View Javadoc

1   /*
2    * Copyright 2008-2009 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kim.service.impl;
17  
18  import java.util.ArrayList;
19  import java.util.Collections;
20  import java.util.HashMap;
21  import java.util.Iterator;
22  import java.util.List;
23  import java.util.Map;
24  
25  import javax.jws.WebService;
26  import javax.servlet.http.HttpServletRequest;
27  
28  import org.apache.log4j.Logger;
29  import org.kuali.rice.core.util.MaxAgeSoftReference;
30  import org.kuali.rice.core.util.MaxSizeMap;
31  import org.kuali.rice.core.util.RiceDebugUtils;
32  import org.kuali.rice.kim.bo.entity.KimEntity;
33  import org.kuali.rice.kim.bo.entity.KimPrincipal;
34  import org.kuali.rice.kim.bo.entity.dto.KimEntityDefaultInfo;
35  import org.kuali.rice.kim.bo.entity.dto.KimEntityInfo;
36  import org.kuali.rice.kim.bo.entity.dto.KimPrincipalInfo;
37  import org.kuali.rice.kim.bo.group.dto.GroupInfo;
38  import org.kuali.rice.kim.bo.reference.dto.AddressTypeInfo;
39  import org.kuali.rice.kim.bo.reference.dto.AffiliationTypeInfo;
40  import org.kuali.rice.kim.bo.reference.dto.CitizenshipStatusInfo;
41  import org.kuali.rice.kim.bo.reference.dto.EmailTypeInfo;
42  import org.kuali.rice.kim.bo.reference.dto.EmploymentStatusInfo;
43  import org.kuali.rice.kim.bo.reference.dto.EmploymentTypeInfo;
44  import org.kuali.rice.kim.bo.reference.dto.EntityNameTypeInfo;
45  import org.kuali.rice.kim.bo.reference.dto.EntityTypeInfo;
46  import org.kuali.rice.kim.bo.reference.dto.ExternalIdentifierTypeInfo;
47  import org.kuali.rice.kim.bo.reference.dto.KimCodeInfoBase;
48  import org.kuali.rice.kim.bo.reference.dto.PhoneTypeInfo;
49  import org.kuali.rice.kim.bo.role.dto.KimPermissionInfo;
50  import org.kuali.rice.kim.bo.role.dto.KimResponsibilityInfo;
51  import org.kuali.rice.kim.bo.role.dto.PermissionAssigneeInfo;
52  import org.kuali.rice.kim.bo.role.dto.ResponsibilityActionInfo;
53  import org.kuali.rice.kim.bo.types.dto.AttributeSet;
54  import org.kuali.rice.kim.service.AuthenticationService;
55  import org.kuali.rice.kim.service.GroupService;
56  import org.kuali.rice.kim.service.GroupUpdateService;
57  import org.kuali.rice.kim.service.IdentityManagementService;
58  import org.kuali.rice.kim.service.IdentityService;
59  import org.kuali.rice.kim.service.IdentityUpdateService;
60  import org.kuali.rice.kim.service.KIMServiceLocator;
61  import org.kuali.rice.kim.service.PermissionService;
62  import org.kuali.rice.kim.service.ResponsibilityService;
63  import org.kuali.rice.kim.util.KIMWebServiceConstants;
64  import org.springframework.beans.factory.InitializingBean;
65  import org.springframework.transaction.annotation.Transactional;
66  
67  @WebService(endpointInterface = KIMWebServiceConstants.IdentityManagementService.INTERFACE_CLASS, serviceName = KIMWebServiceConstants.IdentityManagementService.WEB_SERVICE_NAME, portName = KIMWebServiceConstants.IdentityManagementService.WEB_SERVICE_PORT, targetNamespace = KIMWebServiceConstants.MODULE_TARGET_NAMESPACE)
68  public class IdentityManagementServiceImpl implements IdentityManagementService, InitializingBean {
69  	private static final Logger LOG = Logger.getLogger( IdentityManagementServiceImpl.class );
70  
71  	private AuthenticationService authenticationService;
72  	private PermissionService permissionService;
73  	private ResponsibilityService responsibilityService;
74  	private IdentityService identityService;
75  	private GroupService groupService;
76  	private GroupUpdateService groupUpdateService;
77  	private IdentityUpdateService identityUpdateService;
78  
79  
80  	// Max age defined in seconds
81  	protected int entityPrincipalCacheMaxSize = 200;
82  	protected int entityPrincipalCacheMaxAgeSeconds = 30;
83  	protected int groupCacheMaxSize = 200;
84  	protected int groupCacheMaxAgeSeconds = 30;
85  	protected int permissionCacheMaxSize = 200;
86  	protected int permissionCacheMaxAgeSeconds = 30;
87  	protected int responsibilityCacheMaxSize = 200;
88  	protected int responsibilityCacheMaxAgeSeconds = 30;
89  
90  	protected Map<String,MaxAgeSoftReference<KimEntityDefaultInfo>> entityDefaultInfoCache;
91  	protected Map<String,MaxAgeSoftReference<KimEntity>> entityCache;
92  	protected Map<String,MaxAgeSoftReference<KimEntityInfo>> entityInfoCache;
93  	protected Map<String,MaxAgeSoftReference<KimPrincipalInfo>> principalByIdCache;
94  	protected Map<String,MaxAgeSoftReference<KimPrincipalInfo>> principalByNameCache;
95  	protected Map<String,MaxAgeSoftReference<GroupInfo>> groupByIdCache;
96  	protected Map<String,MaxAgeSoftReference<GroupInfo>> groupByNameCache;
97  	protected Map<String,MaxAgeSoftReference<List<String>>> groupIdsForPrincipalCache;
98  	protected Map<String,MaxAgeSoftReference<List<? extends GroupInfo>>> groupsForPrincipalCache;
99  	protected Map<String,MaxAgeSoftReference<Boolean>> isMemberOfGroupCache;
100 	protected Map<String,MaxAgeSoftReference<Boolean>> isGroupMemberOfGroupCache;
101 	protected Map<String,MaxAgeSoftReference<List<String>>> groupMemberPrincipalIdsCache;
102 	protected Map<String,MaxAgeSoftReference<Boolean>> hasPermissionCache;
103 	protected Map<String,MaxAgeSoftReference<Boolean>> hasPermissionByTemplateCache;
104 	protected Map<String,MaxAgeSoftReference<Boolean>> isAuthorizedCache;
105 	protected Map<String,MaxAgeSoftReference<Boolean>> isAuthorizedByTemplateNameCache;
106     protected Map<String,MaxAgeSoftReference<Boolean>> isPermissionDefinedForTemplateNameCache;
107 
108     protected HashMap<String,KimCodeInfoBase> kimReferenceTypeCache = new HashMap<String, KimCodeInfoBase>();
109 
110 	public void afterPropertiesSet() throws Exception {
111 		entityDefaultInfoCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<KimEntityDefaultInfo>>( entityPrincipalCacheMaxSize ) );
112 		entityCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<KimEntity>>( entityPrincipalCacheMaxSize ) );
113 		entityInfoCache = Collections.synchronizedMap( new MaxSizeMap<String, MaxAgeSoftReference<KimEntityInfo>>(entityPrincipalCacheMaxSize));
114 		principalByIdCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<KimPrincipalInfo>>( entityPrincipalCacheMaxSize ) );
115 		principalByNameCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<KimPrincipalInfo>>( entityPrincipalCacheMaxSize ) );
116 		groupByIdCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<GroupInfo>>( groupCacheMaxSize ) );
117 		groupByNameCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<GroupInfo>>( groupCacheMaxSize ) );
118 		groupIdsForPrincipalCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<List<String>>>( groupCacheMaxSize ) );
119 		groupsForPrincipalCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<List<? extends GroupInfo>>>( groupCacheMaxSize ) );
120 		isMemberOfGroupCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<Boolean>>( groupCacheMaxSize ) );
121 		groupMemberPrincipalIdsCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<List<String>>>( groupCacheMaxSize ) );
122 		hasPermissionCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<Boolean>>( permissionCacheMaxSize ) );
