jespa.examples

Class WordPressSecurityProvider

java.lang.Object

java.util.AbstractMap<K,V>

java.util.HashMap

jespa.security.Properties

jespa.security.SecurityProvider

jespa.examples.WordPressSecurityProvider

All Implemented Interfaces:

java.io.Serializable, java.lang.Cloneable, java.util.Map

public class WordPressSecurityProvider
extends SecurityProvider

This example SecurityProvider illustrates how to create a SecurityProvider based on an SQL database. WordPress is a popular Open Source website package from http://wordpress.org/.

Note: To actually run this example you will of course need to install and run WordPress. WordPress requires the Linux / Apache / MySQL / PHP stack (also known as "LAMP") although with some effort it should be possible to swap Linux with Windows. You will also need to download the MySQL JDBC driver from http://dev.mysql.com/downloads/connector/j/ and add the driver jar file into your classpath.

This example interfaces with the wp_users and wp_usermeta tables of the WordPress SQL database to implement most of the SecurityProvider and Account interfaces including but not limited to the follow operations:

• Authenticate users against WordPress accounts
• Query, create, update and delete WordPress accounts
• Set and change passwords on WordPress accounts (default phpass $P$ hashes only)
• Check group memberhip (check to see which role the account is in)

Like all Jespa examples, the source code for the WordPressSecurityProvider and the WordPressAccount class may be freely copied and distributed in accordance with the Copyright statement at the top of each source file.

Note: The WordPressSecurityProvider implements all of the functionality necessary to authenticate web clients through the HttpSecurityService. Meaning you can piggy-back your Java web application on top of WordPress and use it's control panel UI to manage your users and roles. WordPress is easy to install and operate and includes a user metadata table that can be used to store and retrieve arbitrary key value pairs as WordPressAccount attributes. However, as an example, this code is subject to change and is not rigorously tested on a regular basis. If you choose to use this code for anything other than instructional purposes, you should make a copy of it and change the class and package names.

The WordPressSecurityProvider understands the following properties:

WordPressSecurityProvider properties

Property	Description	Example
bindstr	The JDBC URL. This property is required.	jdbc:mysql://localhost/wordpress
service.acctname	The username for connecting to the database identified by the bindstr. This property is required.	wpuser
service.password	The password for connecting to the database identified by the bindstr. This property is required.	wppass
jdbc.driver.classname	The class name of a JDBC driver to load. If this property is not set, no driver will be loaded. Unless the MySQL driver has already been loaded elsewhere, this property will need to be set (probably to "com.mysql.jdbc.Driver").	com.mysql.jdbc.Driver
table.prefix	The database table prefix. The default is "wp_".
account.name.regex	The regular expression used to validate account names. The default value is "\S+" to indicate that an account name with one or more non-space characters is valid.
account.canonicalForm	An integer indicating the form account names should be canonicalized to. The default value is 0 to indicate that account canonicalization should not be performed. See the Account Name Canonicalization section below.	4
domain.dns.name	The fake DNS domain name used for account name canonicalization. See the Account Name Canonicalization section below.	wp5.busicorp.local
domain.netbios.name	The fake NetBIOS domain name used for account name canonicalization. See the Account Name Canonicalization section below.	WP5

Account Name Canonicalization

Under specific conditions, it might be desirable to enable account name canonicalization in the WordPressSecurityProvider. For example, if the ChainSecurityProvider is used with the HttpSecurityService to authenticate users with both the NtlmSecurityProvider and WordPressSecurityProvider in a chain, account name canonicalization would be necessary to disambiguate accounts that happen to have the same name in both Active Directory and the WordPress database.

The following properties control account name canonicalization.

Account name canonicalization properties

Property Name	Description	Example
domain.dns.name	A domain identifier used to canonicalize principal names like alice@wp5.busicorp.local. The actual value is not meaningful to logic other than account name canonicalization but it should conform to typical DNS nameing conventions. If this property is not specified, canonicalizing principal names is not supported.	wp5.busicorp.local
domain.netbios.name	A domain identifier used to canonicalize Windows backslash style names like WP5\alice. The actual value is not meaningful to logic other than account name canonicalization but it should conform to NetBIOS nameing conventions (at most 12 usually alphanumeric characters). If this property is not specified, canonicalizing backslash style names is not supported.	WP5
account.canonicalForm	An integer indicating the form account names should be canonicalized to after authentication. Values are 0 - no canonicalization; 2 - username; 3 - backslash; 4 - principal. For example, if a canonical form of 4 is specified, the getIdentity method will always return a principal name form like alice@wp5.busicorp.local regardless of what was supplied whether it was WP5\alice, alice@wp5.busicorp.local or just alice, etc.	4

Note: WordPress by itself does not use qualified account names and therefore these properties are not required. These properties would only be used to disambiguate accounts when using multiple SecurityProviders in the same application.

