Revision 93fcde18
Added by Cherian Mathew almost 9 years ago
| src/main/java/eu/etaxonomy/cdm/vaadin/presenter/AuthenticationPresenter.java | ||
|---|---|---|
| 1 | 1 |
package eu.etaxonomy.cdm.vaadin.presenter; |
| 2 | 2 |
|
| 3 |
import java.net.URI; |
|
| 4 |
|
|
| 3 | 5 |
import org.springframework.security.authentication.AuthenticationManager; |
| 4 | 6 |
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
| 5 | 7 |
import org.springframework.security.core.Authentication; |
| 6 | 8 |
|
| 9 |
import com.vaadin.server.VaadinSession; |
|
| 10 |
|
|
| 7 | 11 |
import eu.etaxonomy.cdm.vaadin.util.CdmSpringContextHelper; |
| 8 |
import eu.etaxonomy.cdm.vaadin.view.AuthenticationView; |
|
| 12 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinAuthentication; |
|
| 13 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinSessionUtilities; |
|
| 9 | 14 |
import eu.etaxonomy.cdm.vaadin.view.IAuthenticationComponent; |
| 10 | 15 |
|
| 11 | 16 |
|
| 12 | 17 |
|
| 13 | 18 |
public class AuthenticationPresenter implements IAuthenticationComponent.AuthenticationComponentListener{
|
| 14 | 19 |
|
| 15 |
private final AuthenticationView view; |
|
| 16 |
|
|
| 17 |
public AuthenticationPresenter(AuthenticationView view) {
|
|
| 18 |
this.view = view; |
|
| 19 |
view.addListener(this); |
|
| 20 |
} |
|
| 21 |
|
|
| 22 |
@Override |
|
| 23 |
public Authentication login(String userName, String password) {
|
|
| 24 |
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(userName, password); |
|
| 25 |
AuthenticationManager authenticationManager = (AuthenticationManager) CdmSpringContextHelper.getCurrent().getBean("authenticationManager");
|
|
| 26 |
Authentication authentication = authenticationManager.authenticate(token); |
|
| 27 |
return authentication; |
|
| 28 |
} |
|
| 20 |
@Override |
|
| 21 |
public boolean login(URI uri, String context, String userName, String password) {
|
|
| 22 |
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(userName, password); |
|
| 23 |
AuthenticationManager authenticationManager = (AuthenticationManager) CdmSpringContextHelper.getCurrent().getBean("authenticationManager");
|
|
| 24 |
Authentication authentication = authenticationManager.authenticate(token); |
|
| 25 |
if(authentication != null && authentication.isAuthenticated()) {
|
|
| 26 |
CdmVaadinAuthentication cvAuthentication = (CdmVaadinAuthentication) VaadinSession.getCurrent().getAttribute(CdmVaadinAuthentication.KEY); |
|
| 27 |
if(cvAuthentication == null) {
|
|
| 28 |
cvAuthentication = new CdmVaadinAuthentication(); |
|
| 29 |
} |
|
| 30 |
cvAuthentication.addAuthentication(uri, context, authentication); |
|
| 31 |
CdmVaadinSessionUtilities.setCurrentAttribute(CdmVaadinAuthentication.KEY, cvAuthentication); |
|
| 32 |
return true; |
|
| 33 |
} |
|
| 34 |
return false; |
|
| 35 |
} |
|
| 29 | 36 |
|
| 30 | 37 |
} |
| src/main/java/eu/etaxonomy/cdm/vaadin/ui/AbstractAuthenticatedUI.java | ||
|---|---|---|
| 1 | 1 |
package eu.etaxonomy.cdm.vaadin.ui; |
| 2 | 2 |
