/** * Copyright (c) 2010, Sebastian Sdorra * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright notice, * this list of conditions and the following disclaimer in the documentation * and/or other materials provided with the distribution. * 3. Neither the name of SCM-Manager; nor the names of its * contributors may be used to endorse or promote products derived from this * software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * http://bitbucket.org/sdorra/scm-manager * */ package sonia.scm.web.security; //~--- non-JDK imports -------------------------------------------------------- import com.google.inject.Inject; import com.google.inject.servlet.SessionScoped; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import sonia.scm.config.ScmConfiguration; import sonia.scm.group.Group; import sonia.scm.group.GroupManager; import sonia.scm.user.User; import sonia.scm.user.UserManager; //~--- JDK imports ------------------------------------------------------------ import java.util.Collection; import java.util.HashSet; import java.util.Iterator; import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * * @author Sebastian Sdorra */ @SessionScoped public class BasicSecurityContext implements WebSecurityContext { /** Field description */ public static final String USER_ANONYMOUS = "anonymous"; /** the logger for BasicSecurityContext */ private static final Logger logger = LoggerFactory.getLogger(BasicSecurityContext.class); //~--- constructors --------------------------------------------------------- /** * Constructs ... * * * * @param configuration * @param authenticator * @param groupManager * @param userManager */ @Inject public BasicSecurityContext(ScmConfiguration configuration, AuthenticationManager authenticator, GroupManager groupManager, UserManager userManager) { this.configuration = configuration; this.authenticator = authenticator; this.groupManager = groupManager; this.userManager = userManager; } //~--- methods -------------------------------------------------------------- /** * Method description * * * @param request * @param response * @param username * @param password * * @return */ @Override public User authenticate(HttpServletRequest request, HttpServletResponse response, String username, String password) { AuthenticationResult ar = authenticator.authenticate(request, response, username, password); if (ar != null) { user = ar.getUser(); try { user.setLastLogin(System.currentTimeMillis()); User dbUser = userManager.get(username); if (dbUser != null) { // update properties dbUser.setDisplayName(user.getDisplayName()); dbUser.setLastLogin(user.getLastLogin()); dbUser.setMail(user.getMail()); dbUser.setType(user.getType()); userManager.modify(dbUser); } else { userManager.create(user); } Collection groupCollection = ar.getGroups(); if (groupCollection != null) { groups.addAll(groupCollection); } loadGroups(); if (logger.isDebugEnabled()) { logGroups(); } } catch (Exception ex) { user = null; logger.error(ex.getMessage(), ex); } } return user; } /** * Method description * * * @param request * @param response */ @Override public void logout(HttpServletRequest request, HttpServletResponse response) { user = null; groups = new HashSet(); HttpSession session = request.getSession(false); if (session != null) { session.invalidate(); } } //~--- get methods ---------------------------------------------------------- /** * Method description * * * @return */ @Override public Collection getGroups() { if (groups == null) { groups = new HashSet(); } return groups; } /** * Method description * * * @return */ @Override public User getUser() { if ((user == null) && configuration.isAnonymousAccessEnabled()) { user = userManager.get(USER_ANONYMOUS); } return user; } /** * Method description * * * @return */ @Override public boolean isAuthenticated() { return getUser() != null; } //~--- methods -------------------------------------------------------------- /** * Method description * */ private void loadGroups() { Collection groupCollection = groupManager.getGroupsForMember(user.getName()); if (groupCollection != null) { for (Group group : groupCollection) { groups.add(group.getName()); } } } /** * Method description * */ private void logGroups() { StringBuilder msg = new StringBuilder("user "); msg.append(user.getName()).append(" is member of "); Iterator groupIt = groups.iterator(); while (groupIt.hasNext()) { msg.append(groupIt.next()); if (groupIt.hasNext()) { msg.append(", "); } } logger.debug(msg.toString()); } //~--- fields --------------------------------------------------------------- /** Field description */ private AuthenticationManager authenticator; /** Field description */ private ScmConfiguration configuration; /** Field description */ private GroupManager groupManager; /** Field description */ private Set groups = new HashSet(); /** Field description */ private User user; /** Field description */ private UserManager userManager; }