Package de.aristaflow.adept2.base.service

Class AbstractAuthenticatedService

    • Field Detail

      • CFG_SERVICEAUTH_USERNAME

        public static final String CFG_SERVICEAUTH_USERNAME
        The configuration key for the user name of this service.
        See Also:
        Constant Field Values

      • CFG_SERVICEAUTH_ORGPOSID

        public static final String CFG_SERVICEAUTH_ORGPOSID
        The configuration key for the organisational position ID of this service.
        See Also:
        Constant Field Values

      • CFG_SERVICEAUTH_ORGPOSNAME

        public static final String CFG_SERVICEAUTH_ORGPOSNAME
        The configuration key for the organisational position of this service identified by its name.
        See Also:
        Constant Field Values

      • CFG_SERVICEAUTH_PASSWORD

        public static final String CFG_SERVICEAUTH_PASSWORD
        The configuration key for the password of this service.
        See Also:
        Constant Field Values

      • CFG_EARLY_SERVICEAUTH_USERNAME

        public static final String CFG_EARLY_SERVICEAUTH_USERNAME
        The configuration key for the user name of this service in the early phase (before the global security manager is available.
        See Also:
        Constant Field Values

      • CFG_EARLY_SERVICEAUTH_ORGPOSID

        public static final String CFG_EARLY_SERVICEAUTH_ORGPOSID
        The configuration key for the organisational position ID of this service in the early phase (before the global security manager is available).
        See Also:
        Constant Field Values

      • CFG_EARLY_SERVICEAUTH_ORGPOSNAME

        public static final String CFG_EARLY_SERVICEAUTH_ORGPOSNAME
        The configuration key for the organisational position of this service in the early phase (before the global security manager is available). The organisational position is identified by its name.
        See Also:
        Constant Field Values

      • CFG_EARLY_SERVICEAUTH_PASSWORD

        public static final String CFG_EARLY_SERVICEAUTH_PASSWORD
        The configuration key for the password of this service in the early phase (before the global security manager is available.
        See Also:
        Constant Field Values

    • Constructor Detail

      • AbstractAuthenticatedService

        public AbstractAuthenticatedService​(org.apache.commons.configuration2.Configuration conf,
                                    Registry registry,
                                    Class<?> cls)
                             throws ConfigurationException
        Creates an ADEPT2 service with the designated registry, a logger for this and assuming that there are no other services required except the org model manager for non-early services.
        Parameters:
        conf - The configuration providing the logon credentials for this service.
        registry - The registry to be used for accessing services by this service. This is provided as parameter to the constructor when creating a service.
        cls - The class specifying the name of the logger of this service.
        Throws:
        ConfigurationException - If the password for this authenticated service cannot be parsed from the configuration, a ConfigurationException will be thrown.

      • AbstractAuthenticatedService

        public AbstractAuthenticatedService​(org.apache.commons.configuration2.Configuration conf,
                                    Registry registry,
                                    String[] startupRequiredServices,
                                    String[] runtimeRequiredServices,
                                    Class<?> cls)
                             throws ConfigurationException
        Creates an ADEPT2 service with the designated registry, a logger for this and the designated required services.
        Parameters:
        conf - The configuration providing the logon credentials for this service.
        registry - The registry to be used for accessing services by this service. This is provided as parameter to the constructor when creating a service.
        startupRequiredServices - The service type names of services required at startup time (in init(URI[], URI[]) and AbstractADEPT2Service.start()).
        runtimeRequiredServices - The service type names of services required at runtime (after startup time).
        cls - The class specifying the name of the logger of this service.
        Throws:
        ConfigurationException - If the password for this authenticated service cannot be parsed from the configuration, a ConfigurationException will be thrown.

    • Method Detail

      • isEarlyService

        protected static boolean isEarlyService​(Registry registry)
        Gets whether this service is an early service and is started before the global security manager.
        Parameters:
        registry - The registry of the service or null in case no registry is provided, for instance when creating a registry itself.
        Returns:
        Whether this service is an early service and is started before the global security manager.