|
| 3 |
import java.net.URI; |
|
| 3 | 4 |
import java.util.logging.Logger; |
| 4 | 5 |
|
| 5 |
import org.springframework.security.core.Authentication; |
|
| 6 |
|
|
| 7 | 6 |
import com.vaadin.navigator.Navigator; |
| 7 |
import com.vaadin.server.Page; |
|
| 8 | 8 |
import com.vaadin.server.VaadinRequest; |
| 9 |
import com.vaadin.server.VaadinServlet; |
|
| 9 | 10 |
import com.vaadin.server.VaadinSession; |
| 10 | 11 |
import com.vaadin.ui.UI; |
| 11 | 12 |
|
| 12 |
import eu.etaxonomy.cdm.vaadin.presenter.AuthenticationPresenter;
|
|
| 13 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinAuthentication;
|
|
| 13 | 14 |
import eu.etaxonomy.cdm.vaadin.view.AuthenticationView; |
| 14 | 15 |
|
| 15 | 16 |
public abstract class AbstractAuthenticatedUI extends CdmBaseUI {
|
| ... | ... | |
| 39 | 40 |
navigator.addView(AUTHENTICATION_VIEW, av); |
| 40 | 41 |
|
| 41 | 42 |
|
| 42 |
new AuthenticationPresenter(av); |
|
| 43 |
|
|
| 43 | 44 |
// Create and register the views |
| 44 |
Authentication authentication = (Authentication) VaadinSession.getCurrent().getAttribute("authentication");
|
|
| 45 |
CdmVaadinAuthentication cvAuthentication = (CdmVaadinAuthentication) VaadinSession.getCurrent().getAttribute(CdmVaadinAuthentication.KEY);
|
|
| 45 | 46 |
|
| 46 | 47 |
doInit(request); |
| 47 |
|
|
| 48 |
if(ignoreAuthentication || (authentication != null && authentication.isAuthenticated())) {
|
|
| 49 |
UI.getCurrent().getNavigator().navigateTo(getFirstViewName()); |
|
| 48 |
URI uri = Page.getCurrent().getLocation(); |
|
| 49 |
String context = VaadinServlet.getCurrent().getServletContext().getContextPath(); |
|
| 50 |
if(ignoreAuthentication || (cvAuthentication != null && cvAuthentication.isAuthenticated(uri, context))) {
|
|
| 51 |
UI.getCurrent().getNavigator().navigateTo(getFirstViewName()); |
|
| 50 | 52 |
} else {
|
| 51 |
UI.getCurrent().getNavigator().navigateTo(AUTHENTICATION_VIEW);
|
|
| 53 |
UI.getCurrent().getNavigator().navigateTo(AUTHENTICATION_VIEW);
|
|
| 52 | 54 |
} |
| 53 | 55 |
} |
| 54 | 56 |
|
| src/main/java/eu/etaxonomy/cdm/vaadin/util/CdmVaadinAuthentication.java | ||
|---|---|---|
| 1 |
// $Id$ |
|
| 2 |
/** |
|
| 3 |
* Copyright (C) 2015 EDIT |
|
| 4 |
* European Distributed Institute of Taxonomy |
|
| 5 |
* http://www.e-taxonomy.eu |
|
| 6 |
* |
|
| 7 |
* The contents of this file are subject to the Mozilla Public License Version 1.1 |
|
| 8 |
* See LICENSE.TXT at the top of this package for the full license terms. |
|
| 9 |
*/ |
|
| 10 |
package eu.etaxonomy.cdm.vaadin.util; |
|
| 11 |
|
|
| 12 |
import java.net.URI; |
|
| 13 |
import java.util.HashMap; |
|
| 14 |
import java.util.Map; |
|
| 15 |
|
|
| 16 |
import org.apache.log4j.Logger; |
|
| 17 |
import org.springframework.security.core.Authentication; |
|
| 18 |
|
|
| 19 |
/** |
|
| 20 |
* @author cmathew |
|
| 21 |
* @date 28 Apr 2015 |
|
| 22 |
* |
|
| 23 |
*/ |
|
| 24 |
public class CdmVaadinAuthentication {
|
|
| 25 |
private final static Logger logger = Logger.getLogger(CdmVaadinAuthentication.class); |
