Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.turbine.services.security.ldap
Class LDAPSecurityService

java.lang.Object
  extended byorg.apache.turbine.services.BaseInitable
      extended byorg.apache.turbine.services.BaseService
          extended byorg.apache.turbine.services.TurbineBaseService
              extended byorg.apache.turbine.services.security.BaseSecurityService
                  extended byorg.apache.turbine.services.security.ldap.LDAPSecurityService
All Implemented Interfaces:
Initable, SecurityService, Service
public class LDAPSecurityService
extends BaseSecurityService

An implementation of SecurityService that uses LDAP as a backend.

Version:
$Id: LDAPSecurityService.java 264148 2005-08-29 14:21:04Z henning $
Author:
Rafal Krzewski, Tracy M. Adewunmi , Leonard J. Flournoy , Jason van Zyl, Marco Knüttel, Humberto Hernandez

Field Summary
 
Fields inherited from class org.apache.turbine.services.BaseService
configuration, name, serviceBroker
 
Fields inherited from class org.apache.turbine.services.BaseInitable
initableBroker, isInitialized
 
Fields inherited from interface org.apache.turbine.services.security.SecurityService
ACL_CLASS_DEFAULT, ACL_CLASS_KEY, GROUP_CLASS_DEFAULT, GROUP_CLASS_KEY, PERMISSION_CLASS_DEFAULT, PERMISSION_CLASS_KEY, ROLE_CLASS_DEFAULT, ROLE_CLASS_KEY, SECURE_PASSWORDS_ALGORITHM_DEFAULT, SECURE_PASSWORDS_ALGORITHM_KEY, SECURE_PASSWORDS_DEFAULT, SECURE_PASSWORDS_KEY, SERVICE_NAME, USER_CLASS_DEFAULT, USER_CLASS_KEY, USER_MANAGER_DEFAULT, USER_MANAGER_KEY
 
Constructor Summary
LDAPSecurityService()
           
 
Method Summary
 Group addGroup(Group group)
          Creates a new group with specified attributes.
 Permission addPermission(Permission permission)
          Creates a new permission with specified attributes.
 Role addRole(Role role)
          Creates a new role with specified attributes.
 boolean checkExists(Group group)
          Determines if the Group exists in the security system.
 boolean checkExists(Permission permission)
          Determines if the Permission exists in the security system.
 boolean checkExists(Role role)
          Determines if the Role exists in the security system.
 AccessControlList getACL(User user)
          Constructs an AccessControlList for a specific user.
 GroupSet getGroups(org.apache.torque.util.Criteria criteria)
          Retrieve a set of Groups that meet the specified Criteria.
 Group getNewGroup(java.lang.String groupName)
          Retrieves a new Group.
 Permission getNewPermission(java.lang.String permissionName)
          Retrieves a new Permission.
 Role getNewRole(java.lang.String roleName)
          Retrieves a new Role.
 PermissionSet getPermissions(org.apache.torque.util.Criteria criteria)
          Retrieve a set of Permissions that meet the specified Criteria.
 PermissionSet getPermissions(Role role)
          Retrieves all permissions associated with a role.
 RoleSet getRoles(org.apache.torque.util.Criteria criteria)
          Retrieve a set of Roles that meet the specified Criteria.
 void grant(Role role, Permission permission)
          Grants a Role a Permission
 void grant(User user, Group group, Role role)
          Grant an User a Role in a Group.
 void removeGroup(Group group)
          Removes a Group from the system.
 void removePermission(Permission permission)
          Removes a Permission from the system.
 void removeRole(Role role)
          Removes a Role from the system.
 void renameGroup(Group group, java.lang.String name)
          Renames an existing Group.
 void renamePermission(Permission permission, java.lang.String name)
          Renames an existing Permission.
 void renameRole(Role role, java.lang.String name)
          Renames an existing Role.
 void revoke(Role role, Permission permission)
          Revokes a Permission from a Role.
 void revoke(User user, Group group, Role role)
          Revoke a Role in a Group from an User.
 void revokeAll(Group group)
          Revoke all the roles to a group.
 void revokeAll(Role role)
          Revoke all the permissions to a role.
 void revokeAll(User user)
          Revoke all the roles to a user
 void saveGroup(Group group)
          Stores Group's attributes.
 void savePermission(Permission permission)
          Stores Permission's attributes.
 void saveRole(Role role)
          Stores Role's attributes.
 