123 		hasPermissionByTemplateCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<Boolean>>( permissionCacheMaxSize ) );
124 		isPermissionDefinedForTemplateNameCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<Boolean>>( permissionCacheMaxSize ) );
125 		isAuthorizedByTemplateNameCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<Boolean>>( permissionCacheMaxSize ) );
126 		isAuthorizedCache = Collections.synchronizedMap( new MaxSizeMap<String,MaxAgeSoftReference<Boolean>>( permissionCacheMaxSize ) );
127 	}
128 
129 	public void flushAllCaches() {
130 		flushEntityPrincipalCaches();
131 		flushGroupCaches();
132 		flushPermissionCaches();
133 		flushResponsibilityCaches();
134 	}
135 
136 	public void flushEntityPrincipalCaches() {
137 		entityDefaultInfoCache.clear();
138 		entityCache.clear();
139 		principalByIdCache.clear();
140 		principalByNameCache.clear();
141 	}
142 
143 	public void flushGroupCaches() {
144 		groupByIdCache.clear();
145 		groupByNameCache.clear();
146 		groupIdsForPrincipalCache.clear();
147 		groupsForPrincipalCache.clear();
148 		isMemberOfGroupCache.clear();
149 		groupMemberPrincipalIdsCache.clear();
150 	}
151 
152 	public void flushPermissionCaches() {
153 		hasPermissionCache.clear();
154 		hasPermissionByTemplateCache.clear();
155 		isPermissionDefinedForTemplateNameCache.clear();
156 		isAuthorizedByTemplateNameCache.clear();
157 		isAuthorizedCache.clear();
158 	}
159 
160 	public void flushResponsibilityCaches() {
161 		// nothing currently being cached
162 	}
163 
164 	protected KimEntityDefaultInfo getEntityDefaultInfoFromCache( String entityId ) {
165 		MaxAgeSoftReference<KimEntityDefaultInfo> entityRef = entityDefaultInfoCache.get( "entityId="+entityId );
166 		if ( entityRef != null ) {
167 			return entityRef.get();
168 		}
169 		return null;
170 	}
171 
172 	protected KimEntityDefaultInfo getEntityDefaultInfoFromCacheByPrincipalId( String principalId ) {
173 		MaxAgeSoftReference<KimEntityDefaultInfo> entityRef = entityDefaultInfoCache.get( "principalId="+principalId );
174 		if ( entityRef != null ) {
175 			return entityRef.get();
176 		}
177 		return null;
178 	}
179 
180 	protected KimEntityDefaultInfo getEntityDefaultInfoFromCacheByPrincipalName( String principalName ) {
181 		MaxAgeSoftReference<KimEntityDefaultInfo> entityRef = entityDefaultInfoCache.get( "principalName="+principalName );
182 		if ( entityRef != null ) {
183 			return entityRef.get();
184 		}
185 		return null;
186 	}
187 
188 	protected KimEntityInfo getEntityInfoFromCache( String entityId ) {
189 		MaxAgeSoftReference<KimEntityInfo> entityRef = entityInfoCache.get( "entityId="+entityId );
190 		if ( entityRef != null ) {
191 			return entityRef.get();
192 		}
193 		return null;
194 	}
195 
196 	protected KimEntityInfo getEntityInfoFromCacheByPrincipalId( String principalId ) {
197 		MaxAgeSoftReference<KimEntityInfo> entityRef = entityInfoCache.get( "principalId="+principalId );
198 		if ( entityRef != null ) {
199 			return entityRef.get();
200 		}
201 		return null;
202 	}
203 
204 	protected KimEntityInfo getEntityInfoFromCacheByPrincipalName( String principalName ) {
205 		MaxAgeSoftReference<KimEntityInfo> entityRef = entityInfoCache.get( "principalName="+principalName );
206 		if ( entityRef != null ) {
207 			return entityRef.get();
208 		}
209 		return null;
210 	}
211 
212 	protected KimEntity getEntityFromCache( String entityId ) {
213 		MaxAgeSoftReference<KimEntity> entityRef = entityCache.get( "entityId="+entityId );
214 		if ( entityRef != null ) {
215 			return entityRef.get();
216 		}
217 		return null;
218 	}
219 
220 	protected KimEntity getEntityFromCacheByPrincipalId( String principalId ) {
221 		MaxAgeSoftReference<KimEntity> entityRef = entityCache.get( "principalId="+principalId );
222 		if ( entityRef != null ) {
223 			return entityRef.get();
224 		}
225 		return null;
226 	}
227 
228 	protected KimEntity getEntityFromCacheByPrincipalName( String principalName ) {
229 		MaxAgeSoftReference<KimEntity> entityRef = entityCache.get( "principalName="+principalName );
230 		if ( entityRef != null ) {
231 			return entityRef.get();
232 		}
233 		return null;
234 	}
235 
236 	protected KimPrincipalInfo getPrincipalByIdCache( String principalId ) {
237 		MaxAgeSoftReference<KimPrincipalInfo> principalRef = principalByIdCache.get( principalId );
238 		if ( principalRef != null ) {
239 			return principalRef.get();
240 		}
241 		return null;
242 	}
243 
244 	protected KimPrincipalInfo getPrincipalByNameCache( String principalName ) {
245 		MaxAgeSoftReference<KimPrincipalInfo> principalRef = principalByNameCache.get( principalName );
246 		if ( principalRef != null ) {
247 			return principalRef.get();
248 		}
249 		return null;
250 	}
251 
252 	protected GroupInfo getGroupByIdCache( String groupId ) {
253 		MaxAgeSoftReference<GroupInfo> groupRef = groupByIdCache.get( groupId );
254 		if ( groupRef != null ) {
255 			return groupRef.get();
256 		}
257 		return null;
258 	}
259 
260 	protected GroupInfo getGroupByNameCache( String groupName ) {
261 		MaxAgeSoftReference<GroupInfo> groupRef = groupByNameCache.get( groupName );
262 		if ( groupRef != null ) {
263 			return groupRef.get();
264 		}
265 		return null;
266 	}
267 
268 	protected List<String> getGroupIdsForPrincipalCache( String principalId ) {
269 		MaxAgeSoftReference<List<String>> groupIdsRef = groupIdsForPrincipalCache.get( principalId );
270 		if ( groupIdsRef != null ) {
271 			return groupIdsRef.get();
272 		}
273 		return null;
274 	}
275 
276 	protected List<? extends GroupInfo> getGroupsForPrincipalCache( String principalId ) {
277 		MaxAgeSoftReference<List<? extends GroupInfo>> groupsRef = groupsForPrincipalCache.get( principalId );
278 		if ( groupsRef != null ) {
279 			return groupsRef.get();
280 		}
281 		return null;
282 	}
283 
284 	protected Boolean getIsMemberOfGroupCache( String principalId, String groupId ) {
285 		MaxAgeSoftReference<Boolean> isMemberRef = isMemberOfGroupCache.get( principalId + "-" + groupId );
286 		if ( isMemberRef != null ) {
287 			return isMemberRef.get();
288 		}
289 		return null;
290 	}
291 
292 	protected Boolean getIsGroupMemberOfGroupCache( String potentialMemberId, String potentialParentId )
293 	{
294 		MaxAgeSoftReference<Boolean> isMemberRef = isGroupMemberOfGroupCache.get( potentialMemberId + "-" + potentialParentId );
295 		if ( isMemberRef != null ) {
296 			return isMemberRef.get();
297 		}
298 		return null;
299 	}
300 
301 	protected List<String> getGroupMemberPrincipalIdsCache( String groupId ) {
302 		MaxAgeSoftReference<List<String>> memberIdsRef = groupMemberPrincipalIdsCache.get( groupId );
303 		if ( memberIdsRef != null ) {
304 			return memberIdsRef.get();
305 		}
306 		return null;
307 	}
308 
309 	protected Boolean getHasPermissionCache( String key ) {
310 		MaxAgeSoftReference<Boolean> hasPermissionRef = hasPermissionCache.get( key );
311 		if ( hasPermissionRef != null ) {
312 			return hasPermissionRef.get();
313 		}
314 		return null;
315 	}
316 
317 	protected Boolean getHasPermissionByTemplateCache( String key ) {
318 		MaxAgeSoftReference<Boolean> hasPermissionRef = hasPermissionByTemplateCache.get( key );
319 		if ( hasPermissionRef != null ) {
320 			return hasPermissionRef.get();
321 		}
322 		return null;
323 	}
324 
325 	protected Boolean getIsAuthorizedByTemplateNameFromCache( String key ) {
326 		MaxAgeSoftReference<Boolean> cacheEntryRef = isAuthorizedByTemplateNameCache.get( key );
327 		if ( cacheEntryRef != null ) {
328 			return cacheEntryRef.get();
329 		}
330 		return null;
331 	}
332 
333 	protected Boolean getIsAuthorizedFromCache( String key ) {
334 		MaxAgeSoftReference<Boolean> cacheEntryRef = isAuthorizedCache.get( key );
335 		if ( cacheEntryRef != null ) {
336 			return cacheEntryRef.get();
337 		}
338 		return null;
339 	}
340 
341 	protected void addEntityToCache( KimEntity entity ) {
342 		if ( entity != null ) {
343 			entityCache.put( "entityId="+entity.getEntityId(), new MaxAgeSoftReference<KimEntity>( entityPrincipalCacheMaxAgeSeconds, entity ) );
344 			for ( KimPrincipal p : entity.getPrincipals() ) {
345 				entityCache.put( "principalId="+p.getPrincipalId(), new MaxAgeSoftReference<KimEntity>( entityPrincipalCacheMaxAgeSeconds, entity ) );
346 				entityCache.put( "principalName="+p.getPrincipalName(), new MaxAgeSoftReference<KimEntity>( entityPrincipalCacheMaxAgeSeconds, entity ) );
347 			}
348 		}
349 	}
350 
351 	protected void addEntityDefaultInfoToCache( KimEntityDefaultInfo entity ) {
352 		if ( entity != null ) {
353 			entityDefaultInfoCache.put( "entityId="+entity.getEntityId(), new MaxAgeSoftReference<KimEntityDefaultInfo>( entityPrincipalCacheMaxAgeSeconds, entity ) );
354 			for ( KimPrincipal p : entity.getPrincipals() ) {
355 				entityDefaultInfoCache.put( "principalId="+p.getPrincipalId(), new MaxAgeSoftReference<KimEntityDefaultInfo>( entityPrincipalCacheMaxAgeSeconds, entity ) );
356 				entityDefaultInfoCache.put( "principalName="+p.getPrincipalName(), new MaxAgeSoftReference<KimEntityDefaultInfo>( entityPrincipalCacheMaxAgeSeconds, entity ) );
357 			}
358 		}
359 	}
360 
361 	protected void addEntityInfoToCache( KimEntityInfo entity ) {
362 		if ( entity != null ) {
363 			entityInfoCache.put( "entityId="+entity.getEntityId(), new MaxAgeSoftReference<KimEntityInfo>( entityPrincipalCacheMaxAgeSeconds, entity ) );
364 			for ( KimPrincipal p : entity.getPrincipals() ) {
365 				entityInfoCache.put( "principalId="+p.getPrincipalId(), new MaxAgeSoftReference<KimEntityInfo>( entityPrincipalCacheMaxAgeSeconds, entity ) );
366 				entityInfoCache.put( "principalName="+p.getPrincipalName(), new MaxAgeSoftReference<KimEntityInfo>( entityPrincipalCacheMaxAgeSeconds, entity ) );
367 			}
368 		}
369 	}
370 
371 	protected void addPrincipalToCache( KimPrincipalInfo principal ) {
372 		if ( principal != null ) {
373 			principalByNameCache.put( principal.getPrincipalName(), new MaxAgeSoftReference<KimPrincipalInfo>( entityPrincipalCacheMaxAgeSeconds, principal ) );
374 			principalByIdCache.put( principal.getPrincipalId(), new MaxAgeSoftReference<KimPrincipalInfo>( entityPrincipalCacheMaxAgeSeconds, principal ) );
375 		}
376 	}
377 
378 	protected void addGroupToCache( GroupInfo group ) {
379 		if ( group != null ) {
380 			groupByNameCache.put( group.getGroupName(), new MaxAgeSoftReference<GroupInfo>( groupCacheMaxAgeSeconds, group ) );
381 			groupByIdCache.put( group.getGroupId(), new MaxAgeSoftReference<GroupInfo>( groupCacheMaxAgeSeconds, group ) );
382 		}
383 	}
384 
385 	protected void addGroupIdsForPrincipalToCache( String principalId, List<String> ids ) {
386 		if ( ids != null ) {
387 			groupIdsForPrincipalCache.put( principalId, new MaxAgeSoftReference<List<String>>( groupCacheMaxAgeSeconds, ids ) );
388 		}
389 	}
390 
391 	protected void addGroupsForPrincipalToCache( String principalId, List<? extends GroupInfo> groups ) {
392 		if ( groups != null ) {
393 			groupsForPrincipalCache.put( principalId, new MaxAgeSoftReference<List<? extends GroupInfo>>( groupCacheMaxAgeSeconds, groups ) );
394 			List<String> groupIds = new ArrayList<String>( groups.size() );
395 			for ( GroupInfo group : groups ) {
396 				groupIds.add( group.getGroupId() );
397 			}
398 			addGroupIdsForPrincipalToCache( principalId, groupIds );
399 		}
400 	}
401 
402 	protected void addIsMemberOfGroupToCache( String principalId, String groupId, boolean member ) {
403 		isMemberOfGroupCache.put( principalId + "-" + groupId, new MaxAgeSoftReference<Boolean>( groupCacheMaxAgeSeconds, member ) );
404 	}
405 
406 	protected void addIsGroupMemberOfGroupToCache( String potentialMemberId, String potentialParentId, boolean member )
407 	{
408         isMemberOfGroupCache.put( potentialMemberId + "-" + potentialParentId, new MaxAgeSoftReference<Boolean>( groupCacheMaxAgeSeconds, member ) );
409     }
410 
411 	protected void addGroupMemberPrincipalIdsToCache( String groupId, List<String> ids ) {
412 		if ( ids != null ) {
413 			groupMemberPrincipalIdsCache.put( groupId, new MaxAgeSoftReference<List<String>>( groupCacheMaxAgeSeconds, ids ) );
414 		}
415 	}
416 
417 	protected void addHasPermissionToCache( String key, boolean hasPerm ) {
418 		hasPermissionCache.put( key, new MaxAgeSoftReference<Boolean>( permissionCacheMaxAgeSeconds, hasPerm ) );
419 	}
420 
421 	protected void addHasPermissionByTemplateToCache( String key, boolean hasPerm ) {
422 		hasPermissionByTemplateCache.put( key, new MaxAgeSoftReference<Boolean>( permissionCacheMaxAgeSeconds, hasPerm ) );
423 	}
424 
425 	protected void addIsAuthorizedByTemplateNameToCache( String key, boolean authorized ) {
426 		isAuthorizedByTemplateNameCache.put( key, new MaxAgeSoftReference<Boolean>( permissionCacheMaxAgeSeconds, authorized ) );
427 	}
428 
429 	protected void addIsAuthorizedToCache( String key, boolean authorized ) {
430 		isAuthorizedCache.put( key, new MaxAgeSoftReference<Boolean>( permissionCacheMaxAgeSeconds, authorized ) );
431 	}
432 
433 	// AUTHENTICATION SERVICE
434 
435 	public String getAuthenticatedPrincipalName(HttpServletRequest request) {
436 		return getAuthenticationService().getPrincipalName(request);
437 	}
438 
439     // AUTHORIZATION SERVICE
440     @Transactional(readOnly=true)
441     public boolean hasPermission(String principalId, String namespaceCode, String permissionName, AttributeSet permissionDetails) {
442     	if ( LOG.isDebugEnabled() ) {
443     		logHasPermissionCheck("Permission", principalId, namespaceCode, permissionName, permissionDetails);
444     	}
445     	StringBuffer cacheKey = new StringBuffer();
446     	cacheKey.append( principalId ).append(  '/' );
447     	cacheKey.append( namespaceCode ).append( '-' ).append( permissionName ).append( '/' );
448     	addAttributeSetToKey( permissionDetails, cacheKey );
449     	String key = cacheKey.toString();
450     	Boolean hasPerm = getHasPermissionCache(key);
451 		if (hasPerm == null) {
452 			hasPerm = getPermissionService().hasPermission( principalId, namespaceCode, permissionName, permissionDetails );
453 	    	addHasPermissionToCache(key, hasPerm);
454     		if ( LOG.isDebugEnabled() ) {
455     			LOG.debug( "Result: " + hasPerm );
456     		}
457 		} else {
458 			if ( LOG.isDebugEnabled() ) {
