From 4ed38c9b075c70f17d5b64d6cbc2e185b5c63413 Mon Sep 17 00:00:00 2001 From: Cherian Mathew Date: Fri, 27 Nov 2015 11:48:54 +0100 Subject: [PATCH] #5207 Add validation of credentials on target server before starting application context --- .../CdmApplicationRemoteConfiguration.java | 16 +++++-- .../taxeditor/store/LoginManager.java | 13 ++++-- .../ui/dialog/RemotingLoginDialog.java | 42 +++++++++++++++---- 3 files changed, 55 insertions(+), 16 deletions(-) diff --git a/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/cdm/api/application/CdmApplicationRemoteConfiguration.java b/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/cdm/api/application/CdmApplicationRemoteConfiguration.java index 52bb763b0..47757c986 100644 --- a/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/cdm/api/application/CdmApplicationRemoteConfiguration.java +++ b/eu.etaxonomy.taxeditor.cdmlib/src/main/java/eu/etaxonomy/cdm/api/application/CdmApplicationRemoteConfiguration.java @@ -303,6 +303,11 @@ public class CdmApplicationRemoteConfiguration implements ICdmApplicationConfigu return (IUserService) getService(IUserService.class, "/remoting-public/user.service", new CdmServiceRequestExecutor()); } + + public static IUserService getUserService(ICdmRemoteSource remoteSource) { + return (IUserService) getService(IUserService.class, "/remoting-public/user.service", remoteSource, new CommonsHttpInvokerRequestExecutor()); + } + @Override public IMetadataService getMetadataService() { return (IMetadataService) getService(IMetadataService.class, "/remoting-public/metadata.service", new CommonsHttpInvokerRequestExecutor()); @@ -328,17 +333,22 @@ public class CdmApplicationRemoteConfiguration implements ICdmApplicationConfigu if(authenticationManager != null) { return authenticationManager; } + + authenticationManager = getAuthenticationManager(getUserService()); + return authenticationManager; + } + + public static ProviderManager getAuthenticationManager(IUserService userService) { Md5PasswordEncoder passwordEncoder = new Md5PasswordEncoder(); ReflectionSaltSource saltSource = new ReflectionSaltSource(); saltSource.setUserPropertyToUse("getUsername"); DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider(); - daoAuthenticationProvider.setUserDetailsService(getUserService()); + daoAuthenticationProvider.setUserDetailsService(userService); daoAuthenticationProvider.setSaltSource(saltSource); daoAuthenticationProvider.setPasswordEncoder(passwordEncoder); - authenticationManager = new ProviderManager(Arrays.asList((AuthenticationProvider)daoAuthenticationProvider)); - return authenticationManager; + return new ProviderManager(Arrays.asList((AuthenticationProvider)daoAuthenticationProvider)); } diff --git a/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java b/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java index 04f2d13d0..f56a8293d 100644 --- a/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java +++ b/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/LoginManager.java @@ -46,8 +46,12 @@ public class LoginManager extends Observable implements IConversationEnabled, IC private ConversationHolder conversation; + public static final String INCORRECT_CREDENTIALS_MESSAGE = "Login and/or Password incorrect"; + public static final String ACCOUNT_LOCKED_MESSAGE = "Account is locked"; + public static final String EMPTY_CREDENTIALS_MESSAGE = "Login and/or Password empty"; + public LoginManager(){ - CdmStore.getContextManager().addContextListener(this); + CdmStore.getContextManager().addContextListener(this); } /** @@ -107,15 +111,16 @@ public class LoginManager extends Observable implements IConversationEnabled, IC this.notifyObservers(); } } catch(BadCredentialsException e){ - throw new CdmAuthenticationException("Login and/or Password incorrect", e); + throw new CdmAuthenticationException(INCORRECT_CREDENTIALS_MESSAGE, e); } catch(LockedException e){ - throw new CdmAuthenticationException("Account is locked", e); + throw new CdmAuthenticationException(ACCOUNT_LOCKED_MESSAGE, e); } catch(IllegalArgumentException e){ - throw new CdmAuthenticationException("Login and/or Password empty", e); + throw new CdmAuthenticationException(EMPTY_CREDENTIALS_MESSAGE, e); } } + private void _logGrantedAuthotities(StringBuilder gaText, String indent, Set gaSet) { for(GrantedAuthority ga : gaSet){ diff --git