OSUserRealm (osuser 1.0-dev API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.opensymphony.user.adapter.weblogic61
Class OSUserRealm

java.lang.Object
  weblogic.security.acl.AbstractListableRealm
      weblogic.security.acl.AbstractManageableRealm
          com.opensymphony.user.adapter.weblogic61.OSUserRealm

All Implemented Interfaces:: weblogic.security.acl.BasicRealm, weblogic.security.acl.DebuggableRealm, weblogic.security.acl.DelegatedRealm, weblogic.security.acl.FlatGroup.Source, weblogic.security.acl.ListableRealm, weblogic.security.acl.ManageableRealm, java.io.Serializable

public class OSUserRealm
extends weblogic.security.acl.AbstractManageableRealm
implements weblogic.security.acl.DebuggableRealm

This class implements a WebLogic security realm which bridges to the OSUser library. Basically, this adapter will intercept the WebLogic Realm API calls and delegate those calls to OSUser.

The typical steps involved in "installing" this adapter as a security realm under WebLogic 6.1 are as follows:

The classes making up this adapter need to be available on the server classpath; if not already jarred, then jar together all the classes comprising the com.opensymphony.user.adapter.weblogic61 package. Place this jar file into the server classpath, typically by modifying the setEnv script to point to this jar.
Start/restart WebLogic.
Go to the console and expand the Security node. Right-click on the Realms node and choose the "Configure a new CustomRealm..." option.
On the "Create a new CustomRealm" screen, enter a name for this new realm (can be anything) and "com.opensymphony.user.adapter.weblogic61.OSUserRealm" as the "Realm Class Name". Click "Create".
Restart WebLogic
Go to the console and expand the Security node. Right-click on the "Caching Realms" node and choose the "Configure a new CachingRealm..." option.
On the "Create a new CachingRealm" screen, enter a name for this caching realm (again, can be anything) and choose the custom realm you created above from the BasicRealm drop-down. Click "Create".
Click on the Security node, and in the right-hand pane choose the Filerealm tab. Choose the caching realm you just created from the Caching Realm drop-down. Optionally, you can appropriately set the limits on the allowed number of users, groups, and acls. After all options have been set, click "Apply".

Restart WebLogic.

Version:: $Revision: 1.3 $
Author:: Steve Ebersole
See Also:: Serialized Form

Constructor Summary
`OSUserRealm()` The empty constructor required for instantiation and installation by WebLogic

Method Summary
`protected weblogic.security.acl.User`	`authUserPassword(java.lang.String username, java.lang.String password)` Override the authUserPassword method.
`void`	`deleteGroup(java.security.acl.Group group)` Delete a group in the OSUser-specific way.
`void`	`deleteUser(weblogic.security.acl.User user)` Delete a user in the OSUser-specific way.
`weblogic.logging.LogOutputStream`	`getDebugLog()`
`java.security.acl.Group`	`getGroup(java.lang.String name)` Override the getGroup method to retreive the requested group from the OSUser UserManager, then wrap that OSUser group in the wrapper.
`protected java.util.Hashtable`	`getGroupMembersInternal(java.lang.String name)` Override the getGroupMembersInternal method to return group membership data upon request.
`java.util.Enumeration`	`getGroups()` Override the getGroups method in order to create the Enumeration wrapper.
`weblogic.security.acl.User`	`getUser(java.lang.String name)` Override the getUser method to retreive the requested user from the OSUser UserManager, then wrap that OSUser user in the wrapper.
`java.util.Enumeration`	`getUsers()` Override the getUsers method in order to create the Enumeration wrapper.
`void`	`init(java.lang.String name, java.lang.Object owner)` Override the BasicRealm's init method to delay initialization of this realm to allow OSUser to get deployed...
`java.security.acl.Group`	`newGroup(java.lang.String name)` Creates a group in the OSUser-specific way, then wraps that new group in a OSUserRealmGroup instance for return.
`weblogic.security.acl.User`	`newUser(java.lang.String name, java.lang.Object credential, java.lang.Object constraints)` Creates a user in the OSUser-specific way, then wraps that new user in a OSUserRealmUser instance for return.
`void`	`setDebug(boolean enable)`

Methods inherited from class weblogic.security.acl.AbstractManageableRealm

deleteAcl, deletePermission, newAcl, newPermission, setPermission

Methods inherited from class weblogic.security.acl.AbstractListableRealm

authCertificates, authenticate, authInternal, authSSLCertificates, getAcl, getAcl, getAclOwner, getAcls, getDelegator, getGroupMembers, getName, getPermission, getPermissions, getUser, load, save, setDelegator

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface weblogic.security.acl.ListableRealm

getAcls, getPermissions

Methods inherited from interface weblogic.security.acl.BasicRealm

getAcl, getAcl, getAclOwner, getName, getPermission, getUser, load, save

Constructor Detail

OSUserRealm

public OSUserRealm()

The empty constructor required for instantiation and installation by WebLogic

Method Detail

setDebug

public void setDebug(boolean enable)

Specified by:: setDebug in interface weblogic.security.acl.DebuggableRealm

getDebugLog

public weblogic.logging.LogOutputStream getDebugLog()

Specified by:: getDebugLog in interface weblogic.security.acl.DebuggableRealm

getGroup

public java.security.acl.Group getGroup(java.lang.String name)

Override the getGroup method to retreive the requested group from the OSUser UserManager, then wrap that OSUser group in the wrapper. This method bridges the call between wl.BasicRealm.getGroup() and os.UserManager.getGroup().