459 				LOG.debug( "Result Found in cache using key: " + key + "\nResult: " + hasPerm );
460 			}
461 		}
462     	return hasPerm;
463     }
464 
465     @Transactional(readOnly=true)
466     public boolean isAuthorized(String principalId, String namespaceCode, String permissionName, AttributeSet permissionDetails, AttributeSet qualification ) {
467     	if ( qualification == null || qualification.isEmpty() ) {
468     		return hasPermission( principalId, namespaceCode, permissionName, permissionDetails );
469     	}
470     	if ( LOG.isDebugEnabled() ) {
471     		logAuthorizationCheck("Permission", principalId, namespaceCode, permissionName, permissionDetails, qualification);
472     	}
473     	StringBuffer cacheKey = new StringBuffer();
474     	cacheKey.append( principalId ).append(  '/' );
475     	cacheKey.append( namespaceCode ).append( '-' ).append( permissionName ).append( '/' );
476     	addAttributeSetToKey( permissionDetails, cacheKey );
477     	cacheKey.append( '/' );
478     	addAttributeSetToKey( qualification, cacheKey );
479     	String key = cacheKey.toString();
480     	Boolean isAuthorized = getIsAuthorizedFromCache( key );
481     	if ( isAuthorized == null ) {
482     		isAuthorized = getPermissionService().isAuthorized( principalId, namespaceCode, permissionName, permissionDetails, qualification );
483     		addIsAuthorizedToCache( key, isAuthorized );
484     		if ( LOG.isDebugEnabled() ) {
485     			LOG.debug( "Result: " + isAuthorized );
486     		}
487 		} else {
488 			if ( LOG.isDebugEnabled() ) {
489 				LOG.debug( "Result Found in cache using key: " + key + "\nResult: " + isAuthorized );
490 			}
491     	}
492     	return isAuthorized;
493     }
494 
495     @Transactional(readOnly=true)
496     public boolean hasPermissionByTemplateName(String principalId, String namespaceCode, String permissionTemplateName, AttributeSet permissionDetails) {
497     	if ( LOG.isDebugEnabled() ) {
498     		logHasPermissionCheck("Perm Templ", principalId, namespaceCode, permissionTemplateName, permissionDetails);
499     	}
500     	StringBuffer cacheKey = new StringBuffer();
501     	cacheKey.append( principalId ).append(  '/' );
502     	cacheKey.append( namespaceCode ).append( '-' ).append( permissionTemplateName ).append( '/' );
503     	addAttributeSetToKey( permissionDetails, cacheKey );
504     	String key = cacheKey.toString();
505     	Boolean hasPerm = getHasPermissionByTemplateCache(key);
506 		if (hasPerm == null) {
507 			hasPerm = getPermissionService().hasPermissionByTemplateName( principalId, namespaceCode, permissionTemplateName, permissionDetails );
508 	    	addHasPermissionByTemplateToCache(key, hasPerm);
509     		if ( LOG.isDebugEnabled() ) {
510     			LOG.debug( "Result: " + hasPerm );
511     		}
512 		} else {
513 			if ( LOG.isDebugEnabled() ) {
514 				LOG.debug( "Result Found in cache using key: " + key + "\nResult: " + hasPerm );
515 			}
516 		}
517     	return hasPerm;
518     }
519     
520     @Transactional(readOnly=true)
521     public boolean isAuthorizedByTemplateName(String principalId, String namespaceCode, String permissionTemplateName, AttributeSet permissionDetails, AttributeSet qualification ) {
522     	if ( qualification == null || qualification.isEmpty() ) {
523     		return hasPermissionByTemplateName( principalId, namespaceCode, permissionTemplateName, permissionDetails );
524     	}
525     	if ( LOG.isDebugEnabled() ) {
526     		logAuthorizationCheck("Perm Templ", principalId, namespaceCode, permissionTemplateName, permissionDetails, qualification);
527     	}
528     	StringBuffer cacheKey = new StringBuffer();
529     	cacheKey.append( principalId ).append(  '/' );
530     	cacheKey.append( namespaceCode ).append( '-' ).append( permissionTemplateName ).append( '/' );
531     	addAttributeSetToKey( permissionDetails, cacheKey );
532     	cacheKey.append( '/' );
533     	addAttributeSetToKey( qualification, cacheKey );
534     	String key = cacheKey.toString();
535     	Boolean isAuthorized = getIsAuthorizedByTemplateNameFromCache( key );
536     	if ( isAuthorized == null ) {
537     		isAuthorized = getPermissionService().isAuthorizedByTemplateName( principalId, namespaceCode, permissionTemplateName, permissionDetails, qualification );
538     		addIsAuthorizedByTemplateNameToCache( key, isAuthorized );
539     		if ( LOG.isDebugEnabled() ) {
540     			LOG.debug( "Result: " + isAuthorized );
541     		}
542 		} else {
543 			if ( LOG.isDebugEnabled() ) {
544 				LOG.debug( "Result Found in cache using key: " + key + "\nResult: " + isAuthorized );
545 			}
546     	}
547     	return isAuthorized;
548     }
549 
550 	private void addAttributeSetToKey(AttributeSet attributes, StringBuffer key) {
551 		if ( attributes != null ) {
552 			for ( Map.Entry<String, String> entry : attributes.entrySet() ) {
553 				key.append( entry.getKey() ).append( '=' ).append( entry.getValue() ).append('|');
554 	    	}
555 		} else {
556 			key.append( "[null]" );
557 		}
558 	}
559 
560     /**
561      * @see org.kuali.rice.kim.service.IdentityManagementService#getAuthorizedPermissions(java.lang.String, String, java.lang.String, org.kuali.rice.kim.bo.types.dto.AttributeSet, org.kuali.rice.kim.bo.types.dto.AttributeSet)
562      */
563     public List<? extends KimPermissionInfo> getAuthorizedPermissions(String principalId,
564     		String namespaceCode, String permissionName, AttributeSet permissionDetails, AttributeSet qualification) {
565     	return getPermissionService().getAuthorizedPermissions( principalId, namespaceCode, permissionName, permissionDetails, qualification );
566     }
567     @Transactional(readOnly=true)
568     public List<? extends KimPermissionInfo> getAuthorizedPermissionsByTemplateName(String principalId,
569     		String namespaceCode, String permissionTemplateName, AttributeSet permissionDetails, AttributeSet qualification) {
570     	return getPermissionService().getAuthorizedPermissionsByTemplateName(principalId, namespaceCode, permissionTemplateName, permissionDetails, qualification);
571     }
572     
573     @Transactional(readOnly=true)
574     public boolean isPermissionDefinedForTemplateName(String namespaceCode, String permissionTemplateName, AttributeSet permissionDetails) {
575     	StringBuffer key = new StringBuffer();
576     	key.append( namespaceCode ).append( '-' ).append( permissionTemplateName ).append( '/' );
577         addAttributeSetToKey(permissionDetails, key);
578         MaxAgeSoftReference<Boolean> resultEntry = isPermissionDefinedForTemplateNameCache.get(key.toString());
579         if ( resultEntry != null ) {
580             Boolean result = resultEntry.get();
581             if ( result != null ) {
582                 return result;
583             }
584         }
585         boolean result = getPermissionService().isPermissionDefinedForTemplateName(namespaceCode, permissionTemplateName, permissionDetails);
586         isPermissionDefinedForTemplateNameCache.put(key.toString(),new MaxAgeSoftReference<Boolean>( permissionCacheMaxAgeSeconds, result ));
587         return result;
588     }
589 
590 
