// $Id$
/**
* Copyright (C) 2007 EDIT
-* European Distributed Institute of Taxonomy
+* European Distributed Institute of Taxonomy
* http://www.e-taxonomy.eu
-*
+*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* See LICENSE.TXT at the top of this package for the full license terms.
*/
package eu.etaxonomy.taxeditor.store;
import java.util.Observable;
+import java.util.Set;
+import org.apache.log4j.Logger;
import org.eclipse.core.runtime.IProgressMonitor;
import org.eclipse.ui.IMemento;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
+import eu.etaxonomy.cdm.model.common.Group;
import eu.etaxonomy.cdm.model.common.User;
import eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap;
+import eu.etaxonomy.taxeditor.model.AbstractUtility;
import eu.etaxonomy.taxeditor.model.IContextListener;
+import eu.etaxonomy.taxeditor.model.MessagingUtils;
/**
* <p>LoginManager class.</p>
* @version 1.0
*/
public class LoginManager extends Observable implements IConversationEnabled, IContextListener{
-
+
+ public static final Logger logger = Logger.getLogger(LoginManager.class);
+
private ConversationHolder conversation;
-
+
public LoginManager(){
CdmStore.getContextManager().addContextListener(this);
}
-
+
/**
* <p>authenticate</p>
*
* @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
+ * @return true if the login attempt was successful even if the authentication has changed or not
*/
- public boolean authenticate(String username, String password){
+ public boolean authenticate(String username, String password){
+
+ // close all open editors
+ if(!AbstractUtility.closeAll()){
+ return false;
+ }
+
+
try{
- getConversationHolder().bind();
- UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
-
SecurityContextHolder.clearContext();
- Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
+
+ Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
+
+ UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
+ Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
+
+ User user = (User) authentication.getPrincipal();
+ /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
+ * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
+ user.initAuthorities();
+
+ if(logger.isDebugEnabled()){
+ StringBuilder gaText = new StringBuilder();
+ String indent = " ";
+ Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
+ _logGrantedAuthotities(gaText, indent, gaSet);
+ for(Group gr : user.getGroups()){
+ gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
+ _logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
+ }
+ logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
+ }
+
SecurityContextHolder.getContext().setAuthentication(authentication);
- this.setChanged();
- this.notifyObservers();
+
+ if(!authentication.equals(lastAuthentication)){
+ this.setChanged();
+ this.notifyObservers();
+ }
return true;
}
catch(BadCredentialsException e){
- StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Bad Credentials.");
+ MessagingUtils.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Bad Credentials.");
}
catch(LockedException e){
- StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Account is locked.");
+ MessagingUtils.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Account is locked.");
}
catch(IllegalArgumentException e){
- StoreUtil.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Username and/or Password empty.");
+ MessagingUtils.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Username and/or Password empty.");
}
return false;
}
-
+
+ private void _logGrantedAuthotities(StringBuilder gaText, String indent,
+ Set<GrantedAuthority> gaSet) {
+ for(GrantedAuthority ga : gaSet){
+ gaText.append(indent).append("ga[").append(ga.hashCode()).append("] ").append(ga.toString()).append("\n");
+ }
+ }
+
/**
* <p>getAuthenticatedUser</p>
*
*/
public User getAuthenticatedUser(){
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-
- if(authentication != null
- && authentication.getPrincipal() != null
+
+ if(authentication != null
+ && authentication.getPrincipal() != null
&& authentication.getPrincipal() instanceof User){
return (User)authentication.getPrincipal();
}
return null;
}
-
+
public void logoutAll(){
SecurityContextHolder.clearContext();
- notifyObservers();
+ notifyObservers();
}
/* (non-Javadoc)
/**
* Whether the current user has the role admin
- *
+ *
* @return
*/
public boolean isAdmin() {
// FIXME until we have rights implemented properly we do this
- // by a simple string check. This has to change
-
+ // by a simple string check. This has to change
+
return "admin".equals(getAuthenticatedUser().getUsername());
}
@Override
public void contextAboutToStop(IMemento memento, IProgressMonitor monitor) {
-
+
}
@Override
public void contextStop(IMemento memento, IProgressMonitor monitor) {
-
+
}
@Override
- public void contextStart(IMemento memento, IProgressMonitor monitor) {
+ public void contextStart(IMemento memento, IProgressMonitor monitor){
conversation = CdmStore.createConversation();
}
@Override
public void workbenchShutdown(IMemento memento, IProgressMonitor monitor) {
-
+
}
}