package org.jboss.resteasy.plugins.server.embedded;
import java.security.Principal;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.CopyOnWriteArraySet;
import org.jboss.resteasy.resteasy_jaxrs.i18n.Messages;
/**
* POJO Security domain.
*
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
public class SimpleSecurityDomain implements SecurityDomain
{
private ConcurrentHashMap<String, String> users = new ConcurrentHashMap<String, String>();
private ConcurrentHashMap<String, Set<String>> roles = new ConcurrentHashMap<String, Set<String>>();
public void addRole(String user, String role)
{
Set<String> users = roles.get(role);
if (users == null)
{
users = new CopyOnWriteArraySet<String>();
roles.putIfAbsent(role, users);
users = roles.get(role);
}
users.add(user);
}
public void addUser(String username, String password, String[] roles)
{
users.put(username, password);
for (String role : roles) addRole(username, role);
}
public void addRoles(String role, String[] users)
{
for (String user : users) addRole(user, role);
}
public Principal authenticate(String username, String password) throws SecurityException
{
String passwd = users.get(username);
if (passwd == null) throw new SecurityException(Messages.MESSAGES.userIsNotRegistered(username));
if (!passwd.equals(password)) throw new SecurityException(Messages.MESSAGES.wrongPassword(username));
return new SimplePrincipal(username);
}
public boolean isUserInRole(Principal username, String role)
{
//System.out.println("Is user in role: " + username.getName() + " for role " + role);
Set<String> users = roles.get(role);
if (users == null)
{
//System.out.println("No user of that name");
return false;
}
boolean result = users.contains(username.getName());
//System.out.println("Result is: " + result);
return result;
}
}