KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > lucane > server > auth > LockingAuthenticator


1 /*
2  * Lucane - a collaborative platform
3  * Copyright (C) 2004 Vincent Fiack <vfiack@mail15.com>
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  */
19
20 package org.lucane.server.auth;
21
22 import java.util.HashMap JavaDoc;
23 import java.util.Map JavaDoc;
24
25 import org.lucane.common.*;
26 import org.lucane.common.concepts.UserConcept;
27 import org.lucane.common.net.ObjectConnection;
28 import org.lucane.server.ConnectInfoManager;
29 import org.lucane.server.Server;
30 import org.lucane.server.store.Store;
31
32 public class LockingAuthenticator extends Authenticator
33 {
34     private static final int MAX_FAILURES = 3;
35     private HashMap JavaDoc loginFailures;
36     
37     public LockingAuthenticator()
38     {
39         this.loginFailures = new HashMap JavaDoc();
40     }
41     
42     public AuthResponse authenticate(AuthRequest request)
43     {
44         Store store = Server.getInstance().getStore();
45         ConnectInfo userInfo = request.getUserInfo();
46         
47         //get the user concept
48 UserConcept user = null;
49         try {
50             user = store.getUserStore().getUser(userInfo.getName());
51         } catch(Exception JavaDoc e) {
52             e.printStackTrace();
53         }
54         
55         if(user == null)
56             return new AuthResponse(AuthResponse.BAD_CREDENTIALS);
57         
58         if(user.isLocked())
59             return new AuthResponse(AuthResponse.USER_LOCKED);
60         
61         if(!store.getUserStore().checkUserPassword(user, request.getMd5Passwd()))
62         {
63             logonError(user);
64             return new AuthResponse(AuthResponse.BAD_CREDENTIALS);
65         }
66         
67         //reset previous failures
68 loginFailures.remove(user);
69         
70         //disconnect already connected user
71 if(userInfo.isClient() && ConnectInfoManager.getInstance().isConnected(userInfo))
72         {
73             ConnectInfo oldUser = ConnectInfoManager.getInstance().
74                 getCompleteConnectInfo(request.getUserInfo());
75             
76             try {
77                 Map JavaDoc action = new HashMap JavaDoc();
78                 action.put("command", "DISCONNECT");
79                 ObjectConnection oc = Server.getInstance().sendMessageTo(oldUser, "Client", action);
80                 oc.close();
81             } catch (Exception JavaDoc e) {
82                 //we can't do much here, the client might have crashed
83 }
84             ConnectInfoManager.getInstance().removeConnectInfo(oldUser);
85         }
86         
87         //add the connect info
88 ConnectInfoManager.getInstance().addConnectInfo(userInfo);
89         
90         return new AuthResponse(AuthResponse.AUTH_ACCEPTED);
91     }
92
93     /**
94      * A login error occured
95      *
96      * @param user the user concept
97      */
98     private void logonError(UserConcept user)
99     {
100         Integer JavaDoc numberOfFailures = (Integer JavaDoc)loginFailures.get(user.getName());
101         int newNumber = 1;
102         if(numberOfFailures != null)
103             newNumber = numberOfFailures.intValue() + 1;
104         loginFailures.put(user.getName(), new Integer JavaDoc(newNumber));
105         
106         Logging.getLogger().fine("Login failure: " + user.getName() + " (" + newNumber + " failures).");
107         
108         if(newNumber >= MAX_FAILURES)
109         {
110             user.setLocked(true);
111             try {
112                 Server.getInstance().getStore().getUserStore().updateUser(user);
113                 loginFailures.remove(user.getName());
114                 Logging.getLogger().info("Locking " + user.getName() + " after " + MAX_FAILURES + " failures.");
115             } catch (Exception JavaDoc e) {
116                 Logging.getLogger().warning("Unable to lock user : " + e);
117             }
118         }
119     }
120 }
Popular Tags