eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java

   1 // $Id$
   2 /**
   3 * Copyright (C) 2007 EDIT
   4 * European Distributed Institute of Taxonomy
   5 * http://www.e-taxonomy.eu
   6 *
   7 * The contents of this file are subject to the Mozilla Public License Version 1.1
   8 * See LICENSE.TXT at the top of this package for the full license terms.
   9 */
  10
  11 package eu.etaxonomy.taxeditor.store;
  12
  13 import java.util.Observable;
  14 import java.util.Set;
  15
  16 import org.apache.log4j.Logger;
  17 import org.eclipse.core.runtime.IProgressMonitor;
  18 import org.eclipse.ui.IMemento;
  19 import org.springframework.security.authentication.BadCredentialsException;
  20 import org.springframework.security.authentication.LockedException;
  21 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
  22 import org.springframework.security.core.Authentication;
  23 import org.springframework.security.core.GrantedAuthority;
  24 import org.springframework.security.core.context.SecurityContextHolder;
  25
  26 import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
  27 import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
  28 import eu.etaxonomy.cdm.model.common.Group;
  29 import eu.etaxonomy.cdm.model.common.User;
  30 import eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap;
  31 import eu.etaxonomy.taxeditor.model.AbstractUtility;
  32 import eu.etaxonomy.taxeditor.model.IContextListener;
  33
  34 /**
  35  * <p>LoginManager class.</p>
  36  *
  37  * @author n.hoffmann
  38  * @created 03.07.2009
  39  * @version 1.0
  40  */
  41 public class LoginManager extends Observable implements IConversationEnabled, IContextListener{
  42
  43         public static final Logger logger = Logger.getLogger(LoginManager.class);
  44
  45         private ConversationHolder conversation;
  46
  47         public LoginManager(){
  48                 CdmStore.getContextManager().addContextListener(this);
  49         }
  50
  51         /**
  52          * <p>authenticate</p>
  53          *
  54          * @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
  55          * @return true if the login attempt was successful even if the authentication has changed or not
  56          */
  57         public boolean authenticate(String username, String password){
  58
  59                 // close all open editors
  60                 if(!AbstractUtility.closeAll()){
  61                         return false;
  62                 }
  63
  64
  65                 try{
  66                         SecurityContextHolder.clearContext();
  67
  68                         Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
  69
  70                         UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
  71                         Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
  72
  73                         User user = (User) authentication.getPrincipal();
  74                         /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
  75                          * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
  76                         user.initAuthorities();
  77
  78                         if(logger.isDebugEnabled()){
  79                                 StringBuilder gaText = new StringBuilder();
  80                                 String indent = "    ";
  81                                 Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
  82                                 _logGrantedAuthotities(gaText, indent, gaSet);
  83                                 for(Group gr : user.getGroups()){
  84                                         gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
  85                                         _logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
  86                                 }
  87                                 logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
  88                         }
  89
  90                         SecurityContextHolder.getContext().setAuthentication(authentication);
  91
  92                         if(!authentication.equals(lastAuthentication)){
  93                                 this.setChanged();
  94                                 this.notifyObservers();
  95                         }
  96                         return true;
  97                 }
  98                 catch(BadCredentialsException e){
  99                         AbstractUtility.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Bad Credentials.");
 100                 }
 101                 catch(LockedException e){
 102                         AbstractUtility.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Account is locked.");
 103                 }
 104                 catch(IllegalArgumentException e){
 105                         AbstractUtility.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Username and/or Password empty.");
 106                 }
 107                 return false;
 108         }
 109
 110         private void _logGrantedAuthotities(StringBuilder gaText, String indent,
 111                         Set<GrantedAuthority> gaSet) {
 112                 for(GrantedAuthority ga : gaSet){
 113                         gaText.append(indent).append("ga[").append(ga.hashCode()).append("] ").append(ga.toString()).append("\n");
 114                 }
 115         }
 116
 117         /**
 118          * <p>getAuthenticatedUser</p>
 119          *
 120          * @return a {@link eu.etaxonomy.cdm.model.common.User} object.
 121          */
 122         public User getAuthenticatedUser(){
 123                 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
 124
 125                 if(authentication != null
 126                                 && authentication.getPrincipal() != null
 127                                 && authentication.getPrincipal() instanceof User){
 128                         return (User)authentication.getPrincipal();
 129                 }
 130                 return null;
 131         }
 132
 133         public void logoutAll(){
 134                 SecurityContextHolder.clearContext();
 135                 notifyObservers();
 136         }
 137
 138         /* (non-Javadoc)
 139          * @see eu.etaxonomy.cdm.persistence.hibernate.ICdmPostDataChangeObserver#update(eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap)
 140          */
 141         @Override
 142         public void update(CdmDataChangeMap arg) {}
 143
 144         /* (non-Javadoc)
 145          * @see eu.etaxonomy.cdm.api.conversation.IConversationEnabled#getConversationHolder()
 146          */
 147         @Override
 148         public ConversationHolder getConversationHolder() {
 149                 if(conversation == null){
 150                         conversation = CdmStore.createConversation();
 151                 }
 152                 return conversation;
 153         }
 154
 155         /**
 156          * Whether the current user has the role admin
 157          *
 158          * @return
 159          */
 160         public boolean isAdmin() {
 161                 // FIXME until we have rights implemented properly we do this
 162                 // by a simple string check. This has to change
 163
 164                 return "admin".equals(getAuthenticatedUser().getUsername());
 165         }
 166
 167         @Override
 168         public void contextAboutToStop(IMemento memento, IProgressMonitor monitor) {
 169
 170         }
 171
 172         @Override
 173         public void contextStop(IMemento memento, IProgressMonitor monitor) {
 174
 175         }
 176
 177         @Override
 178         public void contextStart(IMemento memento, IProgressMonitor monitor){
 179                 conversation = CdmStore.createConversation();
 180         }
 181
 182         @Override
 183         public void contextRefresh(IProgressMonitor monitor) {
 184                 conversation = CdmStore.createConversation();
 185         }
 186
 187         @Override
 188         public void workbenchShutdown(IMemento memento, IProgressMonitor monitor) {
 189
 190         }
 191 }