Refactoring AuthorizationProvider.

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/branches/3_3_1_branch@8218 b35dd754-fafc-0310-a699-88a17e54d16e

Refactoring AuthorizationProvider.
git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/branches/3_3_1_branch@8218 b35dd754-fafc-0310-a699-88a17e54d16e
74ac05ba · Derek DeMoro · derek · 5f8036ea · 74ac05ba · 74ac05ba
Commit 74ac05ba authored May 08, 2007 by Derek DeMoro Committed by derek May 08, 2007
10 changed files
--- a/src/java/org/jivesoftware/openfire/ldap/LdapAuthorizationProvider.java
+++ b/src/java/org/jivesoftware/openfire/ldap/LdapAuthorizationProvider.java
@@ -13,7 +13,7 @@ package org.jivesoftware.openfire.ldap;

 import org.jivesoftware.util.JiveGlobals;
 import org.jivesoftware.openfire.sasl.AbstractAuthorizationProvider;
-import org.jivesoftware.openfire.sasl.AuthorizationProvider;
+import org.jivesoftware.openfire.sasl.AuthorizationPolicy;
 import org.xmpp.packet.JID;

 import javax.naming.directory.Attribute;
@@ -38,7 +38,7 @@ import java.util.Enumeration;
 *
 * @author Jay Kline
 */
-public class LdapAuthorizationProvider extends AbstractAuthorizationProvider implements AuthorizationProvider  {
+public class LdapAuthorizationProvider extends AbstractAuthorizationProvider implements AuthorizationPolicy {

    private LdapManager manager;
    private String usernameField;

--- a/src/java/org/jivesoftware/openfire/sasl/AbstractAuthorizationPolicy.java
+++ b/src/java/org/jivesoftware/openfire/sasl/AbstractAuthorizationPolicy.java
@@ -33,7 +33,7 @@ package org.jivesoftware.openfire.sasl;
 *
 * @author Jay Kline
 */
-public abstract class AbstractAuthorizationPolicy implements AuthorizationProvider {
+public abstract class AbstractAuthorizationPolicy implements AuthorizationPolicy {

    /**
     * Returns true if the principal is explicity authorized to the JID
@@ -44,18 +44,6 @@ public abstract class AbstractAuthorizationPolicy implements AuthorizationProvid
     */
    public abstract boolean authorize(String username, String principal);

-    /**
-     * Returns the short name of the Policy
-     *
-     * @return The short name of the Policy
-     */
-    public abstract String name();

-    /**
-     * Returns a description of the Policy
-     *
-     * @return The description of the Policy.
-     */
-    public abstract String description();

 }
\ No newline at end of file
--- a/src/java/org/jivesoftware/openfire/sasl/AbstractAuthorizationProvider.java
+++ b/src/java/org/jivesoftware/openfire/sasl/AbstractAuthorizationProvider.java
@@ -36,7 +36,7 @@ import java.util.Collection;
 *
 * @author Jay Kline
 */
-public abstract class AbstractAuthorizationProvider implements AuthorizationProvider {
+public abstract class AbstractAuthorizationProvider implements AuthorizationPolicy {

    /**
     * Returns true if the principal is explicity authorized to the JID

--- a/src/java/org/jivesoftware/openfire/sasl/AuthorizationManager.java
+++ b/src/java/org/jivesoftware/openfire/sasl/AuthorizationManager.java
@@ -42,8 +42,8 @@ import java.util.StringTokenizer;
 */
 public class AuthorizationManager {

-    private static ArrayList<AuthorizationProvider> providers =
-            new ArrayList<AuthorizationProvider>();
+    private static ArrayList<AuthorizationPolicy> providers =
+            new ArrayList<AuthorizationPolicy>();
    private static AuthorizationManager instance = new AuthorizationManager();

    static {
@@ -54,8 +54,8 @@ public class AuthorizationManager {
                String s_provider = st.nextToken();
                try {
                    Class c_provider = ClassUtils.forName(s_provider);
-                    AuthorizationProvider provider =
-                            (AuthorizationProvider) (c_provider.newInstance());
+                    AuthorizationPolicy provider =
+                            (AuthorizationPolicy) (c_provider.newInstance());
                    Log.debug("AuthorizationManager: Loaded " + s_provider);
                    providers.add(provider);
                } catch (Exception e) {
@@ -81,7 +81,7 @@ public class AuthorizationManager {
     *
     * @return the current AuthorizationProvider.
     */
-    public static Collection<AuthorizationProvider> getAuthorizationProviders() {
+    public static Collection<AuthorizationPolicy> getAuthorizationProviders() {
        return providers;
    }