591 	public List<PermissionAssigneeInfo> getPermissionAssignees(String namespaceCode,
592 			String permissionName, AttributeSet permissionDetails, AttributeSet qualification) {
593 		return this.permissionService.getPermissionAssignees( namespaceCode, permissionName,
594 				permissionDetails, qualification );
595 	}
596 
597 	public List<PermissionAssigneeInfo> getPermissionAssigneesForTemplateName(String namespaceCode,
598 			String permissionTemplateName, AttributeSet permissionDetails,
599 			AttributeSet qualification) {
600 		return this.permissionService.getPermissionAssigneesForTemplateName( namespaceCode,
601 				permissionTemplateName, permissionDetails, qualification );
602 	}
603 
604     // GROUP SERVICE
605 
606 	public boolean isMemberOfGroup(String principalId, String groupId) {
607     	Boolean isMember = getIsMemberOfGroupCache(principalId, groupId);
608 		if (isMember != null) {
609 			return isMember;
610 		}
611 		isMember = getGroupService().isMemberOfGroup(principalId, groupId);
612     	addIsMemberOfGroupToCache(principalId, groupId, isMember);
613     	return isMember;
614 	}
615 
616 	public boolean isMemberOfGroup(String principalId, String namespaceCode, String groupName) {
617 		GroupInfo group = getGroupByName(namespaceCode, groupName);
618 		if ( group == null ) {
619 			return false;
620 		}
621 		return isMemberOfGroup(principalId, group.getGroupId());
622     }
623 
624 	public boolean isGroupMemberOfGroup(String potentialMemberId, String potentialParentId)
625 	{
626 	    Boolean isMember = getIsGroupMemberOfGroupCache(potentialMemberId, potentialParentId);
627 	    if(isMember != null)
628 	    {
629 	        return isMember;
630 	    }
631 	    else
632         {
633 	        isMember = getGroupService()
634 	                .isGroupMemberOfGroup(potentialMemberId, potentialParentId);
635         }
636 	    addIsGroupMemberOfGroupToCache(potentialMemberId, potentialParentId, isMember);
637 	    return isMember;
638 	}
639 	public List<String> getGroupMemberPrincipalIds(String groupId) {
640     	List<String> ids = getGroupMemberPrincipalIdsCache(groupId);
641 		if (ids != null) {
642 			return ids;
643 		}
644 		ids = getGroupService().getMemberPrincipalIds(groupId);
645     	addGroupMemberPrincipalIdsToCache(groupId, ids);
646     	return ids;
647 	}
648 
649 	public List<String> getDirectGroupMemberPrincipalIds(String groupId) {
650 		return getGroupService().getDirectMemberPrincipalIds(groupId);
651 	}
652 
653     public List<String> getGroupIdsForPrincipal(String principalId) {
654     	List<String> ids = getGroupIdsForPrincipalCache(principalId);
655 		if (ids != null) {
656 			return ids;
657 		}
658 		ids = getGroupService().getGroupIdsForPrincipal(principalId);
659     	addGroupIdsForPrincipalToCache(principalId, ids);
660     	return ids;
661 	}
662 
663     public List<String> getGroupIdsForPrincipal(String principalId, String namespaceCode ) {
664 		return getGroupService().getGroupIdsForPrincipalByNamespace(principalId, namespaceCode );
665 	}
666 
667     public List<? extends GroupInfo> getGroupsForPrincipal(String principalId) {
668     	List<? extends GroupInfo> groups = getGroupsForPrincipalCache(principalId);
669 		if (groups != null) {
670 			return groups;
671 		}
672 		groups = getGroupService().getGroupsForPrincipal(principalId);
673     	addGroupsForPrincipalToCache(principalId, groups);
674     	return groups;
675 	}
676 
677     public List<? extends GroupInfo> getGroupsForPrincipal(String principalId, String namespaceCode ) {
678     	List<? extends GroupInfo> groups = getGroupsForPrincipalCache(principalId + "-" + namespaceCode);
679 		if (groups != null) {
680 			return groups;
681 		}
682 		groups = getGroupService().getGroupsForPrincipalByNamespace(principalId, namespaceCode );
683     	addGroupsForPrincipalToCache(principalId, groups);
684     	return groups;
685 	}
686 
687     public List<String> getMemberGroupIds(String groupId) {
688 		return getGroupService().getMemberGroupIds(groupId);
689 	}
690 
691     public List<String> getDirectMemberGroupIds(String groupId) {
692 		return getGroupService().getDirectMemberGroupIds(groupId);
693 	}
694 
695     public GroupInfo getGroup(String groupId) {
696     	GroupInfo group = getGroupByIdCache(groupId);
697 		if (group != null) {
698 			return group;
699 		}
700 		group = getGroupService().getGroupInfo(groupId);
701     	addGroupToCache(group);
702     	return group;
703 	}
704 
705     public GroupInfo getGroupByName(String namespaceCode, String groupName) {
706     	GroupInfo group = getGroupByNameCache(namespaceCode + "-" + groupName);
707 		if (group != null) {
708 			return group;
709 		}
710 		group = getGroupService().getGroupInfoByName( namespaceCode, groupName );
711     	addGroupToCache(group);
712     	return group;
713     }
714 
715     public List<String> getParentGroupIds(String groupId) {
716 		return getGroupService().getParentGroupIds( groupId );
717 	}
718 
719     public List<String> getDirectParentGroupIds(String groupId) {
720 		return getGroupService().getDirectParentGroupIds( groupId );
721 	}
722 
723     protected void clearGroupCachesForPrincipalAndGroup( String principalId, String groupId ) {
724     	if ( principalId != null ) {
725 	    	groupIdsForPrincipalCache.remove(principalId);
726 	    	groupsForPrincipalCache.remove(principalId);
727 	    	isMemberOfGroupCache.remove(principalId + "-" + groupId);
728     	} else {
729     		// added or removed a group - perform a more extensive purge
730     		synchronized (isMemberOfGroupCache) {
731     		Iterator<String> keys = isMemberOfGroupCache.keySet().iterator();
732     		while ( keys.hasNext() ) {
733     			String key = keys.next();
734     			if ( key.endsWith("-"+groupId) ) {
735     				keys.remove();
736     			}
737     		}
738 			}
739     		// NOTE: There's no good way to selectively purge the other two group caches or the permission caches which could be
740     		// affected - is this necessary or do we just wait for the cache items to expire
741     	}
742     	groupMemberPrincipalIdsCache.remove(groupId);
743     }
744 
745 
746     public boolean addGroupToGroup(String childId, String parentId) {
747     	clearGroupCachesForPrincipalAndGroup(null, parentId);
748         return getGroupUpdateService().addGroupToGroup(childId, parentId);
749     }
750 
751     public boolean addPrincipalToGroup(String principalId, String groupId) {
752     	clearGroupCachesForPrincipalAndGroup(principalId, groupId);
753         return getGroupUpdateService().addPrincipalToGroup(principalId, groupId);
754     }
755 
756     public boolean removeGroupFromGroup(String childId, String parentId) {
757     	clearGroupCachesForPrincipalAndGroup(null, parentId);
758         return getGroupUpdateService().removeGroupFromGroup(childId, parentId);
759     }
760 
761     public boolean removePrincipalFromGroup(String principalId, String groupId) {
762     	clearGroupCachesForPrincipalAndGroup(principalId, groupId);
763         return getGroupUpdateService().removePrincipalFromGroup(principalId, groupId);
764     }
765 
766     /**
767 	 * This delegate method ...
