Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sibvisions.rad.server.security
Class AbstractSecurityManager

java.lang.Object
  extended by com.sibvisions.rad.server.security.AbstractSecurityManager
All Implemented Interfaces:
ISecurityManager, IPasswordValidator
Direct Known Subclasses:
AbstractDBSecurityManager, XmlSecurityManager
public abstract class AbstractSecurityManager
extends java.lang.Object
implements ISecurityManager, IPasswordValidator

The AbstractSecurityManager is the base class for ISecurityManager implementations but it does not implement the security methods. It supports security managers with important and usable methods.

Constructor Summary
AbstractSecurityManager()
           
 
Method Summary
static void addHiddenPackage(java.lang.String pPackage)
          Adds a package name to the hidden package list.
 void checkPassword(ISession pSession, java.lang.String pPassword)
          Checks if a password is strength enough to be used.
protected  boolean comparePassword(IConfiguration pConfig, java.lang.String pPassword, java.lang.String pConfirmPassword)
          Compares two passwords to be identical.
static ISecurityManager createSecurityManager(java.lang.ClassLoader pLoader, ISession pSession)
          Creates a new ISecurityManager for the given session and class loader.
static ISecurityManager createSecurityManager(ISession pSession)
          Creates a new ISecurityManager for the given session.
static ISecurityManager createSecurityManager(java.lang.String pApplicationName)
          Creates a new ISecurityManager for the given application.
 void debug(java.lang.Object... pInfo)
          Logs debug information.
 void error(java.lang.Object... pInfo)
          Logs error information.
static java.lang.String getEncryptedPassword(IConfiguration pConfig, java.lang.String pPassword)
          Gets the password, encrypted with the algorithm specified in an application configuration.
protected  IPasswordValidator getPasswordValidator(IConfiguration pConfig)
          Gets the password validator from an application configuration.
 void info(java.lang.Object... pInfo)
          Logs information.
 boolean isAllowEncryptedUserPassword()
          Gets whether encrypted user passwords should be allowed.
static boolean isHiddenPackage(java.lang.String pJavaName)
          Checks if a class or package name is excluded through the hidden package list.
protected  boolean isPasswordEncrypted(java.lang.String pPassword)
          Gets whether the given password is already encrypted.
static boolean isPasswordEncryptionEnabled(IConfiguration pConfig)
          Checks if the password encryption is enabled.
static java.lang.Throwable prepareException(java.lang.Throwable pException)
          Hides the StackTraceElements of "com.sibvisions.rad.*" when the given exception is a SecurityException.
static java.lang.Throwable prepareException(java.lang.Throwable pException, boolean pForce)
          Hides the StackTraceElements of "com.sibvisions.rad.*" when the given exception is a SecurityException.
static void removeHiddenPackage(java.lang.String pPackage)
          Removes a package name from the hidden package list.
 void setAllowEncryptedUserPassword(boolean pAllow)
          Sets whether encrypted user passwords should be allowed.
protected  void validatePassword(ISession pSession, java.lang.String pOldPassword, java.lang.String pNewPassword)
          Validates a new password against an old password an uses a preconfigured password validator for checking the strength of the new password.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface com.sibvisions.rad.server.security.ISecurityManager
changePassword, getAccessController, logout, release, validateAuthentication
 

Constructor Detail

AbstractSecurityManager

public AbstractSecurityManager()
Method Detail

checkPassword

public void checkPassword(ISession pSession,
                          java.lang.String pPassword)
Checks if a password is strength enough to be used.

Specified by:
checkPassword in interface IPasswordValidator
Parameters:
pSession - the session which wants to change the password
pPassword - the new password

comparePassword

protected boolean comparePassword(IConfiguration pConfig,
                                  java.lang.String pPassword,
                                  java.lang.String pConfirmPassword)
                           throws java.lang.Exception
Compares two passwords to be identical.

Parameters:
pConfig - the application configuration
pPassword - base password (plain text)
pConfirmPassword - confirmation password (encrypted or plain text)
Returns:
true if the passwords are identical, otherwise false
Throws:
java.lang.Exception - if the password encryption causes an error

getPasswordValidator

protected IPasswordValidator getPasswordValidator(IConfiguration pConfig)
Gets the password validator from an application configuration.

Parameters:
pConfig - the application configuration
Returns:
the IPasswordValidator or null if no validator is specified

validatePassword

protected void validatePassword(ISession pSession,
                                java.lang.String pOldPassword,
                                java.lang.String pNewPassword)
                         throws java.lang.Exception
Validates a new password against an old password an uses a preconfigured password validator for checking the strength of the new password.