Specified by:: getGroup in interface weblogic.security.acl.BasicRealm

Parameters:: name - The name of the group being requested.
Returns:: The OSUserRealmGroup warpper representing the requested group, or null if no group by that name existed.

getGroups

public java.util.Enumeration getGroups()

Override the getGroups method in order to create the Enumeration wrapper.

Specified by:: getGroups in interface weblogic.security.acl.ListableRealm

Returns:: An Enumeration of OSUserRealmGroup objects.

getUser

public weblogic.security.acl.User getUser(java.lang.String name)

Override the getUser method to retreive the requested user from the OSUser UserManager, then wrap that OSUser user in the wrapper. This method bridges the call between wl.BasicRealm.getUser() and os.UserManager.getUser().

Specified by:: getUser in interface weblogic.security.acl.BasicRealm

Parameters:: name - The name of the user being requested.
Returns:: The OSUserRealmUser wrapper representing the requested user, or null if no user by that name existed.

getUsers

public java.util.Enumeration getUsers()

Override the getUsers method in order to create the Enumeration wrapper.

Specified by:: getUsers in interface weblogic.security.acl.ListableRealm

Returns:: An Enumeration of OSUserRealmUser objects.

deleteGroup

public void deleteGroup(java.security.acl.Group group)
                 throws java.lang.SecurityException

Delete a group in the OSUser-specific way.

Specified by:: deleteGroup in interface weblogic.security.acl.ManageableRealm

Parameters:: group - The group to be removed
Throws:: java.lang.SecurityException - Thrown if the security store is set to be immutable.

deleteUser

public void deleteUser(weblogic.security.acl.User user)
                throws java.lang.SecurityException

Delete a user in the OSUser-specific way.

Specified by:: deleteUser in interface weblogic.security.acl.ManageableRealm

Parameters:: user - The user to be removed
Throws:: java.lang.SecurityException - Thrown if the security store is set to be immutable.

init

public void init(java.lang.String name,
                 java.lang.Object owner)
          throws java.security.acl.NotOwnerException

Override the BasicRealm's init method to delay initialization of this realm to allow OSUser to get deployed...

Specified by:: init in interface weblogic.security.acl.BasicRealm

Parameters:: name - Name of Realm; owner - Credentialed owner of this realm
Throws:: java.security.acl.NotOwnerException - if the owner credential is invalid

newGroup

public java.security.acl.Group newGroup(java.lang.String name)
                                 throws java.lang.SecurityException

Creates a group in the OSUser-specific way, then wraps that new group in a OSUserRealmGroup instance for return.

Specified by:: newGroup in interface weblogic.security.acl.ManageableRealm

Parameters:: name - The name to be given to the new group.
Returns:: A OSUserRealmGroup instance identifying the new group.
Throws:: java.lang.SecurityException - Thrown if either the security store is set to be immutable, or if a group already existed with the same name.

newUser

public weblogic.security.acl.User newUser(java.lang.String name,
                                          java.lang.Object credential,
                                          java.lang.Object constraints)
                                   throws java.lang.SecurityException

Creates a user in the OSUser-specific way, then wraps that new user in a OSUserRealmUser instance for return. *Note: OSUser only supports password authentication, thus the credential parameter MUST be a String password here.

Specified by:: newUser in interface weblogic.security.acl.ManageableRealm

Parameters:: name - The name to be given to the user.; credential - The authentication credential (again, currently must be a String password for OSUser).; constraints - Any constraints to be placed on this user's access. Currently OSUser has no concept of this, so this is simply ignored.
Returns:: A OSUserRealmUser instance identifying the new user.
Throws:: java.lang.SecurityException - Thrown if either the security store is set to be immutable, or if a user already existed with the same username.

getGroupMembersInternal

protected java.util.Hashtable getGroupMembersInternal(java.lang.String name)

Override the getGroupMembersInternal method to return group membership data upon request. OSUser does not support groups nested within groups, so we do not have to account for this fact here (if it did, those nested groups should be included here).

Parameters:: name - The name of the group for which to return members.
Returns:: A Hashtable (keyed by username) representing the users of requested group, or null if a group with that name was not found.

authUserPassword

protected weblogic.security.acl.User authUserPassword(java.lang.String username,
                                                      java.lang.String password)

Override the authUserPassword method. OSUser only handles password auth, so override the password-checking method. *Note: the authenticate method itself should NOT be overriden because of the way in which weblogic checks security.

Parameters:: username - The principal name of the user to authenticate.; password - The password supplied by the person attempting to login as the user denoted by user.
Returns:: Return the OSUserRealmUser object representing the authenticated user, or null if the authentication failed.