Revision 93fcde18
Added by Cherian Mathew almost 9 years ago
src/main/java/eu/etaxonomy/cdm/vaadin/presenter/AuthenticationPresenter.java | ||
---|---|---|
1 | 1 |
package eu.etaxonomy.cdm.vaadin.presenter; |
2 | 2 |
|
3 |
import java.net.URI; |
|
4 |
|
|
3 | 5 |
import org.springframework.security.authentication.AuthenticationManager; |
4 | 6 |
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
5 | 7 |
import org.springframework.security.core.Authentication; |
6 | 8 |
|
9 |
import com.vaadin.server.VaadinSession; |
|
10 |
|
|
7 | 11 |
import eu.etaxonomy.cdm.vaadin.util.CdmSpringContextHelper; |
8 |
import eu.etaxonomy.cdm.vaadin.view.AuthenticationView; |
|
12 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinAuthentication; |
|
13 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinSessionUtilities; |
|
9 | 14 |
import eu.etaxonomy.cdm.vaadin.view.IAuthenticationComponent; |
10 | 15 |
|
11 | 16 |
|
12 | 17 |
|
13 | 18 |
public class AuthenticationPresenter implements IAuthenticationComponent.AuthenticationComponentListener{ |
14 | 19 |
|
15 |
private final AuthenticationView view; |
|
16 |
|
|
17 |
public AuthenticationPresenter(AuthenticationView view) { |
|
18 |
this.view = view; |
|
19 |
view.addListener(this); |
|
20 |
} |
|
21 |
|
|
22 |
@Override |
|
23 |
public Authentication login(String userName, String password) { |
|
24 |
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(userName, password); |
|
25 |
AuthenticationManager authenticationManager = (AuthenticationManager) CdmSpringContextHelper.getCurrent().getBean("authenticationManager"); |
|
26 |
Authentication authentication = authenticationManager.authenticate(token); |
|
27 |
return authentication; |
|
28 |
} |
|
20 |
@Override |
|
21 |
public boolean login(URI uri, String context, String userName, String password) { |
|
22 |
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(userName, password); |
|
23 |
AuthenticationManager authenticationManager = (AuthenticationManager) CdmSpringContextHelper.getCurrent().getBean("authenticationManager"); |
|
24 |
Authentication authentication = authenticationManager.authenticate(token); |
|
25 |
if(authentication != null && authentication.isAuthenticated()) { |
|
26 |
CdmVaadinAuthentication cvAuthentication = (CdmVaadinAuthentication) VaadinSession.getCurrent().getAttribute(CdmVaadinAuthentication.KEY); |
|
27 |
if(cvAuthentication == null) { |
|
28 |
cvAuthentication = new CdmVaadinAuthentication(); |
|
29 |
} |
|
30 |
cvAuthentication.addAuthentication(uri, context, authentication); |
|
31 |
CdmVaadinSessionUtilities.setCurrentAttribute(CdmVaadinAuthentication.KEY, cvAuthentication); |
|
32 |
return true; |
|
33 |
} |
|
34 |
return false; |
|
35 |
} |
|
29 | 36 |
|
30 | 37 |
} |
src/main/java/eu/etaxonomy/cdm/vaadin/ui/AbstractAuthenticatedUI.java | ||
---|---|---|
1 | 1 |
package eu.etaxonomy.cdm.vaadin.ui; |
2 | 2 |
|
3 |
import java.net.URI; |
|
3 | 4 |
import java.util.logging.Logger; |
4 | 5 |
|
5 |
import org.springframework.security.core.Authentication; |
|
6 |
|
|
7 | 6 |
import com.vaadin.navigator.Navigator; |
7 |
import com.vaadin.server.Page; |
|
8 | 8 |
import com.vaadin.server.VaadinRequest; |
9 |
import com.vaadin.server.VaadinServlet; |
|
9 | 10 |
import com.vaadin.server.VaadinSession; |
10 | 11 |
import com.vaadin.ui.UI; |
11 | 12 |
|
12 |
import eu.etaxonomy.cdm.vaadin.presenter.AuthenticationPresenter;
|
|