@@ -102,7 +102,7 @@ public class AuthorizationManager {
     */

    public static boolean authorize(String authorId, String authenId) {
-        for (AuthorizationProvider ap : providers) {
+        for (AuthorizationPolicy ap : providers) {
            if (ap.authorize(authorId, authenId)) {
                return true;
            }

--- a/src/java/org/jivesoftware/openfire/sasl/AuthorizationProvider.java
+++ b/src/java/org/jivesoftware/openfire/sasl/AuthorizationProvider.java
@@ -12,17 +12,17 @@
 package org.jivesoftware.openfire.sasl;

 /**
- * This is the interface the AuthorizationManager uses to 
- * conduct authorizations.  
- * 
- * Users that wish to integrate with their own authorization 
- * system must implement this interface, and are strongly 
+ * This is the interface the AuthorizationManager uses to
+ * conduct authorizations.
+ * <p/>
+ * Users that wish to integrate with their own authorization
+ * system must implement this interface, and are strongly
 * encouraged to extend either the AbstractAuthoriationPolicy
 * or the AbstractAuthorizationProvider classes which allow
 * the admin console manage the classes more effectively.
 * Register the class with Openfire in the <tt>openfire.xml</tt>
 * file.  An entry in that file would look like the following:
- *
+ * <p/>
 * <pre>
 *   &lt;provider&gt;
 *     &lt;authorizationpolicy&gt;
@@ -32,15 +32,28 @@ package org.jivesoftware.openfire.sasl;
 *
 * @author Jay Kline
 */
-public interface AuthorizationProvider {
+public interface AuthorizationPolicy {

    /**
     * Returns true if the principal is explicity authorized to the JID
     *
-     * @param username The username requested.
+     * @param username  The username requested.
     * @param principal The principal requesting the username.
     * @return true is the user is authorized to be principal
     */
    public boolean authorize(String username, String principal);

+    /**
+     * Returns the short name of the Policy
+     *
+     * @return The short name of the Policy
+     */
+    public abstract String name();
+
+    /**
+     * Returns a description of the Policy
+     *
+     * @return The description of the Policy.
+     */
+    public abstract String description();
 }
\ No newline at end of file
--- a/src/java/org/jivesoftware/openfire/sasl/DefaultAuthorizationPolicy.java
+++ b/src/java/org/jivesoftware/openfire/sasl/DefaultAuthorizationPolicy.java
@@ -22,8 +22,7 @@ import org.jivesoftware.openfire.XMPPServer;
 *
 * @author Jay Kline
 */
-public class DefaultAuthorizationPolicy extends AbstractAuthorizationPolicy
-        implements AuthorizationProvider {
+public class DefaultAuthorizationPolicy  implements AuthorizationPolicy {

    private String serverName;


--- a/src/java/org/jivesoftware/openfire/sasl/DefaultAuthorizationProvider.java
+++ b/src/java/org/jivesoftware/openfire/sasl/DefaultAuthorizationProvider.java
@@ -30,7 +30,7 @@ import java.util.Collection;
 * @author Jay Kline
 */
 public class DefaultAuthorizationProvider extends AbstractAuthorizationProvider
-        implements AuthorizationProvider {
+        implements AuthorizationPolicy {

    private static final String MATCH_AUTHORIZED =
            "SELECT username FROM jiveSASLAuthorized WHERE username=? AND authorized=?";

--- a/src/java/org/jivesoftware/openfire/sasl/LazyAuthorizationPolicy.java
+++ b/src/java/org/jivesoftware/openfire/sasl/LazyAuthorizationPolicy.java
@@ -12,24 +12,24 @@
 package org.jivesoftware.openfire.sasl;

