]>
git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.node.api/src/org/argeo/node/security/NodeSecurityUtils.java
1 package org
.argeo
.node
.security
;
3 import java
.util
.Arrays
;
4 import java
.util
.Collections
;
7 import javax
.naming
.InvalidNameException
;
8 import javax
.naming
.ldap
.LdapName
;
10 import org
.argeo
.node
.NodeConstants
;
12 public class NodeSecurityUtils
{
13 public final static LdapName ROLE_ADMIN_NAME
, ROLE_ANONYMOUS_NAME
, ROLE_USER_NAME
, ROLE_USER_ADMIN_NAME
;
14 public final static List
<LdapName
> RESERVED_ROLES
;
17 ROLE_ADMIN_NAME
= new LdapName(NodeConstants
.ROLE_ADMIN
);
18 ROLE_USER_NAME
= new LdapName(NodeConstants
.ROLE_USER
);
19 ROLE_USER_ADMIN_NAME
= new LdapName(NodeConstants
.ROLE_USER_ADMIN
);
20 ROLE_ANONYMOUS_NAME
= new LdapName(NodeConstants
.ROLE_ANONYMOUS
);
21 RESERVED_ROLES
= Collections
.unmodifiableList(Arrays
.asList(
22 new LdapName
[] { ROLE_ADMIN_NAME
, ROLE_ANONYMOUS_NAME
, ROLE_USER_NAME
, ROLE_USER_ADMIN_NAME
}));
23 } catch (InvalidNameException e
) {
24 throw new Error("Cannot initialize login module class", e
);
28 public static void checkUserName(LdapName name
) throws IllegalArgumentException
{
29 if (RESERVED_ROLES
.contains(name
))
30 throw new IllegalArgumentException(name
+ " is a reserved name");
33 public static void checkImpliedPrincipalName(LdapName roleName
) throws IllegalArgumentException
{
34 if (ROLE_USER_NAME
.equals(roleName
) || ROLE_ANONYMOUS_NAME
.equals(roleName
))
35 throw new IllegalArgumentException(roleName
+ " cannot be listed as role");