13 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinAuthentication;
|
|
13 | 14 |
import eu.etaxonomy.cdm.vaadin.view.AuthenticationView; |
14 | 15 |
|
15 | 16 |
public abstract class AbstractAuthenticatedUI extends CdmBaseUI { |
... | ... | |
39 | 40 |
navigator.addView(AUTHENTICATION_VIEW, av); |
40 | 41 |
|
41 | 42 |
|
42 |
new AuthenticationPresenter(av); |
|
43 |
|
|
43 | 44 |
// Create and register the views |
44 |
Authentication authentication = (Authentication) VaadinSession.getCurrent().getAttribute("authentication");
|
|
45 |
CdmVaadinAuthentication cvAuthentication = (CdmVaadinAuthentication) VaadinSession.getCurrent().getAttribute(CdmVaadinAuthentication.KEY);
|
|
45 | 46 |
|
46 | 47 |
doInit(request); |
47 |
|
|
48 |
if(ignoreAuthentication || (authentication != null && authentication.isAuthenticated())) { |
|
49 |
UI.getCurrent().getNavigator().navigateTo(getFirstViewName()); |
|
48 |
URI uri = Page.getCurrent().getLocation(); |
|
49 |
String context = VaadinServlet.getCurrent().getServletContext().getContextPath(); |
|
50 |
if(ignoreAuthentication || (cvAuthentication != null && cvAuthentication.isAuthenticated(uri, context))) { |
|
51 |
UI.getCurrent().getNavigator().navigateTo(getFirstViewName()); |
|
50 | 52 |
} else { |
51 |
UI.getCurrent().getNavigator().navigateTo(AUTHENTICATION_VIEW);
|
|
53 |
UI.getCurrent().getNavigator().navigateTo(AUTHENTICATION_VIEW);
|
|
52 | 54 |
} |
53 | 55 |
} |
54 | 56 |
|
src/main/java/eu/etaxonomy/cdm/vaadin/util/CdmVaadinAuthentication.java | ||
---|---|---|
1 |
// $Id$ |
|
2 |
/** |
|
3 |
* Copyright (C) 2015 EDIT |
|
4 |
* European Distributed Institute of Taxonomy |
|
5 |
* http://www.e-taxonomy.eu |
|
6 |
* |
|
7 |
* The contents of this file are subject to the Mozilla Public License Version 1.1 |
|
8 |
* See LICENSE.TXT at the top of this package for the full license terms. |
|
9 |
*/ |
|
10 |
package eu.etaxonomy.cdm.vaadin.util; |
|
11 |
|
|
12 |
import java.net.URI; |
|
13 |
import java.util.HashMap; |
|
14 |
import java.util.Map; |
|
15 |
|
|
16 |
import org.apache.log4j.Logger; |
|
17 |
import org.springframework.security.core.Authentication; |
|
18 |
|
|
19 |
/** |
|
20 |
* @author cmathew |
|
21 |
* @date 28 Apr 2015 |
|
22 |
* |
|
23 |
*/ |
|
24 |
public class CdmVaadinAuthentication { |
|
25 |
private final static Logger logger = Logger.getLogger(CdmVaadinAuthentication.class); |
|
26 |
|
|
27 |
public static final String KEY = "key_authentication"; |
|
28 |
|
|
29 |
Map<String, Authentication> hostAuthenticationMap = new HashMap<String, Authentication>(); |
|
30 |
|
|
31 |
public void addAuthentication(URI requestSourceUri, String requestSourceContext, Authentication authentication) { |
|
32 |
addAuthentication(getRequestSource(requestSourceUri, requestSourceContext), authentication); |
|
33 |
} |
|
34 |
|
|
35 |
public void addAuthentication(String requestSource, Authentication authentication) { |
|
36 |
if(requestSource == null || requestSource.isEmpty()) { |
|
37 |
throw new IllegalStateException("When setting authentication, host cannot be null or empty"); |
|
38 |
} |
|
39 |
|
|
40 |
if(authentication == null) { |
|
41 |
throw new IllegalStateException("When setting authentication, authentication object cannot be null"); |
|
42 |
} |
|
43 |
hostAuthenticationMap.put(requestSource, authentication); |
|
44 |
} |
|
45 |
|
|
46 |
public boolean isAuthenticated(URI uri, String context) { |
|
47 |
if(uri != null && context != null && !context.isEmpty()) { |