768 	 *
769 	 * @param groupInfo
770 	 * @return
771 	 * @see org.kuali.rice.kim.service.GroupUpdateService#createGroup(org.kuali.rice.kim.bo.group.dto.GroupInfo)
772 	 */
773 	public GroupInfo createGroup(GroupInfo groupInfo) {
774     	clearGroupCachesForPrincipalAndGroup(null,groupInfo.getGroupId());
775 		return getGroupUpdateService().createGroup(groupInfo);
776 	}
777 
778 	/**
779 	 * This delegate method ...
780 	 *
781 	 * @param groupId
782 	 * @see org.kuali.rice.kim.service.GroupUpdateService#removeAllGroupMembers(java.lang.String)
783 	 */
784 	public void removeAllGroupMembers(String groupId) {
785     	clearGroupCachesForPrincipalAndGroup(null, groupId);
786 		getGroupUpdateService().removeAllGroupMembers(groupId);
787 	}
788 
789 	/**
790 	 * This delegate method ...
791 	 *
792 	 * @param groupId
793 	 * @param groupInfo
794 	 * @return
795 	 * @see org.kuali.rice.kim.service.GroupUpdateService#updateGroup(java.lang.String, org.kuali.rice.kim.bo.group.dto.GroupInfo)
796 	 */
797 	public GroupInfo updateGroup(String groupId, GroupInfo groupInfo) {
798     	clearGroupCachesForPrincipalAndGroup(null, groupId);
799 		return getGroupUpdateService().updateGroup(groupId, groupInfo);
800 	}
801 
802 
803     // IDENTITY SERVICE
804 
805 	public KimPrincipalInfo getPrincipal(String principalId) {
806     	KimPrincipalInfo principal = getPrincipalByIdCache(principalId);
807 		if (principal != null) {
808 			return principal;
809 		}
810 		principal = getIdentityService().getPrincipal(principalId);
811     	addPrincipalToCache(principal);
812     	return principal;
813 	}
814 	@Transactional(readOnly=true)
815     public KimPrincipalInfo getPrincipalByPrincipalName(String principalName) {
816     	KimPrincipalInfo principal = getPrincipalByNameCache(principalName);
817 		if (principal != null) {
818 			return principal;
819 		}
820 		principal = getIdentityService().getPrincipalByPrincipalName(principalName);
821     	addPrincipalToCache(principal);
822     	return principal;
823     }
824 
825     /**
826      * @see org.kuali.rice.kim.service.IdentityManagementService#getPrincipalByPrincipalNameAndPassword(java.lang.String, java.lang.String)
827      */
828     public KimPrincipalInfo getPrincipalByPrincipalNameAndPassword(String principalName, String password) {
829     	// TODO: cache this?
830     	return getIdentityService().getPrincipalByPrincipalNameAndPassword( principalName, password );
831     }
832 
833     /**
834      * This overridden method ...
835      *
836      * @see org.kuali.rice.kim.service.IdentityManagementService#getEntityDefaultInfo(java.lang.String)
837      */
838     public KimEntityDefaultInfo getEntityDefaultInfo(String entityId) {
839     	KimEntityDefaultInfo entity = getEntityDefaultInfoFromCache( entityId );
840     	if ( entity == null ) {
841     		entity = getIdentityService().getEntityDefaultInfo(entityId);
842     		addEntityDefaultInfoToCache( entity );
843     	}
844     	return entity;
845     }
846 
847     /**
848      * This overridden method ...
849      *
850      * @see org.kuali.rice.kim.service.IdentityManagementService#getEntityDefaultInfoByPrincipalId(java.lang.String)
851      */
852     @Transactional(readOnly=true)
853     public KimEntityDefaultInfo getEntityDefaultInfoByPrincipalId(
854     		String principalId) {
855     	KimEntityDefaultInfo entity = getEntityDefaultInfoFromCacheByPrincipalId( principalId );
856     	if ( entity == null ) {
857 	    	entity = getIdentityService().getEntityDefaultInfoByPrincipalId(principalId);
858 			addEntityDefaultInfoToCache( entity );
859     	}
860     	return entity;
861     }
862 
863     /**
864      * This overridden method ...
865      *
866      * @see org.kuali.rice.kim.service.IdentityManagementService#getEntityDefaultInfoByPrincipalName(java.lang.String)
867      */
868     public KimEntityDefaultInfo getEntityDefaultInfoByPrincipalName(
869     		String principalName) {
870     	KimEntityDefaultInfo entity = getEntityDefaultInfoFromCacheByPrincipalName( principalName );
871     	if ( entity == null ) {
872 	    	entity = getIdentityService().getEntityDefaultInfoByPrincipalName(principalName);
873 			addEntityDefaultInfoToCache( entity );
874     	}
875     	return entity;
876     }
877 
878     /**
879      * This overridden method ...
880      *
881      * @see org.kuali.rice.kim.service.IdentityManagementService#lookupEntityDefaultInfo(Map, boolean)
882      */
883     @Transactional(readOnly=true)
884     public List<? extends KimEntityDefaultInfo> lookupEntityDefaultInfo(
885     		Map<String, String> searchCriteria, boolean unbounded) {
886     	return getIdentityService().lookupEntityDefaultInfo(searchCriteria, unbounded);
887     }
888 
889 
890     /**
891 	 * @see org.kuali.rice.kim.service.IdentityManagementService#getEntityInfo(java.lang.String)
892 	 */
893 	public KimEntityInfo getEntityInfo(String entityId) {
894     	KimEntityInfo entity = getEntityInfoFromCache( entityId );
895     	if ( entity == null ) {
896     		entity = getIdentityService().getEntityInfo(entityId);
897     		addEntityInfoToCache( entity );
898     	}
899     	return entity;
900 	}
901 
902 	/**
903 	 * @see org.kuali.rice.kim.service.IdentityManagementService#getEntityInfoByPrincipalId(java.lang.String)
904 	 */
905 	@Transactional(readOnly=true)
906 	public KimEntityInfo getEntityInfoByPrincipalId(String principalId) {
907     	KimEntityInfo entity = getEntityInfoFromCacheByPrincipalId( principalId );
908     	if ( entity == null ) {
909 	    	entity = getIdentityService().getEntityInfoByPrincipalId(principalId);
910 			addEntityInfoToCache( entity );
911     	}
912     	return entity;
913 	}
914 
915 	/**
916 	 * This overridden method ...