Account name canonicalization is performed when querying accounts with WordPressSecurityProvider.getAccount, when setting the user_login attribute with the WordPressAccount.setProperty method and in the WordPressAccount constructor. The WordPressSecurityProvider.authenticate method will set the identity of the authenticated user to the form specified by the account.canonicalForm property and may be subsequently retrieved using the getIdentity method. If the account name being canonicalized contains a domain that does not match either of the domain properties (if specified), a SecurityProviderException will be thrown indicating that the SecurityProvider is not an authority for that domain.

These properties affect the behavior of the WordPressAccount constructor, setting the user_login attribute with WordPressAcccount.setProperty and the WordPressSecurityProvider getAccount, authenticate and getIdentity methods.

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class java.util.AbstractMap

java.util.AbstractMap.SimpleEntry<K,V>, java.util.AbstractMap.SimpleImmutableEntry<K,V>

Nested classes/interfaces inherited from interface java.util.Map

java.util.Map.Entry<K,V>

Field Summary

Fields inherited from class jespa.security.SecurityProvider

identity, isComplete

Fields inherited from class jespa.security.Properties

DUPLICATE_REFERENCE, NO_PROPERTY

Constructor Summary

Constructors

Constructor and Description
WordPressSecurityProvider(java.util.Map properties)

Method Summary

Modifier and Type	Method and Description
void	authenticate(java.lang.Object credential) Validates the supplied credential with this provider's authority.
protected java.lang.Object	decodeObject(ByteBuffer bb)
void	dispose() Destroy any sensitive cryptographic material used by this SecurityProvider.
protected void	encodeObject(ByteBuffer bb, java.lang.Object obj)
java.lang.Object	exportState() Returns an Object representing the current state of this SecurityProvider.
Account	getAccount(java.lang.String acctname, java.lang.String[] attrs) Retrieve an Account object representing the named account and populate it (an Account is also a Map) with the attributes listed in the attrs array.
java.lang.Object	getProperty(java.lang.String name, java.lang.Object def) Retrieve a property by name or return the supplied default value if the property is not set.
void	importState(java.lang.Object ostate) Initializes a SecurityProvider with the state Object returned in a previous call to SecurityProvider.exportState().

Methods inherited from class jespa.security.SecurityProvider

acceptSecContext, getDomain, getFlag, getIdentity, getName, initSecContext, isComplete, setFlag, setProperty, unwrap, wrap

Methods inherited from class jespa.security.Properties

getEncryptedProperty, getFilteredProperties, getFilteredProperties, getProperty, getPropertyAsBoolean, getPropertyAsLong, setEncryptedProperty

Methods inherited from class java.util.HashMap

clear, clone, compute, computeIfAbsent, computeIfPresent, containsKey, containsValue, entrySet, forEach, get, getOrDefault, isEmpty, keySet, merge, put, putAll, putIfAbsent, remove, remove, replace, replace, replaceAll, size, values

Methods inherited from class java.util.AbstractMap

equals, hashCode, toString

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.util.Map

equals, hashCode

Constructor Detail

WordPressSecurityProvider

public WordPressSecurityProvider(java.util.Map properties)

Method Detail

encodeObject

protected void encodeObject(ByteBuffer bb,
                            java.lang.Object obj)
                     throws EncodingException

Overrides:

encodeObject in class jespa.security.Properties

Throws:

EncodingException

decodeObject

protected java.lang.Object decodeObject(ByteBuffer bb)
                                 throws EncodingException

Overrides:

decodeObject in class jespa.security.Properties

Throws:

EncodingException

exportState

public java.lang.Object exportState()
                             throws SecurityProviderException

Description copied from class: SecurityProvider

Returns an Object representing the current state of this SecurityProvider. The state object may subsequently be imported with SecurityProvider.importState(java.lang.Object) into a different instance of the same type of SecurityProvider initialized with the same properties. The result should be a transfer of all state such that the new SecurityProvider instance should behave like the original within limits defined by the SecurityProvider type.

Transference of state between SecurityProvider instances may be used for a number of reasons including but not limited to:

• allowing stateful multi-step authentication to occur using multiple separate SecurityProvider instances such as with stateless networking protocols like HTTP or
• allow transferring an authenticated SecurityProvider between Java contexts or VMs that may not be able to communicate using means other than simple streams.

Exported SecurityProvider state may be limited in how it can be transferred. The reason may be to protect the integrity of the SecurityProvider data such as not writing potentially sensitive cryptographic material to an unprotected disk file. Or the reason may be a technical limitation such as the fact that the state may only be valid if the new SecurityProvider instance has access to a resource in the current VM like a database connection or network socket. If such a limitation is reached, an exception should be thrown from importState.

Once the state of a SecurityProvider has been exported, performing further operations may be invalid or may invalidate the exported state.

The return value should be a type that can easily be serialized such as a byte[] array or a java.io.Serializable object that can be used efficiently with I/O streams.

Overrides:

exportState in class SecurityProvider

Returns:

an object (or preferrably a byte[] array) that represents the state of this SecurityProvider.