|
48 |
Authentication authentication = hostAuthenticationMap.get(getRequestSource(uri, context)); |
|
49 |
if(authentication != null) { |
|
50 |
return authentication.isAuthenticated(); |
|
51 |
} |
|
52 |
} |
|
53 |
return false; |
|
54 |
} |
|
55 |
|
|
56 |
public static String getRequestSource(URI uri, String context) { |
|
57 |
String source = uri.getHost() + ":" + String.valueOf(uri.getPort()) + context; |
|
58 |
logger.warn(" request source : " + source); |
|
59 |
return source; |
|
60 |
} |
|
61 |
|
|
62 |
} |
src/main/java/eu/etaxonomy/cdm/vaadin/util/CdmVaadinSessionUtilities.java | ||
---|---|---|
9 | 9 |
*/ |
10 | 10 |
package eu.etaxonomy.cdm.vaadin.util; |
11 | 11 |
|
12 |
import java.util.concurrent.locks.Lock; |
|
13 |
|
|
12 | 14 |
import org.apache.log4j.Logger; |
13 | 15 |
|
14 | 16 |
import com.vaadin.server.VaadinSession; |
... | ... | |
27 | 29 |
private static final Logger logger = Logger.getLogger(CdmVaadinSessionUtilities.class); |
28 | 30 |
|
29 | 31 |
public static void setCurrentAttribute(String name, Object value) { |
32 |
Lock sessionLock = VaadinSession.getCurrent().getLockInstance(); |
|
30 | 33 |
try { |
31 |
VaadinSession.getCurrent().getLockInstance().lock(); |
|
34 |
if(sessionLock != null) { |
|
35 |
sessionLock.lock(); |
|
36 |
} |
|
32 | 37 |
VaadinSession.getCurrent().setAttribute(name, value); |
33 | 38 |
} finally { |
34 |
VaadinSession.getCurrent().getLockInstance().unlock(); |
|
39 |
if(sessionLock != null) { |
|
40 |
sessionLock.unlock(); |
|
41 |
} |
|
35 | 42 |
} |
36 | 43 |
} |
37 | 44 |
|
src/main/java/eu/etaxonomy/cdm/vaadin/view/AuthenticationView.java | ||
---|---|---|
1 | 1 |
package eu.etaxonomy.cdm.vaadin.view; |
2 | 2 |
|
3 | 3 |
import org.springframework.security.authentication.BadCredentialsException; |
4 |
import org.springframework.security.core.Authentication; |
|
5 | 4 |
|
6 | 5 |
import com.vaadin.annotations.AutoGenerated; |
7 | 6 |
import com.vaadin.data.validator.StringLengthValidator; |
8 | 7 |
import com.vaadin.event.ShortcutAction.KeyCode; |
9 | 8 |
import com.vaadin.navigator.View; |
10 | 9 |
import com.vaadin.navigator.ViewChangeListener.ViewChangeEvent; |
10 |
import com.vaadin.server.Page; |
|
11 |
import com.vaadin.server.VaadinServlet; |
|
11 | 12 |
import com.vaadin.ui.Alignment; |
12 | 13 |
import com.vaadin.ui.Button; |
13 | 14 |
import com.vaadin.ui.Button.ClickEvent; |
... | ... | |
20 | 21 |
import com.vaadin.ui.UI; |
21 | 22 |
import com.vaadin.ui.VerticalLayout; |
22 | 23 |
|
24 |
import eu.etaxonomy.cdm.vaadin.presenter.AuthenticationPresenter; |
|
23 | 25 |
import eu.etaxonomy.cdm.vaadin.ui.AbstractAuthenticatedUI; |
24 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinSessionUtilities; |
|
25 | 26 |
|
26 | 27 |
|
27 | 28 |
public class AuthenticationView extends CustomComponent implements IAuthenticationComponent, ClickListener , View { |
... | ... | |
62 | 63 |
userNameTF.setNullRepresentation(""); |
63 | 64 |
userNameTF.focus(); |
64 | 65 |
|
66 |
authListener = new AuthenticationPresenter(); |
|
67 |
|
|
65 | 68 |
loginBtn.addClickListener(this); |
66 | 69 |
loginBtn.setClickShortcut(KeyCode.ENTER, null); |
67 | 70 |
} |
... | ... | |
74 | 77 |
|
75 | 78 |
@Override |
76 | 79 |
public void buttonClick(ClickEvent event) { |
77 |
Authentication authentication = null; |
|
78 |
try { |
|
79 |
authentication = authListener.login(userNameTF.getValue(), passwordField.getValue()); |
|
80 |