917 	 *
918 	 * @see org.kuali.rice.kim.service.IdentityManagementService#getEntityInfoByPrincipalName(java.lang.String)
919 	 */
920 	public KimEntityInfo getEntityInfoByPrincipalName(String principalName) {
921 		KimEntityInfo entity = getEntityInfoFromCacheByPrincipalName( principalName );
922     	if ( entity == null ) {
923 	    	entity = getIdentityService().getEntityInfoByPrincipalName( principalName );
924 			addEntityInfoToCache( entity );
925     	}
926     	return entity;
927 	}
928 
929 	/**
930 	 * @see org.kuali.rice.kim.service.IdentityManagementService#lookupEntityInfo(java.util.Map, boolean)
931 	 */
932     @Transactional(readOnly=true)
933 	public List<KimEntityInfo> lookupEntityInfo(
934 			Map<String, String> searchCriteria, boolean unbounded) {
935 		return getIdentityService().lookupEntityInfo(searchCriteria, unbounded);
936 	}
937 
938 	/**
939      * @see org.kuali.rice.kim.service.IdentityManagementService#getMatchingEntityCount(java.util.Map)
940      */
941     public int getMatchingEntityCount(Map<String,String> searchCriteria) {
942     	return getIdentityService().getMatchingEntityCount( searchCriteria );
943     }
944 
945 	public AddressTypeInfo getAddressType( String code ) {
946 		AddressTypeInfo type = (AddressTypeInfo)kimReferenceTypeCache.get(AddressTypeInfo.class.getSimpleName()+"-"+code);
947 		if ( type == null ) {
948 			type = getIdentityService().getAddressType(code);
949 			kimReferenceTypeCache.put(AddressTypeInfo.class.getSimpleName()+"-"+code, type);
950 		}
951 		return type;
952 	}
953 	public AffiliationTypeInfo getAffiliationType( String code ) {
954 		AffiliationTypeInfo type = (AffiliationTypeInfo)kimReferenceTypeCache.get(AffiliationTypeInfo.class.getSimpleName()+"-"+code);
955 		if ( type == null ) {
956 			type = getIdentityService().getAffiliationType(code);
957 			kimReferenceTypeCache.put(AddressTypeInfo.class.getSimpleName()+"-"+code, type);
958 		}
959 		return type;
960 	}
961 	public CitizenshipStatusInfo getCitizenshipStatus( String code ) {
962 		CitizenshipStatusInfo type = (CitizenshipStatusInfo)kimReferenceTypeCache.get(CitizenshipStatusInfo.class.getSimpleName()+"-"+code);
963 		if ( type == null ) {
964 			type = getIdentityService().getCitizenshipStatus(code);
965 			kimReferenceTypeCache.put(CitizenshipStatusInfo.class.getSimpleName()+"-"+code, type);
966 		}
967 		return type;
968 	}
969 	public EmailTypeInfo getEmailType( String code ) {
970 		EmailTypeInfo type = (EmailTypeInfo)kimReferenceTypeCache.get(EmailTypeInfo.class.getSimpleName()+"-"+code);
971 		if ( type == null ) {
972 			type = getIdentityService().getEmailType(code);
973 			kimReferenceTypeCache.put(EmailTypeInfo.class.getSimpleName()+"-"+code, type);
974 		}
975 		return type;
976 	}
977 	public EmploymentStatusInfo getEmploymentStatus( String code ) {
978 		EmploymentStatusInfo type = (EmploymentStatusInfo)kimReferenceTypeCache.get(EmploymentStatusInfo.class.getSimpleName()+"-"+code);
979 		if ( type == null ) {
980 			type = getIdentityService().getEmploymentStatus(code);
981 			kimReferenceTypeCache.put(EmploymentStatusInfo.class.getSimpleName()+"-"+code, type);
982 		}
983 		return type;
984 	}
985 	public EmploymentTypeInfo getEmploymentType( String code ) {
986 		EmploymentTypeInfo type = (EmploymentTypeInfo)kimReferenceTypeCache.get(EmploymentTypeInfo.class.getSimpleName()+"-"+code);
987 		if ( type == null ) {
988 			type = getIdentityService().getEmploymentType(code);
989 			kimReferenceTypeCache.put(EmploymentTypeInfo.class.getSimpleName()+"-"+code, type);
990 		}
991 		return type;
992 	}
993 	public EntityNameTypeInfo getEntityNameType( String code ) {
994 		EntityNameTypeInfo type = (EntityNameTypeInfo)kimReferenceTypeCache.get(EntityNameTypeInfo.class.getSimpleName()+"-"+code);
995 		if ( type == null ) {
996 			type = getIdentityService().getEntityNameType(code);
997 			kimReferenceTypeCache.put(EntityNameTypeInfo.class.getSimpleName()+"-"+code, type);
998 		}
999 		return type;
1000 	}
1001 	public EntityTypeInfo getEntityType( String code ) {
1002 		EntityTypeInfo type = (EntityTypeInfo)kimReferenceTypeCache.get(EntityTypeInfo.class.getSimpleName()+"-"+code);
1003 		if ( type == null ) {
1004 			type = getIdentityService().getEntityType(code);
1005 			kimReferenceTypeCache.put(EntityTypeInfo.class.getSimpleName()+"-"+code, type);
1006 		}
1007 		return type;
1008 	}
1009 	public ExternalIdentifierTypeInfo getExternalIdentifierType( String code ) {
1010 		ExternalIdentifierTypeInfo type = (ExternalIdentifierTypeInfo)kimReferenceTypeCache.get(ExternalIdentifierTypeInfo.class.getSimpleName()+"-"+code);
1011 		if ( type == null ) {
1012 			type = getIdentityService().getExternalIdentifierType(code);
1013 			kimReferenceTypeCache.put(ExternalIdentifierTypeInfo.class.getSimpleName()+"-"+code, type);
1014 		}
1015 		return type;
1016 	}
1017 	public PhoneTypeInfo getPhoneType( String code ) {
1018 		PhoneTypeInfo type = (PhoneTypeInfo)kimReferenceTypeCache.get(PhoneTypeInfo.class.getSimpleName()+"-"+code);
1019 		if ( type == null ) {
1020 			type = getIdentityService().getPhoneType(code);
1021 			kimReferenceTypeCache.put(PhoneTypeInfo.class.getSimpleName()+"-"+code, type);
1022 		}
1023 		return type;
1024 	}
1025 
1026 	// OTHER METHODS
1027 
1028 
1029 
1030 	public AuthenticationService getAuthenticationService() {
1031 		if ( authenticationService == null ) {
1032 			authenticationService = KIMServiceLocator.getAuthenticationService();
1033 		}
1034 		return authenticationService;
1035 	}
1036 
1037 	public IdentityService getIdentityService() {
1038 		if ( identityService == null ) {
1039 			identityService = KIMServiceLocator.getIdentityService();
1040 		}
1041 		return identityService;
1042 	}
1043 
1044 	public GroupService getGroupService() {
1045 		if ( groupService == null ) {
1046 			groupService = KIMServiceLocator.getGroupService();
1047 		}
1048 		return groupService;
1049 	}
1050 
1051 	public PermissionService getPermissionService() {
1052 		if ( permissionService == null ) {
1053 			permissionService = KIMServiceLocator.getPermissionService();
1054 		}
1055 		return permissionService;
1056 	}
1057 
1058 	public ResponsibilityService getResponsibilityService() {
1059 		if ( responsibilityService == null ) {
1060 			responsibilityService = KIMServiceLocator.getResponsibilityService();
1061 		}
1062 		return responsibilityService;
1063 	}
1064 
1065     // ----------------------
1066     // Responsibility Methods
1067     // ----------------------
1068 
1069 	/**
1070 	 * @see org.kuali.rice.kim.service.IdentityManagementService#getResponsibility(java.lang.String)
1071 	 */
1072 	public KimResponsibilityInfo getResponsibility(String responsibilityId) {
1073 		return getResponsibilityService().getResponsibility( responsibilityId );
1074 	}
1075 
1076 	/**
1077 	 * @see org.kuali.rice.kim.service.IdentityManagementService#hasResponsibility(java.lang.String, String, java.lang.String, AttributeSet, AttributeSet)
1078 	 */
1079     @Transactional(readOnly=true)
1080 	public boolean hasResponsibility(String principalId, String namespaceCode,
1081 			String responsibilityName, AttributeSet qualification,
1082 			AttributeSet responsibilityDetails) {
1083 		return getResponsibilityService().hasResponsibility( principalId, namespaceCode, responsibilityName, qualification, responsibilityDetails );
1084 	}
1085 
1086 	public List<? extends KimResponsibilityInfo> getResponsibilitiesByName( String namespaceCode, String responsibilityName) {
1087 		return getResponsibilityService().getResponsibilitiesByName( namespaceCode, responsibilityName );
1088 	}
1089 
1090 	public List<ResponsibilityActionInfo> getResponsibilityActions( String namespaceCode, String responsibilityName,
1091     		AttributeSet qualification, AttributeSet responsibilityDetails) {
1092 		return getResponsibilityService().getResponsibilityActions( namespaceCode, responsibilityName, qualification, responsibilityDetails );
1093 	}
1094 
1095 	/**
1096 	 * This overridden method ...