a/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/ui/dialog/RemotingLoginDialog.java b/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/ui/dialog/RemotingLoginDialog.java index a46299076..92824fcd6 100644 --- a/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/ui/dialog/RemotingLoginDialog.java +++ b/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/ui/dialog/RemotingLoginDialog.java @@ -49,8 +49,13 @@ import org.eclipse.ui.progress.IProgressConstants; import org.eclipse.wb.swt.SWTResourceManager; import org.osgi.service.prefs.BackingStoreException; import org.osgi.service.prefs.Preferences; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.LockedException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import eu.etaxonomy.cdm.api.application.CdmApplicationRemoteConfiguration; import eu.etaxonomy.cdm.api.application.CdmApplicationState; +import eu.etaxonomy.cdm.api.service.IUserService; import eu.etaxonomy.cdm.model.metadata.CdmMetaData; import eu.etaxonomy.taxeditor.model.MessagingUtils; import eu.etaxonomy.taxeditor.preference.IPreferenceKeys; @@ -62,6 +67,7 @@ import eu.etaxonomy.taxeditor.remoting.source.CdmServerInfo; import eu.etaxonomy.taxeditor.remoting.source.CdmServerInfo.CdmInstanceInfo; import eu.etaxonomy.taxeditor.remoting.source.ICdmRemoteSource; import eu.etaxonomy.taxeditor.store.CdmStore; +import eu.etaxonomy.taxeditor.store.LoginManager; import eu.etaxonomy.taxeditor.store.internal.TaxeditorStorePlugin; import eu.etaxonomy.taxeditor.webapp.CDMEmbeddedServerException; import eu.etaxonomy.taxeditor.webapp.CDMServer; @@ -507,15 +513,17 @@ public class RemotingLoginDialog extends Dialog implements ICDMServerError { private void refreshCdmServer() { + txtCdmServerStatus.setText(STATUS_CHECKING_AVAILABILITY); + clearOnServerChange(); + emptyCredentials(); + updateSelectedCdmServer(); Display.getDefault().asyncExec(new Runnable() { @Override public void run() { - txtCdmServerStatus.setText(STATUS_CHECKING_AVAILABILITY); - updateSelectedCdmServer(); checkSelectedCdmServer(); - updatePort(); } }); + } private void updateSelectedCdmServer() { @@ -550,10 +558,6 @@ public class RemotingLoginDialog extends Dialog implements ICDMServerError { } private void checkSelectedCdmServer() { - - clearOnServerChange(); - emptyCredentials(); - if(selectedCsii != null) { if(selectedCsii.isLocalhost()) { txtPort.setEditable(true); @@ -570,6 +574,7 @@ public class RemotingLoginDialog extends Dialog implements ICDMServerError { disableCdmInstanceControls("", ""); } } + updatePort(); } @@ -855,7 +860,7 @@ public class RemotingLoginDialog extends Dialog implements ICDMServerError { ICdmRemoteSource source = selectedCsii.getCdmRemoteSource(selectedCdmInstance, getPort()); - if(!validateLogin()) { + if(!validateLogin(source)) { return; } @@ -934,7 +939,7 @@ public class RemotingLoginDialog extends Dialog implements ICDMServerError { return selectedCsii.toString(selectedCdmInstance.getName(), getPort()) + PASSWORD_SUFFIX; } - private boolean validateLogin() { + private boolean validateLogin(ICdmRemoteSource remoteSource) { if(getUsername() == null || getUsername().isEmpty()) { setMessage("User login cannot be empty"); return false; @@ -943,8 +948,25 @@ public class RemotingLoginDialog extends Dialog implements ICDMServerError { setMessage("Password cannot be empty"); return false; } + + + try { + IUserService userService = CdmApplicationRemoteConfiguration.getUserService(remoteSource); + UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(getUsername(), getPassword()); + CdmApplicationRemoteConfiguration.getAuthenticationManager(userService).authenticate(token); + } catch(BadCredentialsException e){ + setMessage(LoginManager.INCORRECT_CREDENTIALS_MESSAGE); + return false; + } catch(LockedException e){ + setMessage(LoginManager.ACCOUNT_LOCKED_MESSAGE); + return false; + } catch(IllegalArgumentException e){ + setMessage(LoginManager.INCORRECT_CREDENTIALS_MESSAGE); + return false; + } return true; } + public String getUsername() { return txtLogin.getText(); } @@ -1035,6 +1057,8 @@ public class RemotingLoginDialog extends Dialog implements ICDMServerError { txtServerVersion.setText(""); txtServerVersion.setToolTipText(""); txtServerCDMVersion.setText(""); + comboCdmInstance.removeAll(); + txtCdmInstanceStatus.setText(""); txtPort.setEditable(false); txtPort.setEnabled(false); } -- 2.34.1