BGBM BDI Projects / taxeditor.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'release/3.12.0'
[taxeditor.git] / eu.etaxonomy.taxeditor.store / src / main / java / eu / etaxonomy / taxeditor / store / LoginManager.java
1 // $Id$
2 /**
3 * Copyright (C) 2007 EDIT
4 * European Distributed Institute of Taxonomy
5 * http://www.e-taxonomy.eu
6 *
7 * The contents of this file are subject to the Mozilla Public License Version 1.1
8 * See LICENSE.TXT at the top of this package for the full license terms.
9 */
10
11 package eu.etaxonomy.taxeditor.store;
12
13 import java.util.Observable;
14 import java.util.Set;
15
16 import org.apache.log4j.Logger;
17 import org.eclipse.core.runtime.IProgressMonitor;
18 import org.eclipse.ui.IMemento;
19 import org.springframework.security.authentication.BadCredentialsException;
20 import org.springframework.security.authentication.LockedException;
21 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
22 import org.springframework.security.core.Authentication;
23 import org.springframework.security.core.GrantedAuthority;
24 import org.springframework.security.core.context.SecurityContextHolder;
25
26 import eu.etaxonomy.cdm.api.application.CdmApplicationState;
27 import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
28 import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
29 import eu.etaxonomy.cdm.model.common.Group;
30 import eu.etaxonomy.cdm.model.common.User;
31 import eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap;
32 import eu.etaxonomy.taxeditor.model.AbstractUtility;
33 import eu.etaxonomy.taxeditor.model.IContextListener;
34 import eu.etaxonomy.taxeditor.model.MessagingUtils;
35
36 /**
37 * <p>LoginManager class.</p>
38 *
39 * @author n.hoffmann
40 * @created 03.07.2009
41 * @version 1.0
42 */
43 public class LoginManager extends Observable implements IConversationEnabled, IContextListener{
44
45 public static final Logger logger = Logger.getLogger(LoginManager.class);
46
47 private ConversationHolder conversation;
48
49 public static final String INCORRECT_CREDENTIALS_MESSAGE = "Login and/or Password incorrect";
50 public static final String ACCOUNT_LOCKED_MESSAGE = "Account is locked";
51 public static final String EMPTY_CREDENTIALS_MESSAGE = "Login and/or Password empty";
52
53 public LoginManager(){
54 CdmStore.getContextManager().addContextListener(this);
55 }
56
57 /**
58 * <p>authenticate</p>
59 *
60 * @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
61 * @return true if the login attempt was successful even if the authentication has changed or not
62 */
63 public boolean authenticate(String username, String password){
64
65 // close all open editors
66 if(!AbstractUtility.closeAll()){
67 return false;
68 }
69
70
71 try{
72 doAuthenticate(username, password);
73 } catch (CdmAuthenticationException e) {
74 MessagingUtils.warningDialog("Could not authenticate", this, e.getMessage());
75 return false;
76 }
77 return true;
78 }
79
80 public void doAuthenticate(String username, String password) throws CdmAuthenticationException {
81 try {
82 SecurityContextHolder.clearContext();
83 Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
84
85 UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
86 Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
87
88 User user = (User) authentication.getPrincipal();
89 /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
90 * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
91 user.initAuthorities();
92
93 if(logger.isDebugEnabled()){
94 StringBuilder gaText = new StringBuilder();
95 String indent = " ";
96 Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
97 _logGrantedAuthotities(gaText, indent, gaSet);
98 for(Group gr : user.getGroups()){
99 gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
100 _logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
101 }
102 logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
103 }
104
105 authentication = new UsernamePasswordAuthenticationToken(user,password, authentication.getAuthorities());
106 SecurityContextHolder.getContext().setAuthentication(authentication);
107 CdmApplicationState.setCurrentSecurityContext(SecurityContextHolder.getContext());
108
109 if(!authentication.equals(lastAuthentication)){
110 this.setChanged();
111 this.notifyObservers();
112 }
113 } catch(BadCredentialsException e){
114 throw new CdmAuthenticationException(INCORRECT_CREDENTIALS_MESSAGE, e);
115 } catch(LockedException e){
116 throw new CdmAuthenticationException(ACCOUNT_LOCKED_MESSAGE, e);
117 } catch(IllegalArgumentException e){
118 throw new CdmAuthenticationException(EMPTY_CREDENTIALS_MESSAGE, e);
119 }
120
121 }
122
123
124 private void _logGrantedAuthotities(StringBuilder gaText, String indent,
125 Set<GrantedAuthority> gaSet) {
126 for(GrantedAuthority ga : gaSet){
127 gaText.append(indent).append("ga[").append(ga.hashCode()).append("] ").append(ga.toString()).append("\n");
128 }
129 }
130
131 /**
132 * <p>getAuthenticatedUser</p>
133 *
134 * @return a {@link eu.etaxonomy.cdm.model.common.User} object.
135 */
136 public User getAuthenticatedUser(){
137 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
138
139 if(authentication != null
140 && authentication.getPrincipal() != null
141 && authentication.getPrincipal() instanceof User){
142 return (User)authentication.getPrincipal();
143 }
144 return null;
145 }
146
147 public void logoutAll(){
148 SecurityContextHolder.clearContext();
149 notifyObservers();
150 }
151
152 /* (non-Javadoc)
153 * @see eu.etaxonomy.cdm.persistence.hibernate.ICdmPostDataChangeObserver#update(eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap)
154 */
155 @Override
156 public void update(CdmDataChangeMap arg) {}
157
158 /* (non-Javadoc)
159 * @see eu.etaxonomy.cdm.api.conversation.IConversationEnabled#getConversationHolder()
160 */
161 @Override
162 public ConversationHolder getConversationHolder() {
163 if(conversation == null){
164 conversation = CdmStore.createConversation();
165 }
166 return conversation;
167 }
168
169 /**
170 * Whether the current user has the role admin
171 *
172 * @return
173 */
174 public boolean isAdmin() {
175 // FIXME until we have rights implemented properly we do this
176 // by a simple string check. This has to change
177
178 return "admin".equals(getAuthenticatedUser().getUsername());
179 }
180
181 @Override
182 public void contextAboutToStop(IMemento memento, IProgressMonitor monitor) {
183
184 }
185
186 @Override
187 public void contextStop(IMemento memento, IProgressMonitor monitor) {
188
189 }
190
191 @Override
192 public void contextStart(IMemento memento, IProgressMonitor monitor){
193 conversation = CdmStore.createConversation();
194 }
195
196 @Override
197 public void contextRefresh(IProgressMonitor monitor) {
198 conversation = CdmStore.createConversation();
199 }
200
201 @Override
202 public void workbenchShutdown(IMemento memento, IProgressMonitor monitor) {
203
204 }
205 }