      • getStartupRequired

        protected static String[] getStartupRequired​(Registry registry,
                                             String[] startupRequiredServices)
        Gets the startup required services of this service. Depending on whether the service is an early service, the org model manager is added to the startup required services or not. Early services do not have the global security manager and therefore must not access the org model manager. Otherwise there will be cyclic service dependencies.
        Parameters:
        registry - The registry of the service.
        startupRequiredServices - The services required at startup as declared by the service.
        Returns:
        The services actually required at startup as declared by the service. This may additionally contain the org model manager in case of a non-early service.

      • _sessionActive

        public void _sessionActive​(SessionToken session,
                           UUID templID,
                           UUID baseTemplID,
                           UUID embdTemplID,
                           UUID instID,
                           EBPInstanceReference ebpIR,
                           int addStackElems)
        Description copied from class: AbstractADEPT2Service
        Registers the designated session as active, tracks the current thread and registers the log context (if CSV-logging is configured). The session will not be allowed to proceed if the service has not been started or shut down. The former blocks until the service has started successfully, the later throws an InvalidStateException.
        This method has to be called as soon as a request is received from the outside. It may be called several times, but every call has to be complemented by a call to AbstractADEPT2Service.sessionFinished(SessionToken).

        This method synchronises on the activeSessions object. So be sure not to hold any locks or at least acquire the locks in a well-defined order.

        This method should not be called directly. Call AbstractADEPT2Service.sessionActive(SessionToken), AbstractADEPT2Service.sessionActive(SessionToken, int), AbstractADEPT2Service.sessionActive(SessionToken, UUID, UUID, UUID, UUID) or AbstractADEPT2Service.sessionActive(SessionToken, UUID, UUID, EBPInstanceReference) instead.

        Overrides:
        _sessionActive in class AbstractADEPT2Service
        Parameters:
        session - The session token with which a method is called and therefore active. This must not be null.
        templID - The template ID for the log record. This may be null.
        baseTemplID - The base template ID for the log record. This may be null.
        embdTemplID - The (internal) ID of the embedded template ID the for the log record. This may be null.
        instID - The instance ID for the log record. This may be null.
        ebpIR - The EBPInstanceReference for the log record. This may be null.
        addStackElems - The additional elements to be removed from the stack so that the real method name is logged instead of a sessionActive. This is usually 0. Unless you override this method or call some sessionActive methods internally before calling methods of this class.
        Throws:
        ServiceAccessControlException - If the designated session token has no integrity and therefore the agents cannot be determined, a ServiceAccessControlExceptionwill be thrown.

      • init

        public void init​(URI[] localExportedUris,
                 URI[] globalExportedUris)
          throws AbortServiceException
        Copies the designated URI array and stores it internally and authenticates to the system and sets the session factory.
        This method can be called any time in overriding init-methods.

        In case of an early service, this will not authenticate to the system! Such a service need to authenticateService() later when the security manager is available.

        Specified by:
        init in interface ADEPT2Service
        Overrides:
        init in class AbstractADEPT2Service
        Parameters:
        localExportedUris - The URIs with which this service is exported locally or a local URI or an empty array for internal services.
        globalExportedUris - The URIs with which this service is published globally or null in case the service is not published.
        Throws:
        AbortServiceException - If authenticating at the security manager fails, an AbortServiceException will be thrown.

      • getSecurityManager

        protected SecurityManager getSecurityManager()
        Returns the security manager that will be used for authentication. This implementation will simply return the security manager provided by the registry. This may be overridden in subclasses.
        Returns:
        the security manager that will be used for authentication

      • getSessionFactory

        public SessionFactory getSessionFactory()
        Returns the session factory assigned to this service.
        Returns:
        The session factory assigned to this service.

      • createSession

        public SessionToken createSession()
        Creates a new session token using the session factory assigned to this service.
        Returns:
        A new session token using the session factory assigned to this service.

      • createChildSession

        public SessionToken createChildSession​(SessionToken parentSession)
        Creates a new child session token to the given session using the session factory assigned to this service.
        Parameters:
        parentSession - the session for which to create a child session
        Returns:
        A new child session token to the given session using the session factory assigned to this service.