 /**
- * This policy will authorize any principal who's username matches exactly 
- * the username of the JID. This means when cross realm authentication is 
+ * This policy will authorize any principal who's username matches exactly
+ * the username of the JID. This means when cross realm authentication is
 * allowed, user@REALM_A.COM and user@REALM_B.COM could both authorize as
 * user@servername, so there is some risk here. But if usernames across the
 *
 * @author Jay Kline
 */
-public class LazyAuthorizationPolicy extends AbstractAuthorizationPolicy implements AuthorizationProvider {
+public class LooseAuthorizationPolicy implements AuthorizationPolicy {

    /**
     * Returns true if the principal is explicity authorized to the JID
     *
-     * @param username The username requested.
+     * @param username  The username requested.
     * @param principal The principal requesting the username.
     * @return true is the user is authorized to be principal
     */
    public boolean authorize(String username, String principal) {
-        return (principal.startsWith(username+"@"));
+        return (principal.startsWith(username + "@"));
    }

    /**
@@ -38,7 +38,7 @@ public class LazyAuthorizationPolicy extends AbstractAuthorizationPolicy impleme
     * @return The short name of the Policy
     */
    public String name() {
-        return "Lazy";
+        return "Loose Authorization Policy";
    }

    /**

--- a/src/java/org/jivesoftware/openfire/sasl/StrictAuthorizationPolicy.java
+++ b/src/java/org/jivesoftware/openfire/sasl/StrictAuthorizationPolicy.java
@@ -15,31 +15,31 @@ import org.jivesoftware.util.JiveGlobals;

 /**
 * This policy will authorize any principal who:
- *
- *  <li> Username of principal matches exactly the username of the JID </li>
- *  <li> The user principal's realm matches exactly the realm of the server.</li>
- * Note that the realm may not match the servername, and in fact for this 
- * policy to be useful it will not match the servername. RFC3920 Section 
+ * <p/>
+ * <li> Username of principal matches exactly the username of the JID </li>
+ * <li> The user principal's realm matches exactly the realm of the server.</li>
+ * Note that the realm may not match the servername, and in fact for this
+ * policy to be useful it will not match the servername. RFC3920 Section
 * 6.1, item 7 states that if the principal (authorization entity) is the
 * same as the JID (initiating entity), its MUST NOT provide an authorization
- * identity. In practice however, GSSAPI will provide both. (Note: Ive 
+ * identity. In practice however, GSSAPI will provide both. (Note: Ive
 * not done extensive testing on this)
 *
 * @author Jay Kline
 */
-public class StrictAuthorizationPolicy extends AbstractAuthorizationPolicy implements AuthorizationProvider {
+public class StrictAuthorizationPolicy implements AuthorizationPolicy {

    /**
     * Returns true if the principal is explicity authorized to the JID
     *
-     * @param username The username requested.
+     * @param username  The username requested.
     * @param principal The principal requesting the username.
     * @return true is the user is authorized to be principal
     */
    public boolean authorize(String username, String principal) {
-        return (principal.equals(username+"@"+JiveGlobals.getXMLProperty("sasl.realm")));
+        return (principal.equals(username + "@" + JiveGlobals.getXMLProperty("sasl.realm")));
    }
-    
+
    /**
     * Returns the short name of the Policy
     *
@@ -48,7 +48,7 @@ public class StrictAuthorizationPolicy extends AbstractAuthorizationPolicy imple
    public String name() {
        return "Strict Policy";
    }
-    
+
    /**
     * Returns a description of the Policy
     *

--- a/src/java/org/jivesoftware/openfire/sasl/UnixK5LoginProvider.java
+++ b/src/java/org/jivesoftware/openfire/sasl/UnixK5LoginProvider.java
@@ -36,7 +36,7 @@ import java.util.Collection;
 *
 * @author Jay Kline
 */
-public class UnixK5LoginProvider extends AbstractAuthorizationProvider implements AuthorizationProvider {
+public class UnixK5LoginProvider extends AbstractAuthorizationProvider implements AuthorizationPolicy {

    /**
     * Returns true if the principal is explicity authorized to the JID