|
| 26 |
|
|
| 27 |
public static final String KEY = "key_authentication"; |
|
| 28 |
|
|
| 29 |
Map<String, Authentication> hostAuthenticationMap = new HashMap<String, Authentication>(); |
|
| 30 |
|
|
| 31 |
public void addAuthentication(URI requestSourceUri, String requestSourceContext, Authentication authentication) {
|
|
| 32 |
addAuthentication(getRequestSource(requestSourceUri, requestSourceContext), authentication); |
|
| 33 |
} |
|
| 34 |
|
|
| 35 |
public void addAuthentication(String requestSource, Authentication authentication) {
|
|
| 36 |
if(requestSource == null || requestSource.isEmpty()) {
|
|
| 37 |
throw new IllegalStateException("When setting authentication, host cannot be null or empty");
|
|
| 38 |
} |
|
| 39 |
|
|
| 40 |
if(authentication == null) {
|
|
| 41 |
throw new IllegalStateException("When setting authentication, authentication object cannot be null");
|
|
| 42 |
} |
|
| 43 |
hostAuthenticationMap.put(requestSource, authentication); |
|
| 44 |
} |
|
| 45 |
|
|
| 46 |
public boolean isAuthenticated(URI uri, String context) {
|
|
| 47 |
if(uri != null && context != null && !context.isEmpty()) {
|
|
| 48 |
Authentication authentication = hostAuthenticationMap.get(getRequestSource(uri, context)); |
|
| 49 |
if(authentication != null) {
|
|
| 50 |
return authentication.isAuthenticated(); |
|
| 51 |
} |
|
| 52 |
} |
|
| 53 |
return false; |
|
| 54 |
} |
|
| 55 |
|
|
| 56 |
public static String getRequestSource(URI uri, String context) {
|
|
| 57 |
String source = uri.getHost() + ":" + String.valueOf(uri.getPort()) + context; |
|
| 58 |
logger.warn(" request source : " + source);
|
|
| 59 |
return source; |
|
| 60 |
} |
|
| 61 |
|
|
| 62 |
} |
|
| src/main/java/eu/etaxonomy/cdm/vaadin/util/CdmVaadinSessionUtilities.java | ||
|---|---|---|
| 9 | 9 |
*/ |
| 10 | 10 |
package eu.etaxonomy.cdm.vaadin.util; |
| 11 | 11 |
|
| 12 |
import java.util.concurrent.locks.Lock; |
|
| 13 |
|
|
| 12 | 14 |
import org.apache.log4j.Logger; |
| 13 | 15 |
|
| 14 | 16 |
import com.vaadin.server.VaadinSession; |
| ... | ... | |
| 27 | 29 |
private static final Logger logger = Logger.getLogger(CdmVaadinSessionUtilities.class); |
| 28 | 30 |
|
| 29 | 31 |
public static void setCurrentAttribute(String name, Object value) {
|
| 32 |
Lock sessionLock = VaadinSession.getCurrent().getLockInstance(); |
|
| 30 | 33 |
try {
|
| 31 |
VaadinSession.getCurrent().getLockInstance().lock(); |
|
| 34 |
if(sessionLock != null) {
|
|
| 35 |
sessionLock.lock(); |
|
| 36 |
} |
|
| 32 | 37 |
VaadinSession.getCurrent().setAttribute(name, value); |
| 33 | 38 |
} finally {
|
| 34 |
VaadinSession.getCurrent().getLockInstance().unlock(); |
|
| 39 |
if(sessionLock != null) {
|
|
| 40 |
sessionLock.unlock(); |
|
| 41 |
} |
|
| 35 | 42 |
} |
| 36 | 43 |
} |
| 37 | 44 |
|
| src/main/java/eu/etaxonomy/cdm/vaadin/view/AuthenticationView.java | ||
|---|---|---|
| 1 | 1 |
package eu.etaxonomy.cdm.vaadin.view; |
| 2 | 2 |
|
| 3 | 3 |