      • sessionHasOneCapability

        public boolean sessionHasOneCapability​(SessionToken session,
                                       String... capabilities)
        Gets whether the designated session has one of the designated capabilities.
        Parameters:
        session - The session to check.
        capabilities - The capabilities to check for.
        Returns:
        Whether the designated session has one of the designated capabilities.
        Throws:
        ServiceAccessControlException - If the integrity of the session's security token fails, a ServiceAccessControlException will be thrown.

      • sessionHasAllCapabilities

        public boolean sessionHasAllCapabilities​(SessionToken session,
                                         String... capabilities)
        Gets whether the designated session has all of the designated capabilities.
        Parameters:
        session - The session to check.
        capabilities - The capabilities to check for.
        Returns:
        Whether the designated session has all of the designated capabilities.
        Throws:
        ServiceAccessControlException - If the integrity of the session's security token fails, a ServiceAccessControlException will be thrown.

      • sessionHasOneTopLevelCapability

        public boolean sessionHasOneTopLevelCapability​(SessionToken session,
                                               String... capabilities)
        Gets whether the top-level session of the designated session has one of the designated capabilities.
        Parameters:
        session - The session to check.
        capabilities - The capabilities to check for.
        Returns:
        Whether the top-level session of the designated session has one of the designated capabilities.
        Throws:
        ServiceAccessControlException - If the integrity of the session's security token fails, a ServiceAccessControlException will be thrown.

      • sessionHasAllTopLevelCapabilities

        public boolean sessionHasAllTopLevelCapabilities​(SessionToken session,
                                                 String... capabilities)
        Gets whether the top-level session of the designated session has all of the designated capabilities.
        Parameters:
        session - The session to check.
        capabilities - The capabilities to check for.
        Returns:
        Whether the top-level session of the designated session has all of the designated capabilities.
        Throws:
        ServiceAccessControlException - If the integrity of the session's security token fails, a ServiceAccessControlException will be thrown.

      • awaitActiveSessions

        protected void awaitActiveSessions​(boolean emergency)
        Awaits the termination of active sessions. This allows subclasses to separate waiting for the termination from shutting down this abstract service.
        Parameters:
        emergency - Whether the active sessions should only be awaited for a specific time.

      • shutdown

        public void shutdown​(boolean emergency)
        Awaits the termination of the active sessions and nulls the session factory.
        Specified by:
        shutdown in interface ADEPT2Service
        Overrides:
        shutdown in class AbstractADEPT2Service
        Parameters:
        emergency - Whether the shutdown will be an emergency shutdown.

      • getUserCredentials

        public Pair<QualifiedAgent,​QualifiedAgent> getUserCredentials​(SessionToken session)
        Gets the agent of the top-level session token and the agent of the designated session token if a session factory is available. Really returns the top-level agent and the agent of the designated session token since this class has a session factory.
        Overrides:
        getUserCredentials in class AbstractADEPT2Service
        Parameters:
        session - The session token of which to retrieve the agent of the top-level session token and the own agent.
        Returns:
        The agent of the top-level session token and the agent of the designated session token or an empty pair (containing null-values). This must not return null.
        Throws:
        ServiceAccessControlException - If the designated session token has no integrity and therefore the agents cannot be determined, a ServiceAccessControlExceptionwill be thrown.

      • getTopLevelAgent

        public QualifiedAgent getTopLevelAgent​(SessionToken session)
        Gets the agent of the top-level session token of the designated session token.
        Parameters:
        session - The session token of which to retrieve the agent of the top-level session token.
        Returns:
        The agent of the top-level session token of the designated session token.
        Throws:
        ServiceAccessControlException - If the designated session token has no integrity and therefore the agent of the top-level session token cannot be determined, a ServiceAccessControlExceptionwill be thrown.

      • getAgent

        public QualifiedAgent getAgent​(SessionToken session)
        Gets the agent of the designated session token.
        Parameters:
        session - The session token of which to retrieve the agent.
        Returns:
        The agent of the designated session token.
        Throws:
        ServiceAccessControlException - If the designated session token has no integrity and therefore the agent cannot be determined, a ServiceAccessControlException will be thrown.