BGBM BDI Projects / taxeditor.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'develop' into LibrAlign
[taxeditor.git] / eu.etaxonomy.taxeditor.store / src / main / java / eu / etaxonomy / taxeditor / store / LoginManager.java
1 /**
2 * Copyright (C) 2007 EDIT
3 * European Distributed Institute of Taxonomy
4 * http://www.e-taxonomy.eu
5 *
6 * The contents of this file are subject to the Mozilla Public License Version 1.1
7 * See LICENSE.TXT at the top of this package for the full license terms.
8 */
9
10 package eu.etaxonomy.taxeditor.store;
11
12 import java.util.Observable;
13 import java.util.Set;
14
15 import org.apache.log4j.Logger;
16 import org.eclipse.core.runtime.IProgressMonitor;
17 import org.eclipse.ui.IMemento;
18 import org.springframework.security.authentication.BadCredentialsException;
19 import org.springframework.security.authentication.LockedException;
20 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
21 import org.springframework.security.core.Authentication;
22 import org.springframework.security.core.GrantedAuthority;
23 import org.springframework.security.core.context.SecurityContextHolder;
24
25 import eu.etaxonomy.cdm.api.application.CdmApplicationState;
26 import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
27 import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
28 import eu.etaxonomy.cdm.model.common.Group;
29 import eu.etaxonomy.cdm.model.common.User;
30 import eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap;
31 import eu.etaxonomy.taxeditor.model.AbstractUtility;
32 import eu.etaxonomy.taxeditor.model.IContextListener;
33 import eu.etaxonomy.taxeditor.model.MessagingUtils;
34
35 /**
36 * <p>LoginManager class.</p>
37 *
38 * @author n.hoffmann
39 * @created 03.07.2009
40 * @version 1.0
41 */
42 public class LoginManager extends Observable implements IConversationEnabled, IContextListener{
43
44 public static final Logger logger = Logger.getLogger(LoginManager.class);
45
46 private ConversationHolder conversation;
47
48 public static final String INCORRECT_CREDENTIALS_MESSAGE = "Login and/or Password incorrect";
49 public static final String ACCOUNT_LOCKED_MESSAGE = "Account is locked";
50 public static final String EMPTY_CREDENTIALS_MESSAGE = "Login and/or Password empty";
51
52 public LoginManager(){
53 CdmStore.getContextManager().addContextListener(this);
54 }
55
56 /**
57 * <p>authenticate</p>
58 *
59 * @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
60 * @return true if the login attempt was successful even if the authentication has changed or not
61 */
62 public boolean authenticate(String username, String password){
63
64 // close all open editors
65 if(!AbstractUtility.closeAll()){
66 return false;
67 }
68
69
70 try{
71 doAuthenticate(username, password);
72 } catch (CdmAuthenticationException e) {
73 MessagingUtils.warningDialog("Could not authenticate", this, e.getMessage());
74 return false;
75 }
76 return true;
77 }
78
79 public void doAuthenticate(String username, String password) throws CdmAuthenticationException {
80 try {
81 SecurityContextHolder.clearContext();
82 Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
83
84 UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
85 Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
86
87 User user = (User) authentication.getPrincipal();
88 /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
89 * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
90 user.initAuthorities();
91
92 if(logger.isDebugEnabled()){
93 StringBuilder gaText = new StringBuilder();
94 String indent = " ";
95 Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
96 _logGrantedAuthotities(gaText, indent, gaSet);
97 for(Group gr : user.getGroups()){
98 gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
99 _logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
100 }
101 logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
102 }
103
104 authentication = new UsernamePasswordAuthenticationToken(user,password, authentication.getAuthorities());
105 SecurityContextHolder.getContext().setAuthentication(authentication);
106 CdmApplicationState.setCurrentSecurityContext(SecurityContextHolder.getContext());
107
108 if(!authentication.equals(lastAuthentication)){
109 this.setChanged();
110 this.notifyObservers();
111 }
112 } catch(BadCredentialsException e){
113 throw new CdmAuthenticationException(INCORRECT_CREDENTIALS_MESSAGE, e);
114 } catch(LockedException e){
115 throw new CdmAuthenticationException(ACCOUNT_LOCKED_MESSAGE, e);
116 } catch(IllegalArgumentException e){
117 throw new CdmAuthenticationException(EMPTY_CREDENTIALS_MESSAGE, e);
118 }
119
120 }
121
122
123 private void _logGrantedAuthotities(StringBuilder gaText, String indent,
124 Set<GrantedAuthority> gaSet) {
125 for(GrantedAuthority ga : gaSet){
126 gaText.append(indent).append("ga[").append(ga.hashCode()).append("] ").append(ga.toString()).append("\n");
127 }
128 }
129
130 /**
131 * <p>getAuthenticatedUser</p>
132 *
133 * @return a {@link eu.etaxonomy.cdm.model.common.User} object.
134 */
135 public User getAuthenticatedUser(){
136 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
137
138 if(authentication != null
139 && authentication.getPrincipal() != null
140 && authentication.getPrincipal() instanceof User){
141 return (User)authentication.getPrincipal();
142 }
143 return null;
144 }
145
146 public void logoutAll(){
147 SecurityContextHolder.clearContext();
148 notifyObservers();
149 }
150
151 /* (non-Javadoc)
152 * @see eu.etaxonomy.cdm.persistence.hibernate.ICdmPostDataChangeObserver#update(eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap)
153 */
154 @Override
155 public void update(CdmDataChangeMap arg) {}
156
157 /* (non-Javadoc)
158 * @see eu.etaxonomy.cdm.api.conversation.IConversationEnabled#getConversationHolder()
159 */
160 @Override
161 public ConversationHolder getConversationHolder() {
162 if(conversation == null){
163 conversation = CdmStore.createConversation();
164 }
165 return conversation;
166 }
167
168 /**
169 * Whether the current user has the role admin
170 *
171 * @return
172 */
173 public boolean isAdmin() {
174 // FIXME until we have rights implemented properly we do this
175 // by a simple string check. This has to change
176
177 return "admin".equals(getAuthenticatedUser().getUsername());
178 }
179
180 @Override
181 public void contextAboutToStop(IMemento memento, IProgressMonitor monitor) {
182
183 }
184
185 @Override
186 public void contextStop(IMemento memento, IProgressMonitor monitor) {
187
188 }
189
190 @Override
191 public void contextStart(IMemento memento, IProgressMonitor monitor){
192 conversation = CdmStore.createConversation();
193 }
194
195 @Override
196 public void contextRefresh(IProgressMonitor monitor) {
197 conversation = CdmStore.createConversation();
198 }
199
200 @Override
201 public void workbenchShutdown(IMemento memento, IProgressMonitor monitor) {
202
203 }
204 }