Project

General

Profile

Download (6.85 KB) Statistics
| Branch: | Tag: | Revision:
1
/**
2
* Copyright (C) 2007 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9

    
10
package eu.etaxonomy.taxeditor.store;
11

    
12
import java.util.Observable;
13
import java.util.Set;
14

    
15
import org.apache.log4j.Logger;
16
import org.eclipse.core.runtime.IProgressMonitor;
17
import org.eclipse.ui.IMemento;
18
import org.springframework.security.authentication.BadCredentialsException;
19
import org.springframework.security.authentication.LockedException;
20
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
21
import org.springframework.security.core.Authentication;
22
import org.springframework.security.core.GrantedAuthority;
23
import org.springframework.security.core.context.SecurityContextHolder;
24

    
25
import eu.etaxonomy.cdm.api.application.CdmApplicationState;
26
import eu.etaxonomy.cdm.api.conversation.ConversationHolder;
27
import eu.etaxonomy.cdm.api.conversation.IConversationEnabled;
28
import eu.etaxonomy.cdm.model.common.Group;
29
import eu.etaxonomy.cdm.model.common.User;
30
import eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap;
31
import eu.etaxonomy.taxeditor.model.AbstractUtility;
32
import eu.etaxonomy.taxeditor.model.IContextListener;
33
import eu.etaxonomy.taxeditor.model.MessagingUtils;
34

    
35
/**
36
 * <p>LoginManager class.</p>
37
 *
38
 * @author n.hoffmann
39
 * @created 03.07.2009
40
 * @version 1.0
41
 */
42
public class LoginManager extends Observable implements IConversationEnabled, IContextListener{
43

    
44
	public static final Logger logger = Logger.getLogger(LoginManager.class);
45

    
46
	private ConversationHolder conversation;
47

    
48
	public static final String INCORRECT_CREDENTIALS_MESSAGE = "Login and/or Password incorrect";
49
	public static final String ACCOUNT_LOCKED_MESSAGE = "Account is locked";
50
	public static final String EMPTY_CREDENTIALS_MESSAGE = "Login and/or Password empty";
51

    
52
	public LoginManager(){
53
	    CdmStore.getContextManager().addContextListener(this);
54
	}
55

    
56
	/**
57
	 * <p>authenticate</p>
58
	 *
59
	 * @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
60
	 * @return true if the login attempt was successful even if the authentication has changed or not
61
	 */
62
	public boolean authenticate(String username, String password){
63

    
64
	    // close all open editors
65
	    if(!AbstractUtility.closeAll()){
66
	        return false;
67
	    }
68

    
69

    
70
	    try{
71
	        doAuthenticate(username, password);
72
	    } catch (CdmAuthenticationException e) {
73
	        MessagingUtils.warningDialog("Could not authenticate", this, e.getMessage());
74
	        return false;
75
        }
76
	    return true;
77
	}
78

    
79
	public void doAuthenticate(String username, String password) throws CdmAuthenticationException {
80
	    try {
81
	        SecurityContextHolder.clearContext();
82
	        Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
83

    
84
	        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
85
	        Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
86

    
87
	        User user = (User) authentication.getPrincipal();
88
	        /* circumventing problem with hibernate not refreshing the transient collection authorities in this case,
89
	         * see http://dev.e-taxonomy.eu/trac/ticket/4053 */
90
	        user.initAuthorities();
91

    
92
	        if(logger.isDebugEnabled()){
93
	            StringBuilder gaText = new StringBuilder();
94
	            String indent = "    ";
95
	            Set<GrantedAuthority> gaSet = user.getGrantedAuthorities();
96
	            _logGrantedAuthotities(gaText, indent, gaSet);
97
	            for(Group gr : user.getGroups()){
98
	                gaText.append(indent).append("gr[").append(gr.hashCode()).append("] \"").append(gr.getName()).append("\" ").append(gr.toString()).append("\n");
99
	                _logGrantedAuthotities(gaText, indent + indent, gr.getGrantedAuthorities());
100
	            }
101
	            logger.debug("User authenticated: " + user.getUsername() + "\n" + gaText.toString());
102
	        }
103

