Module org.bzdev.ejws

Package org.bzdev.ejws

Class DefaultSecureBasicUT

java.lang.Object

org.bzdev.ejws.EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

org.bzdev.ejws.DefaultSecureBasicUT

public class DefaultSecureBasicUT
extends EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

User table for EjwsSecureBasicAuth using the authenticator's GPG directory and SBL store.

This class is useful primarily for testing, or as a model for an implementation that stores user authentication data in a data base or other form of persistent storage.

Constructor Summary

Constructors

Constructor	Description
DefaultSecureBasicUT()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	createEntryFromDB(String email)	Create an entry corresponding to the data in persistent storage.
protected EjwsSecureBasicAuth.Entry	getEntryFromDB(EjwsSecureBasicAuth.Entry currentEntry, String user)	Get an entry corresponding to the data in persistent storage.
Set<String>	getRoles(String user)	Get the roles for a user.
protected void	loadEntriesFromDB(Map<String,EjwsSecureBasicAuth.Entry> map)	Set up the map based on information in persistent storage.
protected void	makeActiveInDB(String user)	Make an entry active in persistent storage.
protected void	makePendingInDB(String user)	Make an entry pending in persistent storage.
protected void	removeEntryFromDB(String user)	Remove an entry from persistent storage.
void	storeGPGKey(String value, EjwsAuthenticator.GPGKeyIDs keyids)	Store a PGP/GPG key.
void	storePW(String un, String pw, boolean isActive)	Store a basic-authentication password.
void	storeSBLData(String s, EjwsAuthenticator.AddStatus status)	Store SBL data that was provided using the string representation.

Methods inherited from class org.bzdev.ejws.EjwsUserTable

getAuthenticator, getEntry, makeActive, makePending, putEntry, removeEntry, setAuth, setMap, updateEntry

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

DefaultSecureBasicUT

public DefaultSecureBasicUT()

Constructor.

Method Details

loadEntriesFromDB

protected void loadEntriesFromDB(Map<String,EjwsSecureBasicAuth.Entry> map)

Set up the map based on information in persistent storage. This method is called by EjwsUserTable.setMap(java.util.Map<java.lang.String, E>).

The source code for DefaultBasicUT and DefaultSecureBasicUT are useful guides for an implementation.

Specified by:

loadEntriesFromDB in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

map - the map

getRoles

public Set<String> getRoles(String user)

Get the roles for a user.

Overrides:

getRoles in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Returns:

the roles; null or an empty set if there are no roles

makeActiveInDB

protected void makeActiveInDB(String user)
                       throws Exception

Make an entry active in persistent storage.

This may be called by EJWS when an admin page is used, when an account is uses an authorization code, or when any new account is accepted.

Specified by:

makeActiveInDB in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

user - the user name

Throws:

Exception - if there is an error

makePendingInDB

protected void makePendingInDB(String user)
                        throws Exception

Make an entry pending in persistent storage.

This may be called when an admin page changes an account from active to pending. The source code for DefaultBasicUT and DefaultSecureBasicUT are useful guides for an implementation.

Specified by:

makePendingInDB in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

user - the user name

Throws:

Exception - if there is an error

createEntryFromDB

protected void createEntryFromDB(String email)
                          throws Exception

Create an entry corresponding to the data in persistent storage.

The source code for DefaultBasicUT and DefaultSecureBasicUT are useful guides for an implementation.

Specified by:

createEntryFromDB in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

email - the user name

Throws:

Exception - if an error occurs

getEntryFromDB

protected EjwsSecureBasicAuth.Entry getEntryFromDB(EjwsSecureBasicAuth.Entry currentEntry,
 String user)
                                            throws Exception

Get an entry corresponding to the data in persistent storage.

The source code for DefaultBasicUT and DefaultSecureBasicUT are useful guides for an implementation.

Specified by:

getEntryFromDB in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

currentEntry - the previous map entry

user - the user name

Returns:

the entry; null if there is none in persistent storage

Throws:

Exception - if an error occurs

removeEntryFromDB

protected void removeEntryFromDB(String user)
                          throws Exception

Remove an entry from persistent storage.

This may be called by EJWS when an admin page deletes an account. The source code for DefaultBasicUT and DefaultSecureBasicUT are useful guides for an implementation.

Specified by:

removeEntryFromDB in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

user - the user name

Throws:

Exception - if an error occurs

storeGPGKey

public void storeGPGKey(String value,
 EjwsAuthenticator.GPGKeyIDs keyids)
                 throws IllegalArgumentException,
IllegalStateException,
IOException

Store a PGP/GPG key. The keyids argument is used for test to make sure we do not replace existing keys with unrelated ones.

Specified by:

storeGPGKey in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

value - an ASCII-armored PGP/GPG public key.

keyids - a container for the key's email address and the key's fingerprint

Throws:

IllegalArgumentException - if the key is ill-formed

IllegalStateException - if the key cannot be stored

IOException - if an IO error occurs while constructing a cannonical path

storeSBLData

public void storeSBLData(String s,
 EjwsAuthenticator.AddStatus status)
                  throws Exception

Store SBL data that was provided using the string representation. If status is EjwsAuthenticator.AddStatus.REJECTED, this method should not be called by an authenticator.

Implementation note: the method EjwsAuthenticator.getUserNameFromSBL(String) can be used to find the user name. If the contents of the string s should be stored rather than s itself, the constructor ConfigProperties(String,String) can be called with s as its first argument and the string "application/vnd.bzdev.sblauncher" as its second argument. This SBL file should have a single key KEY and a field named KEY.description or possibly base64.KEY.description, which can be used to determine the key KEY. Normally KEY will be the string user.

• base64.keypair.publicKey. A base-64 encoded, PEM encoded public key.
• KEY.user. The user's name (email address is preferred).
• base64.KEY.password. The password.
• KEY.base. The shared prefix used by this user table's authenticator. It must end with a "/".
• KEY.uri. The URI to visit. If it starts with $(KEY.base), that will be replaced with the value of the KEY.base field.
• KEY.mode. The ordinal of an enumeration constant defined by SecureBasicUtilities.Mode:
  • 0 for DIGEST.
  • 1 for SIGNATURE_WITHOUT_CERT.
  • 2 for SIGNATURE_WITH_CERT.
  • 3 for PASSWORD.

Specified by:

storeSBLData in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

s - SBL data in string form

status - the status of the request (EjwsAuthenticator.AddStatus.OK or EjwsAuthenticator.AddStatus.PENDING)

Throws:

Exception - if there is an error

storePW

public void storePW(String un,
 String pw,
 boolean isActive)
             throws Exception

Store a basic-authentication password.

Specified by:

storePW in class EjwsUserTable<EjwsSecureBasicAuth,EjwsSecureBasicAuth.Entry>

Parameters:

un - the user name

pw - the password

isActive - true if the user is active; false otherwise

Throws:

Exception - if there is an error