Methods inherited from class org.apache.turbine.services.security.BaseSecurityService
accountExists, accountExists, addUser, changePassword, checkPassword, encryptPassword, encryptPassword, forcePassword, getAclClass, getAclInstance, getAllGroups, getAllPermissions, getAllRoles, getAnonymousUser, getAuthenticatedUser, getGlobalGroup, getGroup, getGroupById, getGroupByName, getGroupClass, getGroupInstance, getGroupInstance, getPermission, getPermissionById, getPermissionByName, getPermissionClass, getPermissionInstance, getPermissionInstance, getRole, getRoleById, getRoleByName, getRoleClass, getRoleInstance, getRoleInstance, getUser, getUserClass, getUserInstance, getUserInstance, getUserList, getUserManager, getUsers, init, init, isAnonymousUser, lockExclusive, lockShared, removeUser, saveOnSessionUnbind, saveUser, setUserManager, unlockExclusive, unlockShared
 
Methods inherited from class org.apache.turbine.services.TurbineBaseService
init, init, shutdown
 
Methods inherited from class org.apache.turbine.services.BaseService
getConfiguration, getName, getProperties, getServiceBroker, setName, setServiceBroker
 
Methods inherited from class org.apache.turbine.services.BaseInitable
getInit, getInitableBroker, setInit, setInitableBroker
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.turbine.services.Service
getConfiguration, getName, getProperties, setName, setServiceBroker
 
Methods inherited from interface org.apache.turbine.services.Initable
getInit, init, setInitableBroker, shutdown
 

Constructor Detail

LDAPSecurityService

public LDAPSecurityService()
Method Detail

getACL

public AccessControlList getACL(User user)
                         throws DataBackendException,
                                UnknownEntityException
Constructs an AccessControlList for a specific user. This method creates a snapshot of the state of security information concerning this user, at the moment of invocation and stores it into an AccessControlList object.

Parameters:
user - the user for whom the AccessControlList are to be retrieved
Returns:
an AccessControlList for a specific user.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if user account is not present.

grant

public void grant(User user,
                  Group group,
                  Role role)
           throws DataBackendException,
                  UnknownEntityException
Grant an User a Role in a Group.

Parameters:
user - the user.
group - the group.
role - the role.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if user account, group or role is not present.

revoke

public void revoke(User user,
                   Group group,
                   Role role)
            throws DataBackendException,
                   UnknownEntityException
Revoke a Role in a Group from an User.

Parameters:
user - the user.
group - the group.
role - the role.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if user account, group or role is not present.

grant

public void grant(Role role,
                  Permission permission)
           throws DataBackendException,
                  UnknownEntityException
Grants a Role a Permission

Parameters:
role - the Role.
permission - the Permission.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if role or permission is not present.

revoke

public void revoke(Role role,
                   Permission permission)
            throws DataBackendException,
                   UnknownEntityException
Revokes a Permission from a Role.

Parameters:
role - the Role.
permission - the Permission.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if role or permission is not present.

getNewGroup

public Group getNewGroup(java.lang.String groupName)
Retrieves a new Group. It creates a new Group based on the Services Group implementation. It does not create a new Group in the system though. Use addGroup for that. Not implemented

Specified by:
getNewGroup in interface SecurityService
Overrides:
getNewGroup in class BaseSecurityService
Parameters:
groupName - The name of the Group to be retrieved.
Returns:
a Group.

getNewRole

public Role getNewRole(java.lang.String roleName)
Retrieves a new Role. It creates a new Role based on the Services Role implementation. It does not create a new Role in the system though. Use addRole for that. Not implemented

Specified by:
getNewRole in interface SecurityService
Overrides:
getNewRole in class BaseSecurityService
Parameters:
roleName - The name of the Group to be retrieved.
Returns:
a Role.

getNewPermission

public Permission getNewPermission(java.lang.String permissionName)
Retrieves a new Permission. It creates a new Permission based on the Services Permission implementation. It does not create a new Permission in the system though. Use create for that. Not implemented

Specified by:
getNewPermission in interface SecurityService
Overrides:
getNewPermission in class BaseSecurityService
Parameters:
permissionName - The name of the Permission to be retrieved.
Returns:
a Permission

getGroups

public GroupSet getGroups(org.apache.torque.util.Criteria criteria)
                   throws DataBackendException
Retrieve a set of Groups that meet the specified Criteria.

Parameters:
criteria - Criteria of Group selection.
Returns:
a set of Groups that meet the specified Criteria.
Throws:
DataBackendException - if there is problem with the Backend.

getRoles

public RoleSet getRoles(org.apache.torque.util.Criteria criteria)
                 throws DataBackendException
Retrieve a set of Roles that meet the specified Criteria.

Parameters:
criteria - Criteria of Roles selection.
Returns:
a set of Roles that meet the specified Criteria.
Throws:
DataBackendException - if there is a problem with the Backend.

getPermissions

public PermissionSet getPermissions(org.apache.torque.util.Criteria criteria)
                             throws DataBackendException
Retrieve a set of Permissions that meet the specified Criteria.

Parameters:
criteria - Criteria of Permissions selection.
Returns:
a set of Permissions that meet the specified Criteria.
Throws:
DataBackendException - if there is a problem with the Backend.

getPermissions

public PermissionSet getPermissions(Role role)
                             throws DataBackendException,
                                    UnknownEntityException
Retrieves all permissions associated with a role.