    
104
	        authentication = new UsernamePasswordAuthenticationToken(user,password, authentication.getAuthorities());
105
	        SecurityContextHolder.getContext().setAuthentication(authentication);
106
	        CdmApplicationState.setCurrentSecurityContext(SecurityContextHolder.getContext());
107

    
108
	        if(!authentication.equals(lastAuthentication)){
109
	            this.setChanged();
110
	            this.notifyObservers();
111
	        }
112
	    } catch(BadCredentialsException e){
113
	        throw new CdmAuthenticationException(INCORRECT_CREDENTIALS_MESSAGE, e);
114
	    } catch(LockedException e){
115
	        throw new CdmAuthenticationException(ACCOUNT_LOCKED_MESSAGE, e);
116
	    } catch(IllegalArgumentException e){
117
	        throw new CdmAuthenticationException(EMPTY_CREDENTIALS_MESSAGE, e);
118
	    }
119

    
120
	}
121

    
122

    
123
	private void _logGrantedAuthotities(StringBuilder gaText, String indent,
124
			Set<GrantedAuthority> gaSet) {
125
		for(GrantedAuthority ga : gaSet){
126
			gaText.append(indent).append("ga[").append(ga.hashCode()).append("] ").append(ga.toString()).append("\n");
127
		}
128
	}
129

    
130
	/**
131
	 * <p>getAuthenticatedUser</p>
132
	 *
133
	 * @return a {@link eu.etaxonomy.cdm.model.common.User} object.
134
	 */
135
	public User getAuthenticatedUser(){
136
 		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
137

    
138
		if(authentication != null
139
				&& authentication.getPrincipal() != null
140
				&& authentication.getPrincipal() instanceof User){
141
			return (User)authentication.getPrincipal();
142
		}
143
		return null;
144
	}
145

    
146
	public void logoutAll(){
147
		SecurityContextHolder.clearContext();
148
		notifyObservers();
149
	}
150

    
151
	/* (non-Javadoc)
152
	 * @see eu.etaxonomy.cdm.persistence.hibernate.ICdmPostDataChangeObserver#update(eu.etaxonomy.cdm.persistence.hibernate.CdmDataChangeMap)
153
	 */
154
	@Override
155
	public void update(CdmDataChangeMap arg) {}
156

    
157
	/* (non-Javadoc)
158
	 * @see eu.etaxonomy.cdm.api.conversation.IConversationEnabled#getConversationHolder()
159
	 */
160
	@Override
161
	public ConversationHolder getConversationHolder() {
162
		if(conversation == null){
163
			conversation = CdmStore.createConversation();
164
		}
165
		return conversation;
166
	}
167

    
168
	/**
169
	 * Whether the current user has the role admin
170
	 *
171
	 * @return
172
	 */
173
	public boolean isAdmin() {
174
		// FIXME until we have rights implemented properly we do this
175
		// by a simple string check. This has to change
176

    
177
		return "admin".equals(getAuthenticatedUser().getUsername());
178
	}
179

    
180
	@Override
181
	public void contextAboutToStop(IMemento memento, IProgressMonitor monitor) {
182

    
183
	}
184

    
185
	@Override
186
	public void contextStop(IMemento memento, IProgressMonitor monitor) {
187

    
188
	}
189

    
190
	@Override
191
	public void contextStart(IMemento memento, IProgressMonitor monitor){
192
		conversation = CdmStore.createConversation();
193
	}
194

    
195
	@Override
196
	public void contextRefresh(IProgressMonitor monitor) {
197
		conversation = CdmStore.createConversation();
198
	}
199

    
200
	@Override
201
	public void workbenchShutdown(IMemento memento, IProgressMonitor monitor) {
202

    
203
	}
204
}
(7-7/13)