SsoValve


1   package org.jahia.pipelines.valves;
2   
3   import org.jahia.exceptions.JahiaException;
4   import org.jahia.exceptions.JahiaInitializationException;
5   import org.jahia.exceptions.JahiaSessionExpirationException;
6   import org.jahia.params.ParamBean;
7   import org.jahia.pipelines.PipelineException;
8   import org.jahia.registries.ServicesRegistry;
9   import org.jahia.services.usermanager.JahiaUser;
10  
11  /**
12   * <p>Title: Generic SSO auth valve</p>
13   * <p>Description: authenticate users with a SSO server.</p>
14   * <p>Copyright: Copyright (c) 2005 - Pascal Aubry</p>
15   * <p>Company: University of Rennes 1</p>
16   * @author Pascal Aubry
17   * @version 1.0
18   */
19  
20  public abstract class SsoValve implements Valve {
21  
22      /** Logger instance */
23      protected static final org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger (SsoValve.class);
24  
25      /**
26       * Retrieve the credentials from the request.
27       * @param paramBean parameters
28       * @return an object.
29       * @throws Exception any exception
30       */
31      public abstract Object   retrieveCredentials(ParamBean paramBean) throws Exception  ;
32      
33      /**
34       * Validate the credentials.
35       * @param credentials the crendentials.
36       * @return the id of user that was authenticated, or null if none.
37       * @throws Exception any exception
38       */
39      public abstract String   validateCredentials(Object   credentials, ParamBean paramBean) throws JahiaException;
40  
41      /**
42       * @see org.jahia.pipelines.valves.Valve#invoke(java.lang.Object, org.jahia.pipelines.valves.ValveContext)
43       */
44      public void invoke (Object   context, ValveContext valveContext)
45          throws PipelineException {
46          
47          logger.debug("starting " + this.getClass().getName() + ".invoke()...");
48          ParamBean paramBean = (ParamBean) context;
49  
50          // at first look if the user was previously authenticated
51          JahiaUser sessionUser = null;
52          try {
53              sessionUser = (JahiaUser) paramBean.getSession().getAttribute(ParamBean.SESSION_USER);
54          } catch (JahiaSessionExpirationException e) {
55              throw new PipelineException("exception was thrown while retrieving session user!", e);
56          }
57          if (sessionUser != null && !sessionUser.getUsername().equals("guest")) {
58              logger.debug("user '" + sessionUser.getUsername() + "' was already authenticated!");
59              paramBean.setTheUser(sessionUser);
60              return;
61          }
62  
63          logger.debug("retrieving credentials...");
64          Object   credentials;
65          try {
66              credentials = retrieveCredentials(paramBean);
67          } catch (Exception   e) {
68              logger.error(e);
69              throw new PipelineException("exception was thrown while retrieving credentials!", e);
70          }
71          if (credentials == null) {
72              logger.debug("no credentials found!");
73              return;
74          }
75          logger.debug("credentials = " + credentials);
76  
77          logger.debug("validating credentials...");
78          String   uid;
79          try {
80              uid = validateCredentials(credentials, paramBean);
81          } catch (Exception   e) {
82              e.printStackTrace();
83              logger.error(e);
84              throw new PipelineException("exception was thrown while validating credentials!", e);
85          }
86          if (uid == null) {
87              logger.debug("credentials were not validated!");
88          }
89          logger.debug("uid = " + uid);
90          
91          logger.debug("checking user existence in Jahia database...");
92          JahiaUser user = null;
93          try {
94              user = ServicesRegistry.getInstance ()
95                      .getJahiaSiteUserManagerService ()
96                      .getMember (paramBean.getSiteID (), uid);
97          } catch (JahiaException e) {
98              throw new PipelineException("exception was thrown while retrieving user '" + uid + "' from Jahia database!", e);
99          }
100         if (user == null) {
101             throw new PipelineException("user '" + uid + "' was authenticated but not found in database!");
102         }
103 
104         // user has been successfully authenticated, note this in the current session.
105         paramBean.getRequest().getSession().setAttribute(ParamBean.SESSION_USER, user);
106         
107         // eventually set the Jahia user
108         paramBean.setTheUser(user);
109     }
110 
111     /**
112      * Return the URL to redirect to for authentication.
113      * @return a URL.
114      * @throws JahiaInitializationException
115      */
116     public abstract String   getRedirectUrl(ParamBean paramBean) throws JahiaException;
117 
118 }
119
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags