CookieAuthValveImpl


1   package org.jahia.params.valves;
2   
3   import java.util.Properties  ;
4   import java.util.Set  ;
5   import javax.servlet.http.Cookie  ;
6   import javax.servlet.http.HttpServletResponse  ;
7   
8   import org.jahia.bin.Jahia;
9   import org.jahia.params.ParamBean;
10  import org.jahia.pipelines.PipelineException;
11  import org.jahia.pipelines.valves.Valve;
12  import org.jahia.pipelines.valves.ValveContext;
13  import org.jahia.registries.ServicesRegistry;
14  import org.jahia.services.usermanager.JahiaUser;
15  import org.jahia.settings.SettingsBean;
16  import org.jahia.utils.JahiaString;
17  
18  /**
19   * <p>Title: </p>
20   * <p>Description: </p>
21   * <p>Copyright: Copyright (c) 2004</p>
22   * <p>Company: Jahia Ltd</p>
23   * @author not attributable
24   * @version 1.0
25   */
26  
27  public class CookieAuthValveImpl implements Valve {
28      public CookieAuthValveImpl () {
29      }
30  
31      public void invoke (Object   context, ValveContext valveContext)
32          throws PipelineException {
33          ParamBean paramBean = (ParamBean) context;
34          JahiaUser jahiaUser = null;
35          // now lets look for a cookie in case we are using cookie-based
36          // authentification.
37          Cookie  [] cookies = paramBean.getRequest().getCookies();
38          if (cookies == null) {
39              // no cookies at all sent by the client, let's go to the next
40              // valve.
41              valveContext.invokeNext(context);
42              return;
43          }
44          SettingsBean settingsBean = Jahia.getSettings();
45          // we first need to find the authentication cookie in the list.
46          Cookie   authCookie = null;
47          for (int i = 0; i < cookies.length; i++) {
48              Cookie   curCookie = cookies[i];
49              if (settingsBean.getCookieAuthCookieName().equals(curCookie.getName())) {
50                  // found it.
51                  authCookie = curCookie;
52                  break;
53              }
54          }
55          if (authCookie != null) {
56              // now we need to look in the database to see if we have a
57              // user that has the corresponding key.
58              Properties   searchCriterias = new Properties  ();
59              searchCriterias.setProperty(settingsBean.
60                                          getCookieAuthUserPropertyName(),
61                                          authCookie.getValue());
62              Set   foundUsers = ServicesRegistry.getInstance().
63                               getJahiaUserManagerService().searchUsers(paramBean.
64                  getSiteID(), searchCriterias);
65              if (foundUsers.size() == 1) {
66                  jahiaUser = (JahiaUser) foundUsers.iterator().next();
67                  paramBean.getRequest().getSession().setAttribute(ParamBean.
68                      SESSION_USER, jahiaUser);
69                  if (settingsBean.isCookieAuthRenewalActivated()) {
70                      // we can now renew the cookie.
71                      String   cookieUserKey = null;
72                      // now let's look for a free random cookie value key.
73                      while (cookieUserKey == null) {
74                          cookieUserKey = JahiaString.generateRandomString(
75                              settingsBean.
76                              getCookieAuthIDLength());
77                          searchCriterias = new Properties  ();
78                          searchCriterias.setProperty(settingsBean.
79                              getCookieAuthUserPropertyName(),
80                              cookieUserKey);
81                          Set   usersWithKey = ServicesRegistry.getInstance().
82                                             getJahiaUserManagerService().
83                                             searchUsers(
84                              paramBean.getSiteID(), searchCriterias);
85                          if (usersWithKey.size() > 0) {
86                              cookieUserKey = null;
87                          }
88                      }
89                      // let's save the identifier for the user in the database
90                      jahiaUser.setProperty(settingsBean.
91                                            getCookieAuthUserPropertyName(),
92                                            cookieUserKey);
93                      // now let's save the same identifier in the cookie.
94                      authCookie.setValue(cookieUserKey);
95                      authCookie.setPath(paramBean.getRequest().getContextPath());
96                      authCookie.setMaxAge(settingsBean.
97                                           getCookieAuthMaxAgeInSeconds());
98                      HttpServletResponse   realResponse = paramBean.
99                          getRealResponse();
100                     realResponse.addCookie(authCookie);
101                 }
102             }
103         }
104         if (jahiaUser == null) {
105             valveContext.invokeNext(context);
106         } else {
107             paramBean.setTheUser(jahiaUser);
108         }
109     }
110 
111     public void initialize () {
112     }
113 
114 }
115
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags