src/main/java/eu/etaxonomy/cdm/vaadin/view/LoginPresenter.java

   1 /**
   2 * Copyright (C) 2017 EDIT
   3 * European Distributed Institute of Taxonomy
   4 * http://www.e-taxonomy.eu
   5 *
   6 * The contents of this file are subject to the Mozilla Public License Version 1.1
   7 * See LICENSE.TXT at the top of this package for the full license terms.
   8 */
   9 package eu.etaxonomy.cdm.vaadin.view;
  10
  11 import org.apache.commons.lang.StringUtils;
  12 import org.apache.log4j.Logger;
  13 import org.springframework.beans.factory.annotation.Autowired;
  14 import org.springframework.context.ApplicationEventPublisher;
  15 import org.springframework.context.event.EventListener;
  16 import org.springframework.security.authentication.AuthenticationManager;
  17 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
  18 import org.springframework.security.core.Authentication;
  19 import org.springframework.security.core.context.SecurityContext;
  20 import org.springframework.security.core.context.SecurityContextHolder;
  21
  22 import com.vaadin.spring.annotation.SpringComponent;
  23 import com.vaadin.spring.annotation.UIScope;
  24
  25 import eu.etaxonomy.cdm.vaadin.event.AuthenticationAttemptEvent;
  26 import eu.etaxonomy.cdm.vaadin.event.AuthenticationSuccessEvent;
  27 import eu.etaxonomy.cdm.vaadin.util.CdmSpringContextHelper;
  28 import eu.etaxonomy.vaadin.mvp.AbstractPresenter;
  29 import eu.etaxonomy.vaadin.ui.navigation.NavigationManager;
  30
  31 /**
  32  * The {@link LoginView is used as replacement view in the scope of other views.
  33  * Therefore the LoginPresenter must be in <b>UIScope</b> so that the LoginPresenter
  34  * is available to all Views.
  35  * <p>
  36  * The LoginPresenter offers a <b>auto login feature for developers</b>. Tio activate the auto login
  37  * you need to provide the <code>user name</code> and <code>password</code> using the environment variables
  38  * <code>cdm-vaadin.login.usr</code> and <code>cdm-vaadin.login.pwd</code>, e.g.:
  39  * <pre>
  40  * -Dcdm-vaadin.login.usr=admin -Dcdm-vaadin.login.pwd=00000
  41  * </pre>
  42  *
  43  * @author a.kohlbecker
  44  * @since Apr 25, 2017
  45  *
  46  */
  47 @SpringComponent
  48 @UIScope // DO NOT CHANGE !!! LoginPresenter must be in UIScope so that the LoginPresenter is available to all Views.
  49 public class LoginPresenter extends AbstractPresenter<LoginView> {
  50
  51     private static final long serialVersionUID = 4020699735656994791L;
  52
  53     private static final Logger log = Logger.getLogger(LoginPresenter.class);
  54
  55     private final static String PROPNAME_USER = "cdm-vaadin.login.usr";
  56
  57     private final static String PROPNAME_PASSWORD = "cdm-vaadin.login.pwd";
  58
  59     @Autowired
  60     protected ApplicationEventPublisher eventBus;
  61
  62     /**
  63      * @return
  64      *
  65      * FIXME is it ok to use the SecurityContextHolder or do we need to hold the context in the vaadin session?
  66      */
  67     private SecurityContext currentSecurityContext() {
  68         return SecurityContextHolder.getContext();
  69     }
  70
  71     public boolean authenticate(String userName, String password){
  72
  73         UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(userName, password);
  74         AuthenticationManager authenticationManager = (AuthenticationManager) CdmSpringContextHelper.getCurrent().getBean("authenticationManager");
  75         Authentication authentication = authenticationManager.authenticate(token);
  76
  77         if(authentication != null && authentication.isAuthenticated()) {
  78             log.debug("user '" + userName + "' autheticated");
  79             currentSecurityContext().setAuthentication(authentication);
  80             if(NavigationManager.class.isAssignableFrom(getNavigationManager().getClass())){
  81                 log.debug("reloading current view");
  82                 getNavigationManager().reloadCurrentView();
  83                 eventBus.publishEvent(new AuthenticationSuccessEvent(userName));
  84             }
  85         }
  86         return false;
  87     }
  88
  89
  90
  91     /**
  92      * {@inheritDoc}
  93      */
  94     @Override
  95     public void onViewEnter() {
  96         super.onViewEnter();
  97         // attempt to auto login
  98         if(StringUtils.isNotEmpty(System.getProperty(PROPNAME_USER)) && StringUtils.isNotEmpty(System.getProperty(PROPNAME_PASSWORD))){
  99             log.warn("Performing autologin with user " + System.getProperty(PROPNAME_USER));
 100             authenticate(System.getProperty(PROPNAME_USER), System.getProperty(PROPNAME_PASSWORD));
 101         }
 102     }
 103
 104     @EventListener
 105     protected void onLoginEvent(AuthenticationAttemptEvent e){
 106         authenticate(e.getUserName(), getView().getLoginDialog().getPassword().getValue());
 107     }
 108
 109
 110
 111 }