import org.springframework.security.authentication.BadCredentialsException; |
| 4 |
import org.springframework.security.core.Authentication; |
|
| 5 | 4 |
|
| 6 | 5 |
import com.vaadin.annotations.AutoGenerated; |
| 7 | 6 |
import com.vaadin.data.validator.StringLengthValidator; |
| 8 | 7 |
import com.vaadin.event.ShortcutAction.KeyCode; |
| 9 | 8 |
import com.vaadin.navigator.View; |
| 10 | 9 |
import com.vaadin.navigator.ViewChangeListener.ViewChangeEvent; |
| 10 |
import com.vaadin.server.Page; |
|
| 11 |
import com.vaadin.server.VaadinServlet; |
|
| 11 | 12 |
import com.vaadin.ui.Alignment; |
| 12 | 13 |
import com.vaadin.ui.Button; |
| 13 | 14 |
import com.vaadin.ui.Button.ClickEvent; |
| ... | ... | |
| 20 | 21 |
import com.vaadin.ui.UI; |
| 21 | 22 |
import com.vaadin.ui.VerticalLayout; |
| 22 | 23 |
|
| 24 |
import eu.etaxonomy.cdm.vaadin.presenter.AuthenticationPresenter; |
|
| 23 | 25 |
import eu.etaxonomy.cdm.vaadin.ui.AbstractAuthenticatedUI; |
| 24 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinSessionUtilities; |
|
| 25 | 26 |
|
| 26 | 27 |
|
| 27 | 28 |
public class AuthenticationView extends CustomComponent implements IAuthenticationComponent, ClickListener , View {
|
| ... | ... | |
| 62 | 63 |
userNameTF.setNullRepresentation("");
|
| 63 | 64 |
userNameTF.focus(); |
| 64 | 65 |
|
| 66 |
authListener = new AuthenticationPresenter(); |
|
| 67 |
|
|
| 65 | 68 |
loginBtn.addClickListener(this); |
| 66 | 69 |
loginBtn.setClickShortcut(KeyCode.ENTER, null); |
| 67 | 70 |
} |
| ... | ... | |
| 74 | 77 |
|
| 75 | 78 |
@Override |
| 76 | 79 |
public void buttonClick(ClickEvent event) {
|
| 77 |
Authentication authentication = null; |
|
| 78 |
try {
|
|
| 79 |
authentication = authListener.login(userNameTF.getValue(), passwordField.getValue()); |
|
| 80 |
} catch(BadCredentialsException e){
|
|
| 81 |
Notification.show("Bad credentials", Notification.Type.ERROR_MESSAGE);
|
|
| 82 |
} |
|
| 83 |
if(authentication != null && authentication.isAuthenticated()) {
|
|
| 84 |
CdmVaadinSessionUtilities.setCurrentAttribute("authentication", authentication);
|
|
| 85 |
// we are sure that since we are in the authentication view that the |
|
| 86 |
// current ui should be of type AbstractAuthenticatedUI |
|
| 87 |
AbstractAuthenticatedUI aaui = (AbstractAuthenticatedUI) UI.getCurrent(); |
|
| 88 |
UI.getCurrent().getNavigator().navigateTo(aaui.getFirstViewName()); |
|
| 89 |
} |
|
| 80 |
boolean isAuthenticated = false; |
|
| 81 |
try {
|
|
| 82 |
isAuthenticated = authListener.login(Page.getCurrent().getLocation(), |
|
| 83 |
VaadinServlet.getCurrent().getServletContext().getContextPath(), |
|
| 84 |
userNameTF.getValue(), |
|
| 85 |
passwordField.getValue()); |
|
| 86 |
if(isAuthenticated) {
|
|
| 87 |
// we are sure that since we are in the authentication view that the |
|
| 88 |
// current ui should be of type AbstractAuthenticatedUI |
|
| 89 |
AbstractAuthenticatedUI aaui = (AbstractAuthenticatedUI) UI.getCurrent(); |
|
| 90 |
UI.getCurrent().getNavigator().navigateTo(aaui.getFirstViewName()); |