Parameters:
pSession - the session which changes the password
pOldPassword - the old/current password
pNewPassword - the new password
Throws:
java.lang.Exception - if the password validation failed, e.g. old = new, new is not strength enough, ...

getEncryptedPassword

public static java.lang.String getEncryptedPassword(IConfiguration pConfig,
                                                    java.lang.String pPassword)
                                             throws java.lang.Exception
Gets the password, encrypted with the algorithm specified in an application configuration.

Parameters:
pConfig - the application configuration
pPassword - the plain text password
Returns:
the encrypted password
Throws:
java.lang.Exception - if the encryption fails

isPasswordEncryptionEnabled

public static boolean isPasswordEncryptionEnabled(IConfiguration pConfig)
Checks if the password encryption is enabled. That means that the config parameter /application/securitymanager/passwordalgorithm contains an algorithm. PLAIN is not interpreted as algorithm.

Parameters:
pConfig - the application configuration
Returns:
true if the password should be encrypted

createSecurityManager

public static ISecurityManager createSecurityManager(ISession pSession)
                                              throws java.lang.Exception
Creates a new ISecurityManager for the given session.

Parameters:
pSession - the session
Returns:
the security manager for the application
Throws:
java.lang.Exception - if the security manager is not set, the class was not found or the application is invalid

createSecurityManager

public static ISecurityManager createSecurityManager(java.lang.ClassLoader pLoader,
                                                     ISession pSession)
                                              throws java.lang.Exception
Creates a new ISecurityManager for the given session and class loader.

Parameters:
pLoader - the class loader to use
pSession - the session
Returns:
the security manager for the application
Throws:
java.lang.Exception - if the security manager is not set, the class was not found or the application is invalid

createSecurityManager

public static ISecurityManager createSecurityManager(java.lang.String pApplicationName)
                                              throws java.lang.Exception
Creates a new ISecurityManager for the given application.

Parameters:
pApplicationName - the name of the application
Returns:
the security manager for the application
Throws:
java.lang.Exception - if the security manager is not set, the class was not found or the application is invalid

prepareException

public static java.lang.Throwable prepareException(java.lang.Throwable pException)
Hides the StackTraceElements of "com.sibvisions.rad.*" when the given exception is a SecurityException. If ILogger.LogLevel.DEBUG is enabled, the stack won't be changed.

Parameters:
pException - the occured exception
Returns:
the changed exception

prepareException

public static java.lang.Throwable prepareException(java.lang.Throwable pException,
                                                   boolean pForce)
Hides the StackTraceElements of "com.sibvisions.rad.*" when the given exception is a SecurityException. If ILogger.LogLevel.DEBUG is enabled, the stack won't be changed, but it's possible to force changing.

Parameters:
pException - the occured exception
pForce - force exception hiding
Returns:
the changed exception

addHiddenPackage

public static void addHiddenPackage(java.lang.String pPackage)
Adds a package name to the hidden package list.

Parameters:
pPackage - the full qualified java package name e.g. com.sibvisions

removeHiddenPackage

public static void removeHiddenPackage(java.lang.String pPackage)
Removes a package name from the hidden package list.

Parameters:
pPackage - the full qualified java package naem e.g. com.sibvisions

isHiddenPackage

public static boolean isHiddenPackage(java.lang.String pJavaName)
Checks if a class or package name is excluded through the hidden package list.

Parameters:
pJavaName - the full qualified java class or package name e.g. com.sibvisions.rad.IPackageSetup
Returns:
true if the name contains a hidden package name

isPasswordEncrypted

protected boolean isPasswordEncrypted(java.lang.String pPassword)
Gets whether the given password is already encrypted.

Parameters:
pPassword - the password to check
Returns:
true if the given password is already protected, false otherwise

setAllowEncryptedUserPassword

public void setAllowEncryptedUserPassword(boolean pAllow)
Sets whether encrypted user passwords should be allowed. If encrypted user passwords are enabled, it's possible that the client sends the password encrypted. This is secure insecure, because if an attacker has the password hashcode, it's possible to authenticate.

Parameters:
pAllow - true to allow encrypted user passwords, false to disable encrypted user passwords (recommended)

isAllowEncryptedUserPassword

public boolean isAllowEncryptedUserPassword()
Gets whether encrypted user passwords should be allowed.

Returns:
true if encrypted user passwords are allowed, false otherwise
See Also:
setAllowEncryptedUserPassword(boolean)

debug

public void debug(java.lang.Object... pInfo)
Logs debug information.

Parameters:
pInfo - the debug information

info

public void info(java.lang.Object... pInfo)
Logs information.

Parameters:
pInfo - the information

error

public void error(java.lang.Object... pInfo)
Logs error information.

Parameters:
pInfo - the error information
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2009 SIB Visions GmbH. All Rights Reserved.