} catch(BadCredentialsException e){ |
|
81 |
Notification.show("Bad credentials", Notification.Type.ERROR_MESSAGE); |
|
82 |
} |
|
83 |
if(authentication != null && authentication.isAuthenticated()) { |
|
84 |
CdmVaadinSessionUtilities.setCurrentAttribute("authentication", authentication); |
|
85 |
// we are sure that since we are in the authentication view that the |
|
86 |
// current ui should be of type AbstractAuthenticatedUI |
|
87 |
AbstractAuthenticatedUI aaui = (AbstractAuthenticatedUI) UI.getCurrent(); |
|
88 |
UI.getCurrent().getNavigator().navigateTo(aaui.getFirstViewName()); |
|
89 |
} |
|
80 |
boolean isAuthenticated = false; |
|
81 |
try { |
|
82 |
isAuthenticated = authListener.login(Page.getCurrent().getLocation(), |
|
83 |
VaadinServlet.getCurrent().getServletContext().getContextPath(), |
|
84 |
userNameTF.getValue(), |
|
85 |
passwordField.getValue()); |
|
86 |
if(isAuthenticated) { |
|
87 |
// we are sure that since we are in the authentication view that the |
|
88 |
// current ui should be of type AbstractAuthenticatedUI |
|
89 |
AbstractAuthenticatedUI aaui = (AbstractAuthenticatedUI) UI.getCurrent(); |
|
90 |
UI.getCurrent().getNavigator().navigateTo(aaui.getFirstViewName()); |
|
91 |
} |
|
92 |
} catch(BadCredentialsException e){ |
|
93 |
Notification.show("Bad credentials", Notification.Type.ERROR_MESSAGE); |
|
94 |
} |
|
90 | 95 |
} |
91 | 96 |
|
92 | 97 |
@Override |
src/main/java/eu/etaxonomy/cdm/vaadin/view/IAuthenticationComponent.java | ||
---|---|---|
1 | 1 |
package eu.etaxonomy.cdm.vaadin.view; |
2 | 2 |
|
3 |
import org.springframework.security.core.Authentication; |
|
3 |
import java.net.URI; |
|
4 |
|
|
4 | 5 |
|
5 | 6 |
|
6 | 7 |
public interface IAuthenticationComponent { |
7 |
|
|
8 |
|
|
8 | 9 |
public interface AuthenticationComponentListener { |
9 |
Authentication login(String userName, String password); |
|
10 |
|
|
11 |
/** |
|
12 |
* @param uri |
|
13 |
* @param context |
|
14 |
* @param userName |
|
15 |
* @param password |
|
16 |
* @return |
|
17 |
*/ |
|
18 |
boolean login(URI uri, String context, String userName, String password); |
|
10 | 19 |
} |
11 | 20 |
public void addListener(AuthenticationComponentListener listener); |
12 |
|
|
21 |
|
|
13 | 22 |
|
14 | 23 |
} |
src/test/java/eu/etaxonomy/cdm/vaadin/CdmVaadinBaseTest.java | ||
---|---|---|
46 | 46 |
} |
47 | 47 |
QueryBuilder.setStringDecorator(new CdmSQLStringDecorator()); |
48 | 48 |
|
49 |
Assert.assertNotNull(vaadinServlet); |
|
49 | 50 |
Assert.assertEquals(vaadinServlet, VaadinServlet.getCurrent()); |
51 |
|
|
52 |
Assert.assertNotNull(servletContext); |
|
50 | 53 |
Assert.assertEquals(servletContext, VaadinServlet.getCurrent().getServletContext()); |
54 |
|
|
55 |
Assert.assertNotNull(vaadinSession); |
|
51 | 56 |
Assert.assertEquals(vaadinSession, VaadinSession.getCurrent()); |
57 |
|
|
58 |
Assert.assertNotNull(vaadinService); |
|
52 | 59 |
Assert.assertEquals(vaadinService, VaadinService.getCurrent()); |
53 | 60 |
} |
54 | 61 |
|
... | ... | |
78 | 85 |
} |
79 | 86 |
VaadinService.setCurrent(vaadinService); |
80 | 87 |
|
81 |
vaadinSession = new VaadinSession(vaadinService); |
|
88 |
vaadinSession = new MockVaadinSession(vaadinService);
|
|
82 | 89 |
VaadinSession.setCurrent(vaadinSession); |
83 | 90 |
|
84 | 91 |
isVaadinServletEnvCreated = true; |
85 | 92 |
} |
86 | 93 |
|
94 |
public static class MockVaadinSession extends VaadinSession { |
|
95 |
MockVaadinSession(VaadinService service) { |