1097 	 *
1098 	 * @see org.kuali.rice.kim.service.IdentityManagementService#getResponsibilityActionsByTemplateName(java.lang.String, java.lang.String, org.kuali.rice.kim.bo.types.dto.AttributeSet, org.kuali.rice.kim.bo.types.dto.AttributeSet)
1099 	 */
1100 	public List<ResponsibilityActionInfo> getResponsibilityActionsByTemplateName(
1101 			String namespaceCode, String responsibilityTemplateName,
1102 			AttributeSet qualification, AttributeSet responsibilityDetails) {
1103 		return getResponsibilityService().getResponsibilityActionsByTemplateName(namespaceCode, responsibilityTemplateName, qualification, responsibilityDetails);
1104 	}
1105 
1106 	/**
1107 	 * This overridden method ...
1108 	 *
1109 	 * @see org.kuali.rice.kim.service.IdentityManagementService#hasResponsibilityByTemplateName(java.lang.String, java.lang.String, java.lang.String, org.kuali.rice.kim.bo.types.dto.AttributeSet, org.kuali.rice.kim.bo.types.dto.AttributeSet)
1110 	 */
1111     @Transactional(readOnly=true)
1112 	public boolean hasResponsibilityByTemplateName(String principalId,
1113 			String namespaceCode, String responsibilityTemplateName,
1114 			AttributeSet qualification, AttributeSet responsibilityDetails) {
1115 		return getResponsibilityService().hasResponsibilityByTemplateName(principalId, namespaceCode, responsibilityTemplateName, qualification, responsibilityDetails);
1116 	}
1117 
1118 	public void setEntityPrincipalCacheMaxSize(int entityPrincipalCacheMaxSize) {
1119 		this.entityPrincipalCacheMaxSize = entityPrincipalCacheMaxSize;
1120 	}
1121 
1122 	public void setEntityPrincipalCacheMaxAgeSeconds(int entityPrincipalCacheMaxAge) {
1123 		this.entityPrincipalCacheMaxAgeSeconds = entityPrincipalCacheMaxAge;
1124 	}
1125 
1126 	public void setGroupCacheMaxSize(int groupCacheMaxSize) {
1127 		this.groupCacheMaxSize = groupCacheMaxSize;
1128 	}
1129 
1130 	public void setGroupCacheMaxAgeSeconds(int groupCacheMaxAge) {
1131 		this.groupCacheMaxAgeSeconds = groupCacheMaxAge;
1132 	}
1133 
1134 	public void setPermissionCacheMaxSize(int permissionCacheMaxSize) {
1135 		this.permissionCacheMaxSize = permissionCacheMaxSize;
1136 	}
1137 
1138 	public void setPermissionCacheMaxAgeSeconds(int permissionCacheMaxAge) {
1139 		this.permissionCacheMaxAgeSeconds = permissionCacheMaxAge;
1140 	}
1141 
1142 	public void setResponsibilityCacheMaxSize(int responsibilityCacheMaxSize) {
1143 		this.responsibilityCacheMaxSize = responsibilityCacheMaxSize;
1144 	}
1145 
1146 	public void setResponsibilityCacheMaxAgeSeconds(int responsibilityCacheMaxAge) {
1147 		this.responsibilityCacheMaxAgeSeconds = responsibilityCacheMaxAge;
1148 	}
1149 
1150     protected void logAuthorizationCheck(String checkType, String principalId, String namespaceCode, String permissionName, AttributeSet permissionDetails, AttributeSet qualification ) {
1151 		StringBuilder sb = new StringBuilder();
1152 		sb.append(  '\n' );
1153 		sb.append( "Is AuthZ for " ).append( checkType ).append( ": " ).append( namespaceCode ).append( "/" ).append( permissionName ).append( '\n' );
1154 		sb.append( "             Principal:  " ).append( principalId );
1155 		if ( principalId != null ) {
1156 			KimPrincipalInfo principal = getPrincipal( principalId );
1157 			if ( principal != null ) {
1158 				sb.append( " (" ).append( principal.getPrincipalName() ).append( ')' );
1159 			}
1160 		}
1161 		sb.append( '\n' );
1162 		sb.append( "             Details:\n" );
1163 		if ( permissionDetails != null ) {
1164 			sb.append( permissionDetails.formattedDump( 25 ) );
1165 		} else {
1166 			sb.append( "                         [null]\n" );
1167 		}
1168 		sb.append( "             Qualifiers:\n" );
1169 		if ( qualification != null && !qualification.isEmpty() ) {
1170 			sb.append( qualification.formattedDump( 25 ) );
1171 		} else {
1172 			sb.append( "                         [null]\n" );
1173 		}
1174 		if (LOG.isTraceEnabled()) {
1175 			LOG.trace( sb.append( RiceDebugUtils.getTruncatedStackTrace(true)).toString() );
1176 		} else {
1177 			LOG.debug(sb.toString());
1178 		}
1179     }
1180 
1181     protected void logHasPermissionCheck(String checkType, String principalId, String namespaceCode, String permissionName, AttributeSet permissionDetails ) {
1182 		StringBuilder sb = new StringBuilder();
1183 		sb.append(  '\n' );
1184 		sb.append( "Has Perm for " ).append( checkType ).append( ": " ).append( namespaceCode ).append( "/" ).append( permissionName ).append( '\n' );
1185 		sb.append( "             Principal:  " ).append( principalId );
1186 		if ( principalId != null ) {
1187 			KimPrincipalInfo principal = getPrincipal( principalId );
1188 			if ( principal != null ) {
1189 				sb.append( " (" ).append( principal.getPrincipalName() ).append( ')' );
1190 			}
1191 		}
1192 		sb.append(  '\n' );
1193 		sb.append( "             Details:\n" );
1194 		if ( permissionDetails != null ) {
1195 			sb.append( permissionDetails.formattedDump( 25 ) );
1196 		} else {
1197 			sb.append( "                         [null]\n" );
1198 		}
1199 		if (LOG.isTraceEnabled()) {
1200 			LOG.trace( sb.append( RiceDebugUtils.getTruncatedStackTrace(true)).toString() );
1201 		} else {
1202 			LOG.debug(sb.toString());
1203 		}
1204     }
1205 
1206 	public GroupUpdateService getGroupUpdateService() {
1207 		try {
1208 			if ( groupUpdateService == null ) {
1209 				groupUpdateService = KIMServiceLocator.getGroupUpdateService();
1210 				if ( groupUpdateService == null ) {
1211 					throw new UnsupportedOperationException( "null returned for GroupUpdateService, unable to update group data");
1212 				}
1213 			}
1214 		} catch ( Exception ex ) {
1215 			throw new UnsupportedOperationException( "unable to obtain a GroupUpdateService, unable to update group data", ex);
1216 		}
1217 		return groupUpdateService;
1218 	}
1219 
1220 	public IdentityUpdateService getIdentityUpdateService() {
1221 		try {
1222 			if ( identityUpdateService == null ) {
1223 				identityUpdateService = KIMServiceLocator.getIdentityUpdateService();
1224 				if ( identityUpdateService == null ) {
1225 					throw new UnsupportedOperationException( "null returned for IdentityUpdateService, unable to update identity data");
1226 				}
1227 			}
1228 		} catch ( Exception ex ) {
1229 			throw new UnsupportedOperationException( "unable to obtain an IdentityUpdateService, unable to update identity data", ex);
1230 		}
1231 		return identityUpdateService;
1232 	}
1233 }