package org.jboss.resteasy.plugins.server.embedded;

import java.security.Principal;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.CopyOnWriteArraySet;

import org.jboss.resteasy.resteasy_jaxrs.i18n.Messages;

POJO Security domain.
Author:Bill Burke
Version:$Revision: 1 $
/** * POJO Security domain. * * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a> * @version $Revision: 1 $ */
public class SimpleSecurityDomain implements SecurityDomain { private ConcurrentHashMap<String, String> users = new ConcurrentHashMap<String, String>(); private ConcurrentHashMap<String, Set<String>> roles = new ConcurrentHashMap<String, Set<String>>(); public void addRole(String user, String role) { Set<String> users = roles.get(role); if (users == null) { users = new CopyOnWriteArraySet<String>(); roles.putIfAbsent(role, users); users = roles.get(role); } users.add(user); } public void addUser(String username, String password, String[] roles) { users.put(username, password); for (String role : roles) addRole(username, role); } public void addRoles(String role, String[] users) { for (String user : users) addRole(user, role); } public Principal authenticate(String username, String password) throws SecurityException { String passwd = users.get(username); if (passwd == null) throw new SecurityException(Messages.MESSAGES.userIsNotRegistered(username)); if (!passwd.equals(password)) throw new SecurityException(Messages.MESSAGES.wrongPassword(username)); return new SimplePrincipal(username); } public boolean isUserInRole(Principal username, String role) { //System.out.println("Is user in role: " + username.getName() + " for role " + role); Set<String> users = roles.get(role); if (users == null) { //System.out.println("No user of that name"); return false; } boolean result = users.contains(username.getName()); //System.out.println("Result is: " + result); return result; } }