-// $Id$
/**
* Copyright (C) 2007 EDIT
* European Distributed Institute of Taxonomy
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
+import eu.etaxonomy.cdm.api.application.CdmApplicationState;
import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
import eu.etaxonomy.cdm.model.common.Group;
private ConversationHolder conversation;
+ public static final String INCORRECT_CREDENTIALS_MESSAGE = "Login and/or Password incorrect";
+ public static final String ACCOUNT_LOCKED_MESSAGE = "Account is locked";
+ public static final String EMPTY_CREDENTIALS_MESSAGE = "Login and/or Password empty";
+
public LoginManager(){
- CdmStore.getContextManager().addContextListener(this);
+ CdmStore.getContextManager().addContextListener(this);
}
/**
*/
public boolean authenticate(String username, String password){
- // close all open editors
- if(!AbstractUtility.closeAll()){
- return false;
- }
-
-
- try{
- SecurityContextHolder.clearContext();
-
- Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
-
- UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
- Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
+ // close all open editors
+ if(!AbstractUtility.closeAll()){
+ return false;
+ }
- User user = (User) authentication.getPrincipal();
- /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
- * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
- user.initAuthorities();
- if(logger.isDebugEnabled()){
- StringBuilder gaText = new StringBuilder();
- String indent = " ";
- Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
- _logGrantedAuthotities(gaText, indent, gaSet);
- for(Group gr : user.getGroups()){
- gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
- _logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
- }
- logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
- }
+ try{
+ doAuthenticate(username, password);
+ } catch (CdmAuthenticationException e) {
+ MessagingUtils.warningDialog("Could not authenticate", this, e.getMessage());
+ return false;
+ }
+ return true;
+ }
- SecurityContextHolder.getContext().setAuthentication(authentication);
+ public void doAuthenticate(String username, String password) throws CdmAuthenticationException {
+ try {
+ SecurityContextHolder.clearContext();
+ Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
+
+ UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
+ Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
+
+ User user = (User) authentication.getPrincipal();
+ /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
+ * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
+ user.initAuthorities();
+
+ if(logger.isDebugEnabled()){
+ StringBuilder gaText = new StringBuilder();
+ String indent = " ";
+ Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
+ _logGrantedAuthotities(gaText, indent, gaSet);
+ for(Group gr : user.getGroups()){
+ gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
+ _logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
+ }
+ logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
+ }
+
+ authentication = new UsernamePasswordAuthenticationToken(user,password, authentication.getAuthorities());
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+ CdmApplicationState.setCurrentSecurityContext(SecurityContextHolder.getContext());
+
+ if(!authentication.equals(lastAuthentication)){
+ this.setChanged();
+ this.notifyObservers();
+ }
+ } catch(BadCredentialsException e){
+ throw new CdmAuthenticationException(INCORRECT_CREDENTIALS_MESSAGE, e);
+ } catch(LockedException e){
+ throw new CdmAuthenticationException(ACCOUNT_LOCKED_MESSAGE, e);
+ } catch(IllegalArgumentException e){
+ throw new CdmAuthenticationException(EMPTY_CREDENTIALS_MESSAGE, e);
+ }
- if(!authentication.equals(lastAuthentication)){
- this.setChanged();
- this.notifyObservers();
- }
- return true;
- }
- catch(BadCredentialsException e){
- MessagingUtils.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Bad Credentials.");
- }
- catch(LockedException e){
- MessagingUtils.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Account is locked.");
- }
- catch(IllegalArgumentException e){
- MessagingUtils.warningDialog("Could not authenticate", this, "Could not authenticate. Reason: Username and/or Password empty.");
- }
- return false;
}
+
private void _logGrantedAuthotities(StringBuilder gaText, String indent,
Set<GrantedAuthority> gaSet) {
for(GrantedAuthority ga : gaSet){
* @return a {@link eu.etaxonomy.cdm.model.common.User} object.
*/
public User getAuthenticatedUser(){
- Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+ Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if(authentication != null
&& authentication.getPrincipal() != null