Newer
Older
public boolean isMember(Principal userID, String groupName)
throws UserNotFoundException, AccessControlException, IOException
{
return isMember(userID, groupName, Role.MEMBER);
}
/**
* Check if userID is a member (of type role) of groupName.
*
* @param userID Identifies the user.
* @param groupName Identifies the group.
* @param role The type of membership.
* @return True if the user is a member of the group
* @throws UserNotFoundException If the user does not exist.
* @throws AccessControlException If not allowed to peform the search.
* @throws IllegalArgumentException If a parameter is null.
* @throws IOException If an unknown error occured.
*/
public boolean isMember(Principal userID, String groupName, Role role)
throws UserNotFoundException, AccessControlException, IOException
{
Group group = getMembership(userID, groupName, role);
return group != null;
}
/**
* @param sslSocketFactory the sslSocketFactory to set
*/
public void setSSLSocketFactory(SSLSocketFactory sslSocketFactory)
{
Patrick Dowler
committed
if (mySocketFactory != null)
throw new IllegalStateException("Illegal use of GMSClient: "
+ "cannot set SSLSocketFactory after using one created from Subject");
Patrick Dowler
committed
private int subjectHashCode = 0;
private SSLSocketFactory getSSLSocketFactory()
{
Patrick Dowler
committed
AccessControlContext ac = AccessController.getContext();
Subject s = Subject.getSubject(ac);
// no real Subject: can only use the one from setSSLSocketFactory
if (s == null || s.getPrincipals().isEmpty())
{
return sslSocketFactory;
}
// lazy init
if (this.mySocketFactory == null)
{
log.debug("getSSLSocketFactory: " + s);
this.mySocketFactory = SSLUtil.getSocketFactory(s);
this.subjectHashCode = s.hashCode();
}
else
Patrick Dowler
committed
int c = s.hashCode();
if (c != subjectHashCode)
throw new IllegalStateException("Illegal use of "
+ this.getClass().getSimpleName()
+ ": subject change not supported for internal SSLSocketFactory");
Patrick Dowler
committed
return this.mySocketFactory;
protected void clearCache()
{
AccessControlContext acContext = AccessController.getContext();
Subject subject = Subject.getSubject(acContext);
if (subject != null)
{
log.debug("Clearing cache");
subject.getPrivateCredentials().clear();
}
}
protected List<Group> getCachedGroups(Principal userID, Role role)
{
AccessControlContext acContext = AccessController.getContext();
Subject subject = Subject.getSubject(acContext);
// only consult cache if the userID is of the calling subject
if (userIsSubject(userID, subject))
Set groupCredentialSet = subject.getPrivateCredentials(GroupMemberships.class);
if ((groupCredentialSet != null) &&
(groupCredentialSet.size() == 1))
{
Iterator i = groupCredentialSet.iterator();
GroupMemberships groupMemberships = ((GroupMemberships) i.next());
return groupMemberships.memberships.get(role);
protected void setCachedGroups(Principal userID, List<Group> groups, Role role)
{
AccessControlContext acContext = AccessController.getContext();
Subject subject = Subject.getSubject(acContext);
// only save to cache if the userID is of the calling subject
if (userIsSubject(userID, subject))
log.debug("Caching groups for " + userID + ", role " + role);
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
GroupMemberships groupCredentials = null;
Set groupCredentialSet = subject.getPrivateCredentials(GroupMemberships.class);
if ((groupCredentialSet != null) &&
(groupCredentialSet.size() == 1))
{
Iterator i = groupCredentialSet.iterator();
groupCredentials = ((GroupMemberships) i.next());
}
else
{
groupCredentials = new GroupMemberships();
subject.getPrivateCredentials().add(groupCredentials);
}
groupCredentials.memberships.put(role, groups);
}
}
protected boolean userIsSubject(Principal userID, Subject subject)
{
if (userID == null || subject == null)
{
return false;
}
Set<Principal> subjectPrincipals = subject.getPrincipals();
Iterator<Principal> i = subjectPrincipals.iterator();
Principal next = null;
while (i.hasNext())
{
next = i.next();
if (next.equals(userID))
{
return true;
}
/**
* Class used to hold list of groups in which
* a user is a member.
*/
Map<Role, List<Group>> memberships = new HashMap<Role, List<Group>>();