|
| 91 |
} |
|
| 92 |
} catch(BadCredentialsException e){
|
|
| 93 |
Notification.show("Bad credentials", Notification.Type.ERROR_MESSAGE);
|
|
| 94 |
} |
|
| 90 | 95 |
} |
| 91 | 96 |
|
| 92 | 97 |
@Override |
| src/main/java/eu/etaxonomy/cdm/vaadin/view/IAuthenticationComponent.java | ||
|---|---|---|
| 1 | 1 |
package eu.etaxonomy.cdm.vaadin.view; |
| 2 | 2 |
|
| 3 |
import org.springframework.security.core.Authentication; |
|
| 3 |
import java.net.URI; |
|
| 4 |
|
|
| 4 | 5 |
|
| 5 | 6 |
|
| 6 | 7 |
public interface IAuthenticationComponent {
|
| 7 |
|
|
| 8 |
|
|
| 8 | 9 |
public interface AuthenticationComponentListener {
|
| 9 |
Authentication login(String userName, String password); |
|
| 10 |
|
|
| 11 |
/** |
|
| 12 |
* @param uri |
|
| 13 |
* @param context |
|
| 14 |
* @param userName |
|
| 15 |
* @param password |
|
| 16 |
* @return |
|
| 17 |
*/ |
|
| 18 |
boolean login(URI uri, String context, String userName, String password); |
|
| 10 | 19 |
} |
| 11 | 20 |
public void addListener(AuthenticationComponentListener listener); |
| 12 |
|
|
| 21 |
|
|
| 13 | 22 |
|
| 14 | 23 |
} |
| src/test/java/eu/etaxonomy/cdm/vaadin/CdmVaadinBaseTest.java | ||
|---|---|---|
| 46 | 46 |
} |
| 47 | 47 |
QueryBuilder.setStringDecorator(new CdmSQLStringDecorator()); |
| 48 | 48 |
|
| 49 |
Assert.assertNotNull(vaadinServlet); |
|
| 49 | 50 |
Assert.assertEquals(vaadinServlet, VaadinServlet.getCurrent()); |
| 51 |
|
|
| 52 |
Assert.assertNotNull(servletContext); |
|
| 50 | 53 |
Assert.assertEquals(servletContext, VaadinServlet.getCurrent().getServletContext()); |
| 54 |
|
|
| 55 |
Assert.assertNotNull(vaadinSession); |
|
| 51 | 56 |
Assert.assertEquals(vaadinSession, VaadinSession.getCurrent()); |
| 57 |
|
|
| 58 |
Assert.assertNotNull(vaadinService); |
|
| 52 | 59 |
Assert.assertEquals(vaadinService, VaadinService.getCurrent()); |
| 53 | 60 |
} |
| 54 | 61 |
|
| ... | ... | |
| 78 | 85 |
} |
| 79 | 86 |
VaadinService.setCurrent(vaadinService); |
| 80 | 87 |
|
| 81 |
vaadinSession = new VaadinSession(vaadinService); |
|
| 88 |
vaadinSession = new MockVaadinSession(vaadinService);
|
|
| 82 | 89 |
VaadinSession.setCurrent(vaadinSession); |
| 83 | 90 |
|
| 84 | 91 |
isVaadinServletEnvCreated = true; |
| 85 | 92 |
} |
| 86 | 93 |
|
| 94 |
public static class MockVaadinSession extends VaadinSession {
|
|
| 95 |
MockVaadinSession(VaadinService service) {
|
|
| 96 |
super(service); |
|
| 97 |
} |
|
| 87 | 98 |
|
| 99 |
@Override |
|
| 100 |
public boolean hasLock() {
|
|
| 101 |
return true; |
|
| 102 |
} |
|
| 103 |
} |
|
| 88 | 104 |
} |
| src/test/java/eu/etaxonomy/cdm/vaadin/presenter/AuthenticationPresenterTest.java | ||
|---|---|---|
| 1 |
// $Id$ |
|
| 2 |
/** |
|
| 3 |
* Copyright (C) 2015 EDIT |
|
| 4 |
* European Distributed Institute of Taxonomy |
|
| 5 |
* http://www.e-taxonomy.eu |
|
| 6 |
* |
|
| 7 |
* The contents of this file are subject to the Mozilla Public License Version 1.1 |
|
| 8 |
