2 * Copyright (C) 2007 EDIT
3 * European Distributed Institute of Taxonomy
4 * http://www.e-taxonomy.eu
6 * The contents of this file are subject to the Mozilla Public License Version 1.1
7 * See LICENSE.TXT at the top of this package for the full license terms.
9 package eu
.etaxonomy
.taxeditor
.store
;
11 import java
.util
.Observable
;
14 import org
.apache
.log4j
.Logger
;
15 import org
.eclipse
.core
.runtime
.IProgressMonitor
;
16 import org
.eclipse
.ui
.IMemento
;
17 import org
.springframework
.security
.authentication
.BadCredentialsException
;
18 import org
.springframework
.security
.authentication
.LockedException
;
19 import org
.springframework
.security
.authentication
.UsernamePasswordAuthenticationToken
;
20 import org
.springframework
.security
.core
.Authentication
;
21 import org
.springframework
.security
.core
.GrantedAuthority
;
22 import org
.springframework
.security
.core
.context
.SecurityContextHolder
;
24 import eu
.etaxonomy
.cdm
.api
.application
.CdmApplicationState
;
25 import eu
.etaxonomy
.cdm
.api
.conversation
.ConversationHolder
;
26 import eu
.etaxonomy
.cdm
.api
.conversation
.IConversationEnabled
;
27 import eu
.etaxonomy
.cdm
.api
.utility
.CdmUserHelper
;
28 import eu
.etaxonomy
.cdm
.api
.utility
.RoleProber
;
29 import eu
.etaxonomy
.cdm
.api
.utility
.UserHelper
;
30 import eu
.etaxonomy
.cdm
.model
.permission
.Group
;
31 import eu
.etaxonomy
.cdm
.model
.permission
.User
;
32 import eu
.etaxonomy
.cdm
.persistence
.hibernate
.CdmDataChangeMap
;
33 import eu
.etaxonomy
.cdm
.persistence
.permission
.Role
;
34 import eu
.etaxonomy
.taxeditor
.model
.IContextListener
;
35 import eu
.etaxonomy
.taxeditor
.model
.MessagingUtils
;
38 * <p>LoginManager class.</p>
44 public class LoginManager
extends Observable
implements IConversationEnabled
, IContextListener
{
46 public static final Logger logger
= Logger
.getLogger(LoginManager
.class);
48 private ConversationHolder conversation
;
50 public static final String INCORRECT_CREDENTIALS_MESSAGE
= "Login and/or Password incorrect";
51 public static final String ACCOUNT_LOCKED_MESSAGE
= "Account is locked";
52 public static final String EMPTY_CREDENTIALS_MESSAGE
= "Login and/or Password empty";
55 private CdmUserHelper userHelper
= null;
57 public LoginManager(){
58 CdmStore
.getContextManager().addContextListener(this);
62 private UserHelper
userHelper() {
64 if (userHelper
== null){
65 userHelper
= new CdmUserHelper();
73 * @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
74 * @return true if the login attempt was successful even if the authentication has changed or not
76 public boolean authenticate(String username
, String password
){
78 doAuthenticate(username
, password
);
79 } catch (CdmAuthenticationException e
) {
80 MessagingUtils
.warningDialog("Could not authenticate", this, e
.getMessage());
86 public void doAuthenticate(String username
, String password
) throws CdmAuthenticationException
{
88 SecurityContextHolder
.clearContext();
89 Authentication lastAuthentication
= CdmStore
.getCurrentAuthentiation();
91 UsernamePasswordAuthenticationToken token
= new UsernamePasswordAuthenticationToken(username
, password
);
92 Authentication authentication
= CdmStore
.getAuthenticationManager().authenticate(token
);
94 User user
= (User
) authentication
.getPrincipal();
95 /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
96 * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
97 user
.initAuthorities();
99 if(logger
.isDebugEnabled()){
100 StringBuilder gaText
= new StringBuilder();
102 Set
<GrantedAuthority
> gaSet
= user
.getGrantedAuthorities();
103 _logGrantedAuthotities(gaText
, indent
, gaSet
);
104 for(Group gr
: user
.getGroups()){
105 gaText
.append(indent
).append("gr[").append(gr
.hashCode()).append("] \"").append(gr
.getName()).append("\" ").append(gr
.toString()).append("\n");
106 _logGrantedAuthotities(gaText
, indent
+ indent
, gr
.getGrantedAuthorities());
108 logger
.debug("User authenticated: " + user
.getUsername() + "\n" + gaText
.toString());
111 authentication
= new UsernamePasswordAuthenticationToken(user
,password
, authentication
.getAuthorities());
112 SecurityContextHolder
.getContext().setAuthentication(authentication
);
113 CdmApplicationState
.setCurrentSecurityContext(SecurityContextHolder
.getContext());
115 if(!authentication
.equals(lastAuthentication
)){
117 this.notifyObservers();
119 } catch(BadCredentialsException e
){
120 throw new CdmAuthenticationException(INCORRECT_CREDENTIALS_MESSAGE
, e
);
121 } catch(LockedException e
){
122 throw new CdmAuthenticationException(ACCOUNT_LOCKED_MESSAGE
, e
);
123 } catch(IllegalArgumentException e
){
125 throw new CdmAuthenticationException(EMPTY_CREDENTIALS_MESSAGE
, e
);
131 private void _logGrantedAuthotities(StringBuilder gaText
, String indent
,
132 Set
<GrantedAuthority
> gaSet
) {
133 for(GrantedAuthority ga
: gaSet
){
134 gaText
.append(indent
).append("ga[").append(ga
.hashCode()).append("] ").append(ga
.toString()).append("\n");
139 * <p>getAuthenticatedUser</p>
141 * @return a {@link eu.etaxonomy.cdm.model.common.User} object.
143 public User
getAuthenticatedUser(){
144 Authentication authentication
= SecurityContextHolder
.getContext().getAuthentication();
146 if(authentication
!= null
147 && authentication
.getPrincipal() != null
148 && authentication
.getPrincipal() instanceof User
){
149 return (User
)authentication
.getPrincipal();
154 public void logoutAll(){
155 SecurityContextHolder
.clearContext();
160 * @see eu.etaxonomy.cdm.persistence.hibernate.ICdmPostDataChangeObserver#update(eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap)
163 public void update(CdmDataChangeMap arg
) {}
166 * @see eu.etaxonomy.cdm.api.conversation.IConversationEnabled#getConversationHolder()
169 public ConversationHolder
getConversationHolder() {
170 if(conversation
== null){
171 conversation
= CdmStore
.createConversation();
177 * Whether the current user has the role admin
181 public boolean isAdmin() {
182 boolean result
= userHelper().userIs(new RoleProber(Role
.ROLE_ADMIN
));
187 * Whether the current user has the role user manager
191 public boolean isUserManager() {
192 boolean result
= userHelper().userIs(new RoleProber(Role
.ROLE_USER_MANAGER
));
197 public void contextAboutToStop(IMemento memento
, IProgressMonitor monitor
) {
202 public void contextStop(IMemento memento
, IProgressMonitor monitor
) {
207 public void contextStart(IMemento memento
, IProgressMonitor monitor
){
208 conversation
= CdmStore
.createConversation();
212 public void contextRefresh(IProgressMonitor monitor
) {
213 conversation
= CdmStore
.createConversation();
217 public void workbenchShutdown(IMemento memento
, IProgressMonitor monitor
) {