1 |
329facb4
|
n.hoffmann
|
/**
|
2 |
|
|
* Copyright (C) 2007 EDIT
|
3 |
b92f1605
|
Andreas Kohlbecker
|
* European Distributed Institute of Taxonomy
|
4 |
329facb4
|
n.hoffmann
|
* http://www.e-taxonomy.eu
|
5 |
b92f1605
|
Andreas Kohlbecker
|
*
|
6 |
329facb4
|
n.hoffmann
|
* The contents of this file are subject to the Mozilla Public License Version 1.1
|
7 |
|
|
* See LICENSE.TXT at the top of this package for the full license terms.
|
8 |
|
|
*/
|
9 |
|
|
|
10 |
|
|
package eu.etaxonomy.taxeditor.store;
|
11 |
|
|
|
12 |
|
|
import java.util.Observable;
|
13 |
f4ba1ef6
|
Andreas Kohlbecker
|
import java.util.Set;
|
14 |
329facb4
|
n.hoffmann
|
|
15 |
f4ba1ef6
|
Andreas Kohlbecker
|
import org.apache.log4j.Logger;
|
16 |
3d3773ab
|
n.hoffmann
|
import org.eclipse.core.runtime.IProgressMonitor;
|
17 |
|
|
import org.eclipse.ui.IMemento;
|
18 |
bcfe7309
|
n.hoffmann
|
import org.springframework.security.authentication.BadCredentialsException;
|
19 |
|
|
import org.springframework.security.authentication.LockedException;
|
20 |
eca18c8b
|
n.hoffmann
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
21 |
|
|
import org.springframework.security.core.Authentication;
|
22 |
f4ba1ef6
|
Andreas Kohlbecker
|
import org.springframework.security.core.GrantedAuthority;
|
23 |
eca18c8b
|
n.hoffmann
|
import org.springframework.security.core.context.SecurityContextHolder;
|
24 |
329facb4
|
n.hoffmann
|
|
25 |
54108154
|
Cherian Mathew
|
import eu.etaxonomy.cdm.api.application.CdmApplicationState;
|
26 |
a60842d7
|
n.hoffmann
|
import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
|
27 |
|
|
import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
|
28 |
f4ba1ef6
|
Andreas Kohlbecker
|
import eu.etaxonomy.cdm.model.common.Group;
|
29 |
329facb4
|
n.hoffmann
|
import eu.etaxonomy.cdm.model.common.User;
|
30 |
a60842d7
|
n.hoffmann
|
import eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap;
|
31 |
3d3773ab
|
n.hoffmann
|
import eu.etaxonomy.taxeditor.model.IContextListener;
|
32 |
41e2f693
|
Cherian Mathew
|
import eu.etaxonomy.taxeditor.model.MessagingUtils;
|
33 |
329facb4
|
n.hoffmann
|
|
34 |
|
|
/**
|
35 |
3be6ef3e
|
n.hoffmann
|
* <p>LoginManager class.</p>
|
36 |
|
|
*
|
37 |
329facb4
|
n.hoffmann
|
* @author n.hoffmann
|
38 |
|
|
* @created 03.07.2009
|
39 |
|
|
* @version 1.0
|
40 |
|
|
*/
|
41 |
3d3773ab
|
n.hoffmann
|
public class LoginManager extends Observable implements IConversationEnabled, IContextListener{
|
42 |
b92f1605
|
Andreas Kohlbecker
|
|
43 |
f4ba1ef6
|
Andreas Kohlbecker
|
public static final Logger logger = Logger.getLogger(LoginManager.class);
|
44 |
b92f1605
|
Andreas Kohlbecker
|
|
45 |
a60842d7
|
n.hoffmann
|
private ConversationHolder conversation;
|
46 |
b92f1605
|
Andreas Kohlbecker
|
|
47 |
4ed38c9b
|
Cherian Mathew
|
public static final String INCORRECT_CREDENTIALS_MESSAGE = "Login and/or Password incorrect";
|
48 |
|
|
public static final String ACCOUNT_LOCKED_MESSAGE = "Account is locked";
|
49 |
|
|
public static final String EMPTY_CREDENTIALS_MESSAGE = "Login and/or Password empty";
|
50 |
|
|
|
51 |
3d3773ab
|
n.hoffmann
|
public LoginManager(){
|
52 |
4ed38c9b
|
Cherian Mathew
|
CdmStore.getContextManager().addContextListener(this);
|
53 |
3d3773ab
|
n.hoffmann
|
}
|
54 |
b92f1605
|
Andreas Kohlbecker
|
|
55 |
329facb4
|
n.hoffmann
|
/**
|
56 |
3be6ef3e
|
n.hoffmann
|
* <p>authenticate</p>
|
57 |
|
|
*
|
58 |
|
|
* @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
|
59 |
45716169
|