Throws:

SecurityProviderException - if the state could not or cannot be exported.

importState

public void importState(java.lang.Object ostate)
                 throws SecurityProviderException

Description copied from class: SecurityProvider

Initializes a SecurityProvider with the state Object returned in a previous call to SecurityProvider.exportState(). Before the state is imported, this SecurityProvider must be initialized with the same properties as the original SecurityProvider.

Overrides:

importState in class SecurityProvider

Parameters:

ostate - an Object (or byte[] array) that represets the state to be imported.

Throws:

SecurityProviderException - if the state could not be imported such as because the state being imported has been transferred beyond it's acceptable boundries.

getProperty

public java.lang.Object getProperty(java.lang.String name,
                                    java.lang.Object def)
                             throws SecurityProviderException

Description copied from class: SecurityProvider

Retrieve a property by name or return the supplied default value if the property is not set. This method should be overridden to return suitable initial values for properties that are not set. It is acceptable and expected that this method may trigger significant SecurityProvider logic such as remote communication with a SecurityProvider authority.

Overrides:

getProperty in class SecurityProvider

Parameters:

name - the name of the property to retrieve.

def - the default value to return of the named property is not set.

Returns:

the property value.

Throws:

SecurityProviderException - if the name is invalid or it's value cannot be retrieved.

getAccount

public Account getAccount(java.lang.String acctname,
                          java.lang.String[] attrs)
                   throws SecurityProviderException

Description copied from class: SecurityProvider

Retrieve an Account object representing the named account and populate it (an Account is also a Map) with the attributes listed in the attrs array. If the account does not have one of the named attributes, that attribute will not be populated in the returned Account object. The Account object may contain additional attribute elements other than those requested in the attrs list.

If the acctname parameter is null, this method will return a default Account or null if this SecurityProvider has not been sufficiently initialized (such as by performing authentication).

If the attrs parameter is the special constant Account.ALL_ATTRS, this indicates that "all attributes" should be returned although the interpretation of this value depends greatly on the SecurityProvider (such as with the case of constructed attributes in Active Directory which can only be retrieved by explicitly requesting them by name).

If the attrs parameter is null, a default set of attributes will be retrieved. This default set may be determined only by what is convenient or efficent for the SecurityProvider implementation. With the exception of the attribute used to uniquely identify the account, the specific set of attributes returned if the attrs parameter is null is not defined unless stated otherwise in the API documentation of the SecurityProvider being used. Generally an attrs parameter of null should only be used when the caller has no interest in attributes or their values such as when checking for the existance of an account, deleting an account or checking group membership with Account.isMemberOf(java.lang.String).

If the acctname and attrs parameters are both null, a cached Account object may be returned.

Note: The acctname parameter should not be null when when performing Account.update(java.lang.String[]) operations to ensure that the Account object has current data. If data is not current, unexpected update behavior can result.

Note: Where possible, the acctname and attrs parameters should both be null when retrieving the Account used for checking group membership with Account.isMemberOf(java.lang.String). Otherwise, if cached group membership data is not utilized, the performance of isMemberOf may be poor.

The behavior of this method depends greatly on the specific SecurityProvider implementation being used.

Overrides:

getAccount in class SecurityProvider

Parameters:

acctname - the name of the account to retrieve or null to indicate that a default account should be retrieved

attrs - the names of the account attributes to retrieve or null to indicate that a default set of attriubutes should be retrieved or the special constant Account.ALL_ATTRS to indicate that "all attributes" should be retrieved.

Throws:

SecurityProviderException - if the named account could not be found or if a catostrophic error occurs.

authenticate

public void authenticate(java.lang.Object credential)
                  throws SecurityProviderException

Description copied from class: SecurityProvider

Validates the supplied credential with this provider's authority. This method may only be called once. Meaning, a new SecurityProvider instance must be created to validate one credential. If the credential is successfully validated, the SecurityProvider may need to persist to make available properties related to the authentication context.

A SecurityProvider authority could be an LDAP database, a simple in-memory list of accounts, or a stub for the local host security authority such as nsswitch on UNIX or the LSA on Microsoft Windows.

Overrides:

authenticate in class SecurityProvider

Parameters:

credential - a credential to be validated. Providers should support the generic PasswordCredential class.

Throws:

SecurityProviderException - if the validation fails. The exception code should be SecurityProviderException.STATUS_ACCOUNT_NOT_FOUND if the credential identity was not found by the provider authority or SecurityProviderException.STATUS_INVALID_CREDENTIALS if the credential was cryptographically incorrect. If the authority only indicated that the authentication failed in general and does not distinguish between the two cases, STATUS_INVALID_CREDENTIALS should be favored.

dispose

public void dispose()
             throws SecurityProviderException

Description copied from class: SecurityProvider

Destroy any sensitive cryptographic material used by this SecurityProvider. A SecurityProvider cannot be used after it is disposed.

Overrides:

dispose in class SecurityProvider

Throws:

SecurityProviderException