Method name change from bugzilla #313.
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / common / provider / SharedMemoryShibHandle.java
1 /*
2  * The Shibboleth License, Version 1. Copyright (c) 2002 University Corporation for Advanced Internet Development, Inc.
3  * All rights reserved Redistribution and use in source and binary forms, with or without modification, are permitted
4  * provided that the following conditions are met: Redistributions of source code must retain the above copyright
5  * notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above
6  * copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials
7  * provided with the distribution, if any, must include the following acknowledgment: "This product includes software
8  * developed by the University Corporation for Advanced Internet Development <http://www.ucaid.edu> Internet2 Project.
9  * Alternately, this acknowledegement may appear in the software itself, if and wherever such third-party
10  * acknowledgments normally appear. Neither the name of Shibboleth nor the names of its contributors, nor Internet2, nor
11  * the University Corporation for Advanced Internet Development, Inc., nor UCAID may be used to endorse or promote
12  * products derived from this software without specific prior written permission. For written permission, please contact
13  * shibboleth@shibboleth.org Products derived from this software may not be called Shibboleth, Internet2, UCAID, or the
14  * University Corporation for Advanced Internet Development, nor may Shibboleth appear in their name, without prior
15  * written permission of the University Corporation for Advanced Internet Development. THIS SOFTWARE IS PROVIDED BY THE
16  * COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE
18  * DISCLAIMED AND THE ENTIRE RISK OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE. IN NO
19  * EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC.
20  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
23  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 package edu.internet2.middleware.shibboleth.common.provider;
27
28 import java.util.HashMap;
29 import java.util.HashSet;
30 import java.util.Iterator;
31 import java.util.Map;
32 import java.util.Set;
33 import java.util.Map.Entry;
34
35 import org.apache.log4j.Logger;
36 import org.opensaml.SAMLConfig;
37 import org.opensaml.SAMLException;
38 import org.opensaml.SAMLNameIdentifier;
39 import org.w3c.dom.Element;
40
41 import edu.internet2.middleware.shibboleth.common.AuthNPrincipal;
42 import edu.internet2.middleware.shibboleth.common.IdentityProvider;
43 import edu.internet2.middleware.shibboleth.common.InvalidNameIdentifierException;
44 import edu.internet2.middleware.shibboleth.common.NameIdentifierMapping;
45 import edu.internet2.middleware.shibboleth.common.NameIdentifierMappingException;
46 import edu.internet2.middleware.shibboleth.common.ServiceProvider;
47
48 /**
49  * {@link HSNameIdentifierMapping}implementation that uses an in-memory cache to store mappings between principal names
50  * and Shibboleth Attribute Query Handles.
51  * 
52  * @author Walter Hoehn
53  */
54 public class SharedMemoryShibHandle extends AQHNameIdentifierMapping implements NameIdentifierMapping {
55
56         protected HandleCache cache = HandleCache.instance();
57         private static Logger log = Logger.getLogger(SharedMemoryShibHandle.class.getName());
58         private static SAMLConfig config = SAMLConfig.instance();
59
60         public SharedMemoryShibHandle(Element config) throws NameIdentifierMappingException {
61
62                 super(config);
63         }
64
65         public SAMLNameIdentifier getNameIdentifier(AuthNPrincipal principal, ServiceProvider sProv,
66                         IdentityProvider idProv) throws NameIdentifierMappingException {
67
68                 if (principal == null) {
69                         log.error("A principal must be supplied for Attribute Query Handle creation.");
70                         throw new IllegalArgumentException("A principal must be supplied for Attribute Query Handle creation.");
71                 }
72                 try {
73                         String handle = new String(config.getDefaultIDProvider().getIdentifier());
74                         log.debug("Assigning handle (" + handle + ") to principal (" + principal.getName() + ").");
75                         synchronized (cache.handleEntries) {
76                                 cache.handleEntries.put(handle, createHandleEntry(principal));
77                         }
78
79                         return new SAMLNameIdentifier(handle, idProv.getProviderId(), getNameIdentifierFormat().toString());
80                 } catch (SAMLException e) {
81                         throw new NameIdentifierMappingException("Unable to generate Attribute Query Handle: " + e);
82                 }
83
84         }
85
86         public AuthNPrincipal getPrincipal(SAMLNameIdentifier nameId, ServiceProvider sProv, IdentityProvider idProv)
87                         throws NameIdentifierMappingException, InvalidNameIdentifierException {
88
89                 verifyQualifier(nameId, idProv);
90
91                 synchronized (cache.handleEntries) {
92                         if (!cache.handleEntries.containsKey(nameId.getName())) {
93                                 log.debug("The Name Mapping Cache does not contain an entry for this Attribute Query Handle.");
94                                 throw new InvalidNameIdentifierException(
95                                                 "The Name Mapping Cache does not contain an entry for this Attribute Query Handle.", errorCodes);
96                         }
97                 }
98
99                 HandleEntry handleEntry;
100                 synchronized (cache.handleEntries) {
101                         handleEntry = (HandleEntry) cache.handleEntries.get(nameId.getName());