Andreas Kohlbecker
|
* @return true if the login attempt was successful even if the authentication has changed or not
|
60 |
329facb4
|
n.hoffmann
|
*/
|
61 |
a84a1660
|
Andreas Kohlbecker
|
public boolean authenticate(String username, String password){
|
62 |
19c39bf4
|
Cherian Mathew
|
try{
|
63 |
|
|
doAuthenticate(username, password);
|
64 |
|
|
} catch (CdmAuthenticationException e) {
|
65 |
|
|
MessagingUtils.warningDialog("Could not authenticate", this, e.getMessage());
|
66 |
2a086835
|
Cherian Mathew
|
return false;
|
67 |
19c39bf4
|
Cherian Mathew
|
}
|
68 |
573aae9a
|
Cherian Mathew
|
return true;
|
69 |
19c39bf4
|
Cherian Mathew
|
}
|
70 |
|
|
|
71 |
|
|
public void doAuthenticate(String username, String password) throws CdmAuthenticationException {
|
72 |
|
|
try {
|
73 |
|
|
SecurityContextHolder.clearContext();
|
74 |
|
|
Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
|
75 |
|
|
|
76 |
|
|
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
|
77 |
|
|
Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
|
78 |
|
|
|
79 |
|
|
User user = (User) authentication.getPrincipal();
|
80 |
|
|
/* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
|
81 |
|
|
* see http://dev.e-taxonomy.eu/trac/ticket/4053 */
|
82 |
|
|
user.initAuthorities();
|
83 |
|
|
|
84 |
|
|
if(logger.isDebugEnabled()){
|
85 |
|
|
StringBuilder gaText = new StringBuilder();
|
86 |
|
|
String indent = " ";
|
87 |
|
|
Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
|
88 |
|
|
_logGrantedAuthotities(gaText, indent, gaSet);
|
89 |
|
|
for(Group gr : user.getGroups()){
|
90 |
|
|
gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
|
91 |
|
|
_logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
|
92 |
|
|
}
|
93 |
|
|
logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
|
94 |
|
|
}
|
95 |
|
|
|
96 |
|
|
authentication = new UsernamePasswordAuthenticationToken(user,password, authentication.getAuthorities());
|
97 |
|
|
SecurityContextHolder.getContext().setAuthentication(authentication);
|
98 |
|
|
CdmApplicationState.setCurrentSecurityContext(SecurityContextHolder.getContext());
|
99 |
|
|
|
100 |
|
|
if(!authentication.equals(lastAuthentication)){
|
101 |
|
|
this.setChanged();
|
102 |
|
|
this.notifyObservers();
|
103 |
|
|
}
|
104 |
|
|
} catch(BadCredentialsException e){
|
105 |
4ed38c9b
|
Cherian Mathew
|
throw new CdmAuthenticationException(INCORRECT_CREDENTIALS_MESSAGE, e);
|
106 |
19c39bf4
|
Cherian Mathew
|
} catch(LockedException e){
|
107 |
4ed38c9b
|
Cherian Mathew
|
throw new CdmAuthenticationException(ACCOUNT_LOCKED_MESSAGE, e);
|
108 |
19c39bf4
|
Cherian Mathew
|
} catch(IllegalArgumentException e){
|
109 |
4ed38c9b
|
Cherian Mathew
|
throw new CdmAuthenticationException(EMPTY_CREDENTIALS_MESSAGE, e);
|
110 |
19c39bf4
|
Cherian Mathew
|
}
|
111 |
|
|
|
112 |
329facb4
|
n.hoffmann
|
}
|
113 |
f4ba1ef6
|
Andreas Kohlbecker
|
|
114 |
4ed38c9b
|
Cherian Mathew
|
|
115 |
f4ba1ef6
|
Andreas Kohlbecker
|
private void _logGrantedAuthotities(StringBuilder gaText, String indent,
|
116 |
|
|
Set<GrantedAuthority> gaSet) {
|
117 |
|
|
for(GrantedAuthority ga : gaSet){
|
118 |
|
|
gaText.append(indent).append("ga[").append(ga.hashCode()).append("] ").append(ga.toString()).append("\n");
|
119 |
|
|
}
|
120 |
|
|
}
|
121 |
b92f1605
|
Andreas Kohlbecker
|
|
122 |
329facb4
|
n.hoffmann
|
/**
|
123 |
3be6ef3e
|
n.hoffmann
|
* <p>getAuthenticatedUser</p>
|
124 |
|
|
*
|
125 |
|
|
* @return a {@link eu.etaxonomy.cdm.model.common.User} object.
|
126 |
329facb4
|
n.hoffmann
|
*/
|
127 |
|
|
public User getAuthenticatedUser(){
|
128 |
233a8fe2
|
Cherian Mathew
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
129 |
b92f1605
|
Andreas Kohlbecker
|
|
130 |
|
|
if(authentication != null
|
131 |
|
|
&& authentication.getPrincipal() != null
|
132 |
329facb4
|
n.hoffmann
|
&& authentication.getPrincipal() instanceof User){
|
133 |
|
|
return (User)authentication.getPrincipal();
|
134 |
|
|
}
|
135 |
|
|
return null;
|
136 |
|
|
}
|
137 |
b92f1605
|
Andreas Kohlbecker
|
|
138 |
bcfe7309
|
n.hoffmann
|
public void logoutAll(){
|
139 |
|
|
SecurityContextHolder.clearContext();
|
140 |
b92f1605
|
Andreas Kohlbecker
|
notifyObservers();
|
141 |
bcfe7309
|
n.hoffmann
|
}
|
142 |
a60842d7
|
n.hoffmann
|
|
143 |
|
|
/* (non-Javadoc)
|
144 |
|
|
* @see eu.etaxonomy.cdm.persistence.hibernate.ICdmPostDataChangeObserver#update(eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap)
|
145 |
|
|
*/
|
146 |
|
|
@Override
|
147 |
|
|
public void update(CdmDataChangeMap arg) {}
|
148 |
|
|
|
149 |
|
|
/* (non-Javadoc)
|
150 |
|
|
* @see eu.etaxonomy.cdm.api.conversation.IConversationEnabled#getConversationHolder()
|
151 |
|
|
*/
|
152 |
|
|
@Override
|
153 |
|
|
public ConversationHolder getConversationHolder() {
|
154 |
|
|
if(conversation == null){
|
155 |
|
|
conversation = CdmStore.createConversation();
|
156 |
|
|
}
|
157 |
|
|
return conversation;
|
158 |
|
|
}
|
159 |
59351073
|
n.hoffmann
|
|
160 |
|
|
/**
|
161 |
|
|
* Whether the current user has the role admin
|
162 |
b92f1605
|
Andreas Kohlbecker
|
*
|
163 |
59351073
|
n.hoffmann
|
* @return
|
164 |
|
|
*/
|
165 |
|
|
public boolean isAdmin() {
|
166 |
|
|
// FIXME until we have rights implemented properly we do this
|
167 |
b92f1605
|
Andreas Kohlbecker
|
// by a simple string check. This has to change
|
168 |
|
|
|
169 |
59351073
|
n.hoffmann
|
return "admin".equals(getAuthenticatedUser().getUsername());
|
170 |
|
|
}
|
171 |
3d3773ab
|
n.hoffmann
|
|
172 |
|
|
@Override
|
173 |
|
|
public void contextAboutToStop(IMemento memento, IProgressMonitor monitor) {
|
174 |
b92f1605
|
Andreas Kohlbecker
|
|
175 |
3d3773ab
|
n.hoffmann
|
}
|
176 |
|
|
|
177 |
|
|
@Override
|
178 |
|
|
public void contextStop(IMemento memento, IProgressMonitor monitor) {
|
179 |
b92f1605
|
Andreas Kohlbecker
|
|
180 |
3d3773ab
|
n.hoffmann
|
}
|
181 |
|
|
|
182 |
|
|
@Override
|
183 |
c15a26dc
|
n.hoffmann
|
public void contextStart(IMemento memento, IProgressMonitor monitor){
|
184 |
3d3773ab
|
n.hoffmann
|
conversation = CdmStore.createConversation();
|
185 |
|
|
}
|
186 |
|
|
|
187 |
|
|
@Override
|
188 |
|
|
public void contextRefresh(IProgressMonitor monitor) {
|
189 |
|
|
conversation = CdmStore.createConversation();
|
190 |
|
|
}
|
191 |
|
|
|
192 |
|
|
@Override
|
193 |
|
|
public void workbenchShutdown(IMemento memento, IProgressMonitor monitor) {
|
194 |
b92f1605
|
Andreas Kohlbecker
|
|
195 |
3d3773ab
|
n.hoffmann
|
}
|
196 |
329facb4
|
n.hoffmann
|
}
|