|
96 |
super(service); |
|
97 |
} |
|
87 | 98 |
|
99 |
@Override |
|
100 |
public boolean hasLock() { |
|
101 |
return true; |
|
102 |
} |
|
103 |
} |
|
88 | 104 |
} |
src/test/java/eu/etaxonomy/cdm/vaadin/presenter/AuthenticationPresenterTest.java | ||
---|---|---|
1 |
// $Id$ |
|
2 |
/** |
|
3 |
* Copyright (C) 2015 EDIT |
|
4 |
* European Distributed Institute of Taxonomy |
|
5 |
* http://www.e-taxonomy.eu |
|
6 |
* |
|
7 |
* The contents of this file are subject to the Mozilla Public License Version 1.1 |
|
8 |
* See LICENSE.TXT at the top of this package for the full license terms. |
|
9 |
*/ |
|
10 |
package eu.etaxonomy.cdm.vaadin.presenter; |
|
11 |
|
|
12 |
import java.net.URI; |
|
13 |
import java.net.URISyntaxException; |
|
14 |
|
|
15 |
import org.apache.log4j.Logger; |
|
16 |
import org.junit.Assert; |
|
17 |
import org.junit.BeforeClass; |
|
18 |
import org.junit.Test; |
|
19 |
import org.springframework.security.authentication.BadCredentialsException; |
|
20 |
|
|
21 |
import com.vaadin.server.VaadinSession; |
|
22 |
|
|
23 |
import eu.etaxonomy.cdm.vaadin.CdmVaadinBaseTest; |
|
24 |
import eu.etaxonomy.cdm.vaadin.util.CdmVaadinAuthentication; |
|
25 |
|
|
26 |
/** |
|
27 |
* @author cmathew |
|
28 |
* @date 28 Apr 2015 |
|
29 |
* |
|
30 |
*/ |
|
31 |
public class AuthenticationPresenterTest extends CdmVaadinBaseTest { |
|
32 |
|
|
33 |
private static final Logger logger = Logger.getLogger(AuthenticationPresenterTest.class); |
|
34 |
|
|
35 |
private static AuthenticationPresenter ap; |
|
36 |
|
|
37 |
@BeforeClass |
|
38 |
public static void init() { |
|
39 |
ap = new AuthenticationPresenter(); |
|
40 |
} |
|
41 |
|
|
42 |
@Test |
|
43 |
public void testLogin() throws URISyntaxException { |
|
44 |
URI uri = new URI("http://localhost:8080/cdm-vaadin/app/authtest"); |
|
45 |
String context = "/cdm-vaadin"; |
|
46 |
boolean isAuthenticated = false; |
|
47 |
try { |
|
48 |
isAuthenticated = ap.login(uri, context, "admin", "000"); |
|
49 |
Assert.fail("BadCredentialsException should be thrown here"); |
|
50 |
} catch(BadCredentialsException e){ |
|
51 |
|
|
52 |
} |
|
53 |
|
|
54 |
isAuthenticated = ap.login(uri, context, "admin", "00000"); |
|
55 |
Assert.assertTrue(isAuthenticated); |
|
56 |
|
|
57 |
CdmVaadinAuthentication authentication = (CdmVaadinAuthentication) VaadinSession.getCurrent().getAttribute(CdmVaadinAuthentication.KEY); |
|
58 |
Assert.assertTrue(authentication.isAuthenticated(uri, context)); |
|
59 |
|
|
60 |
URI anotherUri = new URI("http://localhost:8081/cdm-edit/app/authtest"); |
|
61 |
Assert.assertFalse(authentication.isAuthenticated(anotherUri, context)); |
|
62 |
|
|
63 |
String anotherContext = "/cdm-edit"; |
|
64 |
Assert.assertFalse(authentication.isAuthenticated(uri, anotherContext)); |
|
65 |
|
|
66 |
isAuthenticated = ap.login(anotherUri, anotherContext, "admin", "00000"); |
|
67 |
Assert.assertTrue(isAuthenticated); |
|
68 |
|
|
69 |
Assert.assertTrue(authentication.isAuthenticated(anotherUri, anotherContext)); |
|
70 |
|
|
71 |
} |
|
72 |
|
|
73 |
} |
Also available in: Unified diff
fix for #4844
CdmVaadinAuthentication : new class used for authentication
AuthenticationPresenter, AbstractAuthenticatedUI, CdmVaadinSessionUtilities, AuthenticationView, IAuthenticationComponent : using new authentication object linked to host and context path
CdmVaadinBaseTest, AuthenticationPresenterTest : test classes for new authentication