102                 }
103
104                 if (handleEntry.isExpired()) {
105                         log.debug("Attribute Query Handle is expired.");
106                         synchronized (cache.handleEntries) {
107                                 cache.handleEntries.remove(nameId.getName());
108                         }
109                         throw new InvalidNameIdentifierException("Attribute Query Handle is expired.", errorCodes);
110                 } else {
111                         log.debug("Attribute Query Handle recognized.");
112                         return handleEntry.principal;
113                 }
114         }
115
116         public void destroy() {
117
118                 cache.destroy();
119         }
120
121 }
122
123 class HandleCache {
124
125         protected Map handleEntries = new HashMap();
126         private static HandleCache instance;
127         protected MemoryRepositoryCleaner cleaner = new MemoryRepositoryCleaner();
128         private static Logger log = Logger.getLogger(HandleCache.class.getName());
129
130         protected HandleCache() {
131
132         }
133
134         public static synchronized HandleCache instance() {
135
136                 if (instance == null) {
137                         instance = new HandleCache();
138                         return instance;
139                 }
140                 return instance;
141         }
142
143         protected void finalize() throws Throwable {
144
145                 super.finalize();
146                 destroy();
147         }
148
149         protected void destroy() {
150
151                 synchronized (cleaner) {
152                         if (cleaner != null) {
153                                 cleaner.shutdown = true;
154                                 cleaner.interrupt();
155                         }
156                 }
157         }
158
159         private class MemoryRepositoryCleaner extends Thread {
160
161                 private boolean shutdown = false;
162                 private Thread master;
163
164                 public MemoryRepositoryCleaner() {
165
166                         super(
167                                         "edu.internet2.middleware.shibboleth.hs.provider.SharedMemoryShibHandle.HandleCache.MemoryRepositoryCleaner");
168                         this.master = Thread.currentThread();
169                         setDaemon(true);
170                         if (getPriority() > Thread.MIN_PRIORITY) {
171                                 setPriority(getPriority() - 1);
172                         }
173                         log.debug("Starting memory-based shib handle cache cleanup thread.");
174                         start();
175                 }
176
177                 public void run() {
178
179                         try {
180                                 sleep(60 * 1000); // one minute
181                         } catch (InterruptedException e) {
182                                 log.debug("Memory-based shib handle cache cleanup interrupted.");
183                         }
184                         while (true) {
185                                 try {
186                                         if (!master.isAlive()) {
187                                                 shutdown = true;
188                                                 log.debug("Memory-based shib handle cache cleaner is orphaned.");
189                                         }
190                                         if (shutdown) {
191                                                 log.debug("Stopping Memory-based shib handle cache cleanup thread.");
192                                                 return;
193                                         }
194                                         log.debug("Memory cache handle cache cleanup thread searching for stale entries.");
195                                         Set needsDeleting = new HashSet();
196                                         synchronized (handleEntries) {
197                                                 Iterator iterator = handleEntries.entrySet().iterator();
198                                                 while (iterator.hasNext()) {
199                                                         Entry entry = (Entry) iterator.next();
200                                                         HandleEntry handleEntry = (HandleEntry) entry.getValue();
201                                                         if (handleEntry.isExpired()) {
202                                                                 needsDeleting.add(entry.getKey());
203                                                         }
204                                                 }
205                                                 // release the lock to be friendly
206                                                 Iterator deleteIterator = needsDeleting.iterator();
207                                                 while (deleteIterator.hasNext()) {
208                                                         synchronized (handleEntries) {
209                                                                 log.debug("Expiring an Attribute Query Handle from the memory cache.");
210                                                                 handleEntries.remove(deleteIterator.next());
211                                                         }
212                                                 }
213                                         }
214                                         sleep(60 * 1000); // one minute
215                                 } catch (InterruptedException e) {
216                                         log.debug("Memory-based shib handle cache cleanup interrupted.");
217                                 }
218                         }
219                 }
220         }
221
222 }