SecurityService
permission
- the objects describing the permission to be created.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.EntityExistsException
- if the permission already exists.public void removeGroup(org.apache.fulcrum.security.entity.Group group) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
removeGroup
in interface SecurityService
group
- the object describing group to be removed.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the group does not exist.public void removeRole(org.apache.fulcrum.security.entity.Role role) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
removeRole
in interface SecurityService
role
- The object describing the role to be removed.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the role does not exist.public void removePermission(org.apache.fulcrum.security.entity.Permission permission) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
removePermission
in interface SecurityService
permission
- The object describing the permission to be removed.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not exist.public void renameGroup(org.apache.fulcrum.security.entity.Group group, String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
renameGroup
in interface SecurityService
group
- The object describing the group to be renamed.name
- the new name for the group.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the group does not exist.public void renameRole(org.apache.fulcrum.security.entity.Role role, String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
renameRole
in interface SecurityService
role
- The object describing the role to be renamed.name
- the new name for the role.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the role does not exist.public void renamePermission(org.apache.fulcrum.security.entity.Permission permission, String name) throws org.apache.fulcrum.security.util.DataBackendException, org.apache.fulcrum.security.util.UnknownEntityException
renamePermission
in interface SecurityService
permission
- The object describing the permission to be renamed.name
- the new name for the permission.org.apache.fulcrum.security.util.DataBackendException
- if there was an error accessing the data
backend.org.apache.fulcrum.security.util.UnknownEntityException
- if the permission does not exist.Copyright © 2000-2015 The Apache Software Foundation. All Rights Reserved.