MetadataAuthenticationProcessingFilter


1   /*
2    * Copyright (C) 2006 JasperSoft http://www.jaspersoft.com
3    * 
4    * This program is free software; you can redistribute it and/or modify
5    * it under the terms of the GNU General Public License as published by
6    * the Free Software Foundation; either version 2 of the License, or
7    * (at your option) any later version.
8    * 
9    * This program is distributed WITHOUT ANY WARRANTY; and without the 
10   * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
11   * See the GNU General Public License for more details.
12   * 
13   * You should have received a copy of the GNU General Public License
14   * along with this program; if not, see http://www.gnu.org/licenses/gpl.txt 
15   * or write to:
16   * 
17   * Free Software Foundation, Inc.,
18   * 59 Temple Place - Suite 330,
19   * Boston, MA  USA  02111-1307
20   */
21  
22  package com.jaspersoft.jasperserver.api.metadata.user.service.impl;
23  
24  import java.io.IOException  ;
25  
26  import javax.servlet.Filter  ;
27  import javax.servlet.FilterChain  ;
28  import javax.servlet.FilterConfig  ;
29  import javax.servlet.ServletException  ;
30  import javax.servlet.ServletRequest  ;
31  import javax.servlet.ServletResponse  ;
32  
33  import org.acegisecurity.Authentication;
34  import org.acegisecurity.context.SecurityContextHolder;
35  import org.acegisecurity.userdetails.UserDetails;
36  import org.apache.commons.logging.Log;
37  import org.apache.commons.logging.LogFactory;
38  import org.springframework.beans.factory.InitializingBean;
39  import org.springframework.util.Assert;
40  
41  import com.jaspersoft.jasperserver.api.metadata.user.domain.impl.client.MetadataUserDetails;
42  
43  /**
44   * To be used as part of an Acegi FilterChainProxy.
45   * 
46   * An authentication can exist that is not based on our internal security mechanism, such
47   * as using an external LDAP service. This filter will assume that the external authentication
48   * is what is wanted, and will:
49   * 
50   * <ul>
51   *     <li>create a user in the metadata if it does not exist, adding any default internal roles</li>
52   *     <li>synchronize the external roles with the user profile, adding and removing external roles</li>
53   * </ul>
54   *     
55   * @author swood
56   *
57   */
58  public class MetadataAuthenticationProcessingFilter implements Filter  , InitializingBean {
59  
60      private static Log log = LogFactory.getLog(MetadataAuthenticationProcessingFilter.class);
61  
62      protected ExternalUserService externalUserService;
63  
64      public void afterPropertiesSet() throws Exception   {
65          Assert.notNull(externalUserService);
66      }
67  
68      /**
69       * Does nothing - we reply on IoC lifecycle services instead.
70       *
71       * @param ignored not used
72       *
73       * @throws ServletException DOCUMENT ME!
74       */
75      public void init(FilterConfig   ignored) throws ServletException   {}
76  
77      /**
78       * Does nothing - we reply on IoC lifecycle services instead.
79       */
80      public void destroy() {}
81  
82      public void doFilter(ServletRequest   request, ServletResponse   response,
83          FilterChain   chain) throws IOException  , ServletException   {
84  
85          Authentication auth = SecurityContextHolder.getContext().getAuthentication();
86          
87          if (log.isDebugEnabled()) {
88              if (auth == null) {
89                  log.debug("No authentication token");
90              } else {
91                  log.debug("Authentication token: '" + auth + "'");
92              }
93          }
94          // If we have authenticated, but but not against an internal metadata store,
95          // synch up with a metadata based user
96          
97          if (auth != null && auth.getPrincipal() != null &&
98                  auth.getPrincipal() instanceof UserDetails &&
99                  !(auth.getPrincipal() instanceof MetadataUserDetails)) {
100             
101             UserDetails userDetails = (UserDetails) auth.getPrincipal();
102 
103             getExternalUserService().maintainInternalUser(userDetails);
104             
105             getExternalUserService().makeUserLoggedIn(userDetails.getUsername());
106 
107             if (log.isDebugEnabled()) {
108                 log.debug(
109                     "Populated SecurityContextHolder with JI metadata token: '"
110                     + SecurityContextHolder.getContext().getAuthentication()
111                     + "'");
112             }
113             
114             Authentication newAuth = SecurityContextHolder.getContext().getAuthentication();
115             
116             if (newAuth.getPrincipal() instanceof MetadataUserDetails) {
117                 MetadataUserDetails newPrincipal = (MetadataUserDetails) newAuth.getPrincipal();
118                 
119                 // Keep a hold of the original principal: it may be useful
120                 // later
121                 newPrincipal.setOriginalUserDetails(userDetails);
122             }
123         } else {
124             if (log.isDebugEnabled()) {
125                 log.debug(
126                     "SecurityContextHolder was changed to a different JI internal metadata token: " + 
127                         ((auth == null) ? "authentication was null" : 
128                             ((auth.getPrincipal() == null) ?  "authentication principal was null" :
129                                 "authentication principal was: '" + auth.getPrincipal()) + "'")
130                 );
131             }
132         }
133         
134         chain.doFilter(request, response);
135         
136         if (log.isDebugEnabled()) {
137             log.debug(
138                 "After chain, JI metadata token is: '"
139                 + SecurityContextHolder.getContext().getAuthentication()
140                 + "'");
141         }
142     }
143     
144 
145     public ExternalUserService getExternalUserService() {
146         return externalUserService;
147     }
148 
149     public void setExternalUserService(ExternalUserService externalUserService) {
150         this.externalUserService = externalUserService;
151     }
152 
153 }
154
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags