001 package org.esupportail.cas.server.handlers.file;
002
003 import java.io.FileNotFoundException;
004
005 import java.io.BufferedReader;
006 import java.io.FileReader;
007
008 import org.dom4j.Element;
009 import org.esupportail.cas.server.util.BasicHandler;
010 import org.esupportail.cas.server.util.MisconfiguredHandlerException;
011 import org.esupportail.cas.server.util.crypt.Crypt;
012 import org.esupportail.cas.server.util.log.Log;
013
014 /**
015 * The specific Handler for file.
016 *
017 * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
018 * @author Jean-Baptiste Daniel <danielj at sourceforge.net>
019 */
020 public final class FileHandler extends BasicHandler {
021
022 /**
023 * The filename to read.
024 */
025 private String filename;
026 /**
027 * The character used to sperate fields in the file.
028 */
029 private String separator;
030 /**
031 * the encryption used to store passwords.
032 */
033 private String encryption;
034
035 /**
036 * Constructor.
037 *
038 * @param handlerElement the XML element that declares the handler
039 * in the configuration file
040 * @param configDebug debugging mode of the global configuration
041 * @throws Exception Exception
042 */
043 public FileHandler(
044 final Element handlerElement,
045 final Boolean configDebug) throws Exception {
046 super(handlerElement, configDebug);
047 traceBegin();
048
049 checkConfigElement(true);
050
051 filename = getConfigSubElementContent("filename", true/*needed*/);
052 trace("filename = " + filename);
053
054 encryption = getConfigSubElementContent("encryption", false/*not needed*/);
055 if (encryption.equals("")) {
056 encryption = "md5";
057 }
058 if (!Crypt.isEncryptionSupported(encryption)) {
059 traceThrow(new MisconfiguredHandlerException(
060 "Encryption \""
061 + encryption
062 + "\" is not supported."));
063 }
064 trace("encryption = " + encryption);
065 if (encryption.equals("plain")) {
066 Log.warn("Passwords should be encrypted. Be sure to keep " + filename + " out of danger!");
067 }
068
069 separator = getConfigSubElementContent("separator", false/*not needed*/);
070 trace("separator = " + separator);
071
072 traceEnd();
073 }
074
075 /**
076 * Try to authenticate a user (by searching into a file).
077 *
078 * @param username the user's name
079 * @param password the user's password
080 *
081 * @return BasicHandler.SUCCEDED on success, or
082 * BasicHandler.FAILED_CONTINUE otherwise.
083 */
084 public int authenticate(final String username,
085 final String password) {
086 traceBegin();
087
088 try {
089 trace("Opening file...");
090 FileReader fileReader = new FileReader(filename);
091 trace("Creating a buffer...");
092 BufferedReader buf = new BufferedReader(fileReader);
093
094 String line;
095
096 trace("Reading file...");
097 while ((line = buf.readLine()) != null) {
098 String[] lineFields = line.split(separator);
099
100 // compare the username
101 if (lineFields[0].equals(username)) {
102
103 trace("Username found, checking password (" + encryption + ")...");
104 String encryptedPassword = lineFields[1];
105 boolean match = Crypt.match(encryption, password, encryptedPassword);
106
107 // function will return now (even if passwords do not match
108 buf.close();
109
110 // compare the password
111 if (match) {
112 trace("Password matches.");
113 traceEnd("SUCCEEDED");
114 return SUCCEEDED;
115 } else {
116 trace("Password does not match.");
117 traceEnd("FAILED_CONTINUE");
118 return FAILED_CONTINUE;
119 }
120 }
121 }
122 buf.close();
123 trace("Username not found.");
124 } catch (FileNotFoundException e) {
125 Log.warn("File \"" + filename + "\" could not be loaded.");
126 trace("Failure: " + e.toString());
127 } catch (Exception e) {
128 trace("Failure: " + e.toString());
129 }
130 traceEnd("FAILED_CONTINUE");
131 return FAILED_CONTINUE;
132 }
133 }