Parameters:
role - the role name, for which the permissions are to be retrieved.
Returns:
a PermissionSet.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the role is not present.

saveGroup

public void saveGroup(Group group)
               throws DataBackendException,
                      UnknownEntityException
Stores Group's attributes. The Groups is required to exist in the system.

Parameters:
group - The Group to be stored.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the group does not exist.

saveRole

public void saveRole(Role role)
              throws DataBackendException,
                     UnknownEntityException
Stores Role's attributes. The Roles is required to exist in the system.

Parameters:
role - The Role to be stored.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the role does not exist.

savePermission

public void savePermission(Permission permission)
                    throws DataBackendException,
                           UnknownEntityException
Stores Permission's attributes. The Permissions is required to exist in the system.

Parameters:
permission - The Permission to be stored.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the permission does not exist.

addGroup

public Group addGroup(Group group)
               throws DataBackendException,
                      EntityExistsException
Creates a new group with specified attributes. Not implemented

Parameters:
group - the object describing the group to be created.
Returns:
a new Group object that has id set up properly.
Throws:
DataBackendException - if there was an error accessing the backend.
EntityExistsException - if the group already exists.

addRole

public Role addRole(Role role)
             throws DataBackendException,
                    EntityExistsException
Creates a new role with specified attributes.

Parameters:
role - the object describing the role to be created.
Returns:
a new Role object that has id set up properly.
Throws:
DataBackendException - if there was an error accessing the backend.
EntityExistsException - if the role already exists.

addPermission

public Permission addPermission(Permission permission)
                         throws DataBackendException,
                                EntityExistsException
Creates a new permission with specified attributes. Not implemented

Parameters:
permission - the object describing the permission to be created.
Returns:
a new Permission object that has id set up properly.
Throws:
DataBackendException - if there was an error accessing the backend.
EntityExistsException - if the permission already exists.

removeGroup

public void removeGroup(Group group)
                 throws DataBackendException,
                        UnknownEntityException
Removes a Group from the system.

Parameters:
group - object describing group to be removed.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the group does not exist.

removeRole

public void removeRole(Role role)
                throws DataBackendException,
                       UnknownEntityException
Removes a Role from the system.

Parameters:
role - object describing role to be removed.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the role does not exist.

removePermission

public void removePermission(Permission permission)
                      throws DataBackendException,
                             UnknownEntityException
Removes a Permission from the system.

Parameters:
permission - object describing permission to be removed.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the permission does not exist.

renameGroup

public void renameGroup(Group group,
                        java.lang.String name)
                 throws DataBackendException,
                        UnknownEntityException
Renames an existing Group.

Parameters:
group - object describing the group to be renamed.
name - the new name for the group.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the group does not exist.

renameRole

public void renameRole(Role role,
                       java.lang.String name)
                throws DataBackendException,
                       UnknownEntityException
Renames an existing Role.

Parameters:
role - object describing the role to be renamed.
name - the new name for the role.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the role does not exist.

renamePermission

public void renamePermission(Permission permission,
                             java.lang.String name)
                      throws DataBackendException,
                             UnknownEntityException
Renames an existing Permission.

Parameters:
permission - object describing the permission to be renamed.
name - the new name for the permission.
Throws:
DataBackendException - if there was an error accessing the backend.
UnknownEntityException - if the permission does not exist.

revokeAll

public void revokeAll(User user)
               throws DataBackendException,
                      UnknownEntityException
Revoke all the roles to a user

Parameters:
user - the user.
Throws:
DataBackendException - if there is an error with the data backend.
UnkownEntityException - if the role or a permission is not found.
UnknownEntityException - if the account is not present.

revokeAll

public void revokeAll(Role role)
               throws DataBackendException,
                      UnknownEntityException
Revoke all the permissions to a role.

Parameters:
role - the role.
Throws:
DataBackendException - if there is an error with the data backend.
UnkownEntityException - if the role or a permission is not found.
UnknownEntityException - if the Role is not present.

revokeAll

public void revokeAll(Group group)
               throws DataBackendException,
                      UnknownEntityException
Revoke all the roles to a group.

Parameters:
group - the group.
Throws:
DataBackendException - if there is an error with the data backend.
UnkownEntityException - if the role or a permission is not found.
UnknownEntityException

checkExists

public boolean checkExists(Role role)
                    throws DataBackendException
Determines if the Role exists in the security system.

Parameters:
role - a Role value
Returns:
true if the role exists in the system, false otherwise
Throws:
DataBackendException - if there is an error with LDAP

checkExists

public boolean checkExists(Group group)
                    throws DataBackendException
Determines if the Group exists in the security system.

Parameters:
group - a Group value
Returns:
true if the group exists in the system, false otherwise
Throws:
DataBackendException - if there is an error with LDAP

checkExists

public boolean checkExists(Permission permission)
                    throws DataBackendException
Determines if the Permission exists in the security system.

Parameters:
permission - a Permission value
Returns:
true if the permission exists in the system, false otherwise
Throws:
DataBackendException - if there is an error with LDAP
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2000-2005 Apache Software Foundation. All Rights Reserved.