improve authentication system

2025-11-13 17:05:43 +01:00 · 2010-12-02 20:44:13 +01:00
parent 1cacbc3c03
commit 1c6413c44b
9 changed files with 599 additions and 64 deletions
--- a/scm-web-api/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
+++ b/scm-web-api/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
@@ -29,6 +29,8 @@
 *
 */

+
+
 package sonia.scm.web.security;

 //~--- non-JDK imports --------------------------------------------------------
@@ -36,7 +38,11 @@ package sonia.scm.web.security;
 import com.google.inject.Inject;
 import com.google.inject.servlet.SessionScoped;

+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import sonia.scm.user.User;
+import sonia.scm.user.UserManager;

 //~--- JDK imports ------------------------------------------------------------

@@ -51,6 +57,29 @@ import javax.servlet.http.HttpServletResponse;
 public class BasicSecurityContext implements WebSecurityContext
 {

+  /** the logger for BasicSecurityContext */
+  private static final Logger logger =
+    LoggerFactory.getLogger(BasicSecurityContext.class);
+
+  //~--- constructors ---------------------------------------------------------
+
+  /**
+   * Constructs ...
+   *
+   *
+   * @param authenticator
+   * @param userManager
+   */
+  @Inject
+  public BasicSecurityContext(AuthenticationManager authenticator,
+                              UserManager userManager)
+  {
+    this.authenticator = authenticator;
+    this.userManager = userManager;
+  }
+
+  //~--- methods --------------------------------------------------------------
+
  /**
   * Method description
   *
@@ -67,7 +96,31 @@ public class BasicSecurityContext implements WebSecurityContext
                           HttpServletResponse response, String username,
                           String password)
  {
-    user = authenticator.authenticate(request, response, username, password);
+    AuthenticationResult result = authenticator.authenticate(request, response,
+                                    username, password);
+
+    if (result.getState().isSuccessfully())
+    {
+      user = result.getUser();
+
+      try
+      {
+        switch (result.getState())
+        {
+          case CREATE_USER :
+            userManager.create(user);
+
+            break;
+
+          case MODIFY_USER :
+            userManager.modify(user);
+        }
+      }
+      catch (Exception ex)
+      {
+        logger.error(ex.getMessage(), ex);
+      }
+    }

    return user;
  }
@@ -114,9 +167,11 @@ public class BasicSecurityContext implements WebSecurityContext
  //~--- fields ---------------------------------------------------------------

  /** Field description */
-  @Inject
-  private Authenticator authenticator;
+  private AuthenticationManager authenticator;

  /** Field description */
  private User user;
+
+  /** Field description */
+  private UserManager userManager;
 }