Esempio n. 1
0
  /**
   * Authenticate users
   *
   * @param oc the streams
   * @param ci the ConnectInfo
   */
  private void authentification(ObjectConnection oc, Message message, String data) {
    String passwd = null;
    String name = null;
    String authenticationServer = null;
    String hostname = null;
    int port = 0;
    StringTokenizer stk = new StringTokenizer(data, " ");

    try {
      passwd = stk.nextToken();
      hostname = stk.nextToken();
      port = Integer.parseInt(stk.nextToken());
    } catch (Exception ex) {
      Logging.getLogger().warning("#Err > Incorrect authentication message.");
      try {
        oc.write("BAD_MESSAGE");
      } catch (Exception e) {
      }

      return;
    }

    name = message.getSender().getName();
    authenticationServer = message.getSender().getAuthenticationServer();
    UserConcept user = null;

    try {
      user = store.getUserStore().getUser(message.getSender().getName());
    } catch (Exception e) {
      e.printStackTrace();
    }

    // password ok
    if (user != null && store.getUserStore().checkUserPassword(user, passwd)) {
      // disconnect already connected user
      if (isAlreadyKnown(message.getSender())) {
        ConnectInfo oldUser = getCompleteConnectInfo(message.getSender());
        try {
          ObjectConnection myoc = this.sendMessageTo(oldUser, "Client", "DISCONNECT");
          myoc.close();
        } catch (Exception e) {
          // we can't do much here, the client might have crashed
        }
        this.removeConnectInfo(oldUser);
      }

      connections.add(
          new ConnectInfo(
              name, authenticationServer, hostname, port, user.getPublicKey(), "Client"));
      try {
        oc.write("AUTH_ACCEPTED " + user.getPrivateKey());
      } catch (Exception e) {
        e.printStackTrace();
      }
      this.sendUserList();
    } else {
      try {
        oc.write("NOT_VALID_USER");
      } catch (Exception e) {
      }
    }
  }
Esempio n. 2
0
  /**
   * Reads messages from the network. A message is either a command for the server or for an
   * internal Service.
   *
   * @param sock the Socket
   */
  private void getMessage(Socket sock) {
    int i;
    boolean alreadyConnected;
    boolean isAuthentication;

    Message message;
    byte[] signature;

    String cmd;
    String cmdData;
    StringTokenizer stk;

    ObjectConnection oc = null;

    try {
      /* streams initialization */
      oc = new ObjectConnection(sock);
      message = (Message) oc.read();
      signature = (byte[]) oc.read();
    } catch (Exception ex) {
      ex.printStackTrace();
      Logging.getLogger().warning("#Err > Unable to read message.");
      return;
    }

    // check wether a user is known or not
    alreadyConnected = isAlreadyKnown(message.getSender());

    // check if command is authentication
    isAuthentication =
        message.getApplication().equals("Server")
            && ((String) message.getData()).startsWith("AUTH");

    // signature check
    if (alreadyConnected && !isAuthentication) {
      boolean sigok = false;
      try {
        ConnectInfo ci = message.getSender();
        if (ci.verifier == null) ci = this.getCompleteConnectInfo(ci);
        sigok = ci.verifier.verify(message, signature);
      } catch (Exception e) {
        e.printStackTrace();
      }

      if (!sigok) {
        try {
          oc.write("FAILED bad signature");
        } catch (Exception e) {
        }
        Logging.getLogger().warning("#Err > bad signature: " + message.getSender());
        return;
      }
    }

    if (message.getApplication().equals("Server")) {
      cmd = null;

      try {
        stk = new StringTokenizer((String) message.getData());
        cmd = stk.nextToken();
        cmdData = stk.nextToken("\0").substring(1);
      } catch (Exception ex) {
        if (cmd == null) cmd = "";

        cmdData = "";
      }

      /* if the user asks for authentication, we try to do it and exits this method */
      if (cmd.equals("AUTH")) {
        try {
          oc.write("OK");
        } catch (Exception e) {
          e.printStackTrace();
        }

        authentification(oc, message, cmdData);
      } else if (!alreadyConnected) {
        Logging.getLogger().info("Access denied to " + message.getSender());
        try {
          oc.write("FAILED No Connection");
        } catch (Exception e) {
        }
      } else {
        internalCommand(oc, message, cmd, cmdData);
      }
    } else if (!alreadyConnected) {
      Logging.getLogger().info("Access denied to " + message.getSender());
      try {
        oc.write("FAILED No Connection");
      } catch (Exception e) {
      }
    } else {
      Service s;

      /* seek the destination service */
      boolean serviceFound = false;
      for (i = 0; i < this.services.size(); i++) {
        s = (Service) services.get(i);

        if (s.getName().equalsIgnoreCase(message.getApplication())) {
          serviceFound = true;
          UserConcept user = null;
          ServiceConcept service = null;
          try {
            user = store.getUserStore().getUser(message.getSender().getName());
            service = store.getServiceStore().getService(message.getReceiver().getName());
          } catch (Exception e) {
          }

          /* tests serviceManager for permissions */
          boolean isAutorizedService = false;
          try {
            isAutorizedService = store.getServiceStore().isAuthorizedService(user, service);
          } catch (Exception e) {
          }

          if (!isAutorizedService) {
            Logging.getLogger()
                .info(
                    "#Err > "
                        + message.getSender()
                        + " : Service denied to "
                        + message.getReceiver().getName());
            try {
              oc.write("FAILED You don't have acces to this service");
            } catch (Exception e) {
            }
          } else {
            try {
              oc.write("OK");
            } catch (Exception e) {
            }
            serviceFound = true;
            s.process(oc, message);
          }
          break;
        }
      }

      if (!serviceFound) {
        try {
          oc.write("FAILED unknown");
        } catch (Exception e) {
        }
        Logging.getLogger()
            .warning("#Err > Service " + message.getReceiver().getName() + " unknown");
      }
    }

    oc.close();
  }