UserAuthenticator


1   /*
2    * Copyright 1999-2004 The Apache Software Foundation
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
5    * in compliance with the License. You may obtain a copy of the License at
6    * 
7    * http://www.apache.org/licenses/LICENSE-2.0
8    * 
9    * Unless required by applicable law or agreed to in writing, software distributed under the License
10   * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11   * or implied. See the License for the specific language governing permissions and limitations under
12   * the License.
13   *  
14   */
15  
16  package org.apache.lenya.ac.impl;
17  
18  import org.apache.avalon.framework.logger.AbstractLogEnabled;
19  import org.apache.cocoon.environment.Request;
20  import org.apache.lenya.ac.AccessControlException;
21  import org.apache.lenya.ac.AccreditableManager;
22  import org.apache.lenya.ac.Authenticator;
23  import org.apache.lenya.ac.Identity;
24  import org.apache.lenya.ac.User;
25  
26  /**
27   * User authenticator.
28   * @version $Id: UserAuthenticator.java 43241 2004-08-16 16:36:57Z andreas $
29   */
30  public class UserAuthenticator extends AbstractLogEnabled implements Authenticator {
31  
32      /**
33       * @see org.apache.lenya.ac.Authenticator#authenticate(org.apache.lenya.ac.AccreditableManager,
34       *      org.apache.cocoon.environment.Request)
35       */
36      public boolean authenticate(AccreditableManager accreditableManager, Request request)
37              throws AccessControlException {
38          String   username = request.getParameter("username");
39          String   password = request.getParameter("password");
40  
41          if (getLogger().isDebugEnabled()) {
42              getLogger().debug(
43                      "Authenticating username [" + username + "] with password [" + password + "]");
44          }
45  
46          if (username == null || password == null) {
47              throw new AccessControlException("Username or password is null!");
48          }
49  
50          Identity identity = (Identity) request.getSession(false).getAttribute(
51                  Identity.class.getName());
52          boolean authenticated = authenticate(accreditableManager, username, password, identity);
53          return authenticated;
54      }
55  
56      /**
57       * Authenticates a user with a given username and password. When the authentication is
58       * successful, the user is added to the identity.
59       * @param accreditableManager The accreditable manager.
60       * @param username The username.
61       * @param password The password.
62       * @param identity The identity to add the user to.
63       * @throws AccessControlException when something went wrong.
64       * @return <code>true</code> if the user was authenticated, <code>false</code> otherwise.
65       */
66      protected boolean authenticate(AccreditableManager accreditableManager, String   username,
67              String   password, Identity identity) throws AccessControlException {
68  
69          User user = accreditableManager.getUserManager().getUser(username);
70          if (getLogger().isDebugEnabled()) {
71              getLogger().debug("Authenticating user: [" + user + "]");
72          }
73  
74          boolean authenticated = false;
75          if (user != null && user.authenticate(password)) {
76              if (getLogger().isDebugEnabled()) {
77                  getLogger().debug("User [" + user + "] authenticated.");
78              }
79  
80              if (!identity.contains(user)) {
81                  User oldUser = identity.getUser();
82                  if (oldUser != null) {
83                      if (getLogger().isDebugEnabled()) {
84                          getLogger().debug("Removing user [" + oldUser + "] from identity.");
85                      }
86                      identity.removeIdentifiable(oldUser);
87                  }
88                  identity.addIdentifiable(user);
89              }
90              authenticated = true;
91          } else {
92              if (getLogger().isDebugEnabled()) {
93                  if (user == null) {
94                      getLogger().debug("No such user: [" + username + "]");
95                  }
96                  getLogger().debug("User [" + username + "] not authenticated.");
97              }
98          }
99  
100         return authenticated;
101     }
102 
103 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags