BGBM BDI Projects / taxeditor.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
RolesSourceProvider to enable activities by cdm roles and protecting bulkeditors...
[taxeditor.git] / eu.etaxonomy.taxeditor.store / src / main / java / eu / etaxonomy / taxeditor / store / LoginManager.java
1 // $Id$
2 /**
3 * Copyright (C) 2007 EDIT
4 * European Distributed Institute of Taxonomy
5 * http://www.e-taxonomy.eu
6 *
7 * The contents of this file are subject to the Mozilla Public License Version 1.1
8 * See LICENSE.TXT at the top of this package for the full license terms.
9 */
10
11 package eu.etaxonomy.taxeditor.store;
12
13 import java.util.Observable;
14 import java.util.Set;
15
16 import org.apache.log4j.Logger;
17 import org.eclipse.core.runtime.IProgressMonitor;
18 import org.eclipse.ui.IMemento;
19 import org.springframework.security.authentication.BadCredentialsException;
20 import org.springframework.security.authentication.LockedException;
21 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
22 import org.springframework.security.core.Authentication;
23 import org.springframework.security.core.GrantedAuthority;
24 import org.springframework.security.core.context.SecurityContextHolder;
25
26 import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
27 import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
28 import eu.etaxonomy.cdm.model.common.Group;
29 import eu.etaxonomy.cdm.model.common.User;
30 import eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap;
31 import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority;
32 import eu.etaxonomy.taxeditor.model.IContextListener;
33
34 /**
35 * <p>LoginManager class.</p>
36 *
37 * @author n.hoffmann
38 * @created 03.07.2009
39 * @version 1.0
40 */
41 public class LoginManager extends Observable implements IConversationEnabled, IContextListener{
42
43 public static final Logger logger = Logger.getLogger(LoginManager.class);
44
45 private ConversationHolder conversation;
46
47 public LoginManager(){
48 CdmStore.getContextManager().addContextListener(this);
49 }
50
51 /**
52 * <p>authenticate</p>
53 *
54 * @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
55 * @return true if the login attempt was successful even if the authentication has changed or not
56 */
57 public boolean authenticate(String username, String password){
58
59 // close all open editors
60 if(!StoreUtil.closeAll()){
61 return false;
62 }
63
64
65 try{
66 getConversationHolder().bind();
67 getConversationHolder().commit();
68
69 SecurityContextHolder.clearContext();
70
71 Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
72
73 UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
74 Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
75
76 User user = (User) authentication.getPrincipal();
77 /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
78 * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
79 user.initAuthorities();
80
81 if(logger.isDebugEnabled()){
82 StringBuilder gaText = new StringBuilder();
83 String indent = " ";
84 Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
85 _logGrantedAuthotities(gaText, indent, gaSet);
86 for(Group gr : user.getGroups()){
87 gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
88 _logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
89 }
90 logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
91 }
92
93 SecurityContextHolder.getContext().setAuthentication(authentication);
94
95 if(!authentication.equals(lastAuthentication)){
96 this.setChanged();
97 this.notifyObservers();
98 }
99 return true;
100 }
101 catch(BadCredentialsException e){
102 StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Bad Credentials.");
103 }
104 catch(LockedException e){
105 StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Account is locked.");
106 }
107 catch(IllegalArgumentException e){
108 StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Username and/or Password empty.");
109 }
110 return false;
111 }
112
113 private void _logGrantedAuthotities(StringBuilder gaText, String indent,
114 Set<GrantedAuthority> gaSet) {
115 for(GrantedAuthority ga : gaSet){
116 gaText.append(indent).append("ga[").append(ga.hashCode()).append("] ").append(ga.toString()).append("\n");
117 }
118 }
119
120 /**
121 * <p>getAuthenticatedUser</p>
122 *
123 * @return a {@link eu.etaxonomy.cdm.model.common.User} object.
124 */
125 public User getAuthenticatedUser(){
126 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
127
128 if(authentication != null
129 && authentication.getPrincipal() != null
130 && authentication.getPrincipal() instanceof User){
131 return (User)authentication.getPrincipal();
132 }
133 return null;
134 }
135
136 public void logoutAll(){
137 SecurityContextHolder.clearContext();
138 notifyObservers();
139 }
140
141 /* (non-Javadoc)
142 * @see eu.etaxonomy.cdm.persistence.hibernate.ICdmPostDataChangeObserver#update(eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap)
143 */
144 @Override
145 public void update(CdmDataChangeMap arg) {}
146
147 /* (non-Javadoc)
148 * @see eu.etaxonomy.cdm.api.conversation.IConversationEnabled#getConversationHolder()
149 */
150 @Override
151 public ConversationHolder getConversationHolder() {
152 if(conversation == null){
153 conversation = CdmStore.createConversation();
154 }
155 return conversation;
156 }
157
158 /**
159 * Whether the current user has the role admin
160 *
161 * @return
162 */
163 public boolean isAdmin() {
164 // FIXME until we have rights implemented properly we do this
165 // by a simple string check. This has to change
166
167 return "admin".equals(getAuthenticatedUser().getUsername());
168 }
169
170 @Override
171 public void contextAboutToStop(IMemento memento, IProgressMonitor monitor) {
172
173 }
174
175 @Override
176 public void contextStop(IMemento memento, IProgressMonitor monitor) {
177
178 }
179
180 @Override
181 public void contextStart(IMemento memento, IProgressMonitor monitor){
182 conversation = CdmStore.createConversation();
183 }
184
185 @Override
186 public void contextRefresh(IProgressMonitor monitor) {
187 conversation = CdmStore.createConversation();
188 }
189
190 @Override
191 public void workbenchShutdown(IMemento memento, IProgressMonitor monitor) {
192
193 }
194 }