* See LICENSE.TXT at the top of this package for the full license terms. |
|
| 9 |
*/ |
|
| 10 |
package eu.etaxonomy.cdm.vaadin.presenter; |
|
| 11 |
|
|
| 12 |
import java.net.URI; |
|
| 13 |
import java.net.URISyntaxException; |
|
| 14 |
|
|
| 15 |
import org.apache.log4j.Logger; |
|
| 16 |
import org.junit.Assert; |
|
| 17 |
import org.junit.BeforeClass; |
|
| 18 |
import org.junit.Test; |
|
| 19 |
import org.springframework.security.authentication.BadCredentialsException; |
|
| 20 |
|
|
| 21 |
import com.vaadin.server.VaadinSession; |
|
| 22 |
|
|
| 23 |
import eu.etaxonomy.cdm.vaadin.CdmVaadinBaseTest; |
|
| 24 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinAuthentication; |
|
| 25 |
|
|
| 26 |
/** |
|
| 27 |
* @author cmathew |
|
| 28 |
* @date 28 Apr 2015 |
|
| 29 |
* |
|
| 30 |
*/ |
|
| 31 |
public class AuthenticationPresenterTest extends CdmVaadinBaseTest {
|
|
| 32 |
|
|
| 33 |
private static final Logger logger = Logger.getLogger(AuthenticationPresenterTest.class); |
|
| 34 |
|
|
| 35 |
private static AuthenticationPresenter ap; |
|
| 36 |
|
|
| 37 |
@BeforeClass |
|
| 38 |
public static void init() {
|
|
| 39 |
ap = new AuthenticationPresenter(); |
|
| 40 |
} |
|
| 41 |
|
|
| 42 |
@Test |
|
| 43 |
public void testLogin() throws URISyntaxException {
|
|
| 44 |
URI uri = new URI("http://localhost:8080/cdm-vaadin/app/authtest");
|
|
| 45 |
String context = "/cdm-vaadin"; |
|
| 46 |
boolean isAuthenticated = false; |
|
| 47 |
try {
|
|
| 48 |
isAuthenticated = ap.login(uri, context, "admin", "000"); |
|
| 49 |
Assert.fail("BadCredentialsException should be thrown here");
|
|
| 50 |
} catch(BadCredentialsException e){
|
|
| 51 |
|
|
| 52 |
} |
|
| 53 |
|
|
| 54 |
isAuthenticated = ap.login(uri, context, "admin", "00000"); |
|
| 55 |
Assert.assertTrue(isAuthenticated); |
|
| 56 |
|
|
| 57 |
CdmVaadinAuthentication authentication = (CdmVaadinAuthentication) VaadinSession.getCurrent().getAttribute(CdmVaadinAuthentication.KEY); |
|
| 58 |
Assert.assertTrue(authentication.isAuthenticated(uri, context)); |
|
| 59 |
|
|
| 60 |
URI anotherUri = new URI("http://localhost:8081/cdm-edit/app/authtest");
|
|
| 61 |
Assert.assertFalse(authentication.isAuthenticated(anotherUri, context)); |
|
| 62 |
|
|
| 63 |
String anotherContext = "/cdm-edit"; |
|
| 64 |
Assert.assertFalse(authentication.isAuthenticated(uri, anotherContext)); |
|
| 65 |
|
|
| 66 |
isAuthenticated = ap.login(anotherUri, anotherContext, "admin", "00000"); |
|
| 67 |
Assert.assertTrue(isAuthenticated); |
|
| 68 |
|
|
| 69 |
Assert.assertTrue(authentication.isAuthenticated(anotherUri, anotherContext)); |
|
| 70 |
|
|
| 71 |
} |
|
| 72 |
|
|
| 73 |
} |
|
Also available in: Unified diff
fix for #4844
CdmVaadinAuthentication : new class used for authentication
AuthenticationPresenter, AbstractAuthenticatedUI, CdmVaadinSessionUtilities, AuthenticationView, IAuthenticationComponent : using new authentication object linked to host and context path
CdmVaadinBaseTest, AuthenticationPresenterTest : test classes for new authentication