JAASAuthenticationManagerImpl.java example

Explorer
bonita-web-master
/**
 * Copyright (C) 2011 BonitaSoft S.A.
 * BonitaSoft, 32 rue Gustave Eiffel - 38000 Grenoble
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 2.0 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */
package org.bonitasoft.console.common.server.auth.impl.jaas;

import java.io.Serializable;
import java.util.Collections;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

import org.bonitasoft.console.common.server.auth.AuthenticationFailedException;
import org.bonitasoft.console.common.server.auth.AuthenticationManager;
import org.bonitasoft.console.common.server.auth.impl.standard.StandardAuthenticationManagerImpl;
import org.bonitasoft.console.common.server.login.HttpServletRequestAccessor;
import org.bonitasoft.console.common.server.login.credentials.Credentials;

/**
 *
 * Login manager imlement by JAAS
 *
 * @author Vincent Elcrin
 *
 */
public class JAASAuthenticationManagerImpl extends StandardAuthenticationManagerImpl {

    /**
     * Logger
     */
    private static final Logger LOGGER = Logger.getLogger(JAASAuthenticationManagerImpl.class.getName());

    /**
     * JAAS Auth login context
     */
    public static final String JAAS_AUTH_LOGIN_CONTEXT = "BonitaAuth";

    @Override
    public Map<String, Serializable> authenticate(final HttpServletRequestAccessor request, final Credentials credentials) throws AuthenticationFailedException {
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "#authenticate (this implementation of " + AuthenticationManager.class.getName()
                    + " performs a login on the login context " + JAAS_AUTH_LOGIN_CONTEXT + "[_<tenantId>])");
        }
        final long tenantId = credentials.getTenantId();
        final CallbackHandler handler = createConsoleCallbackHandler(request, String.valueOf(tenantId));
        try {
            final String loginContextName = getLoginContextName(tenantId);
            final LoginContext loginContext = new LoginContext(loginContextName, handler);
            loginContext.login();
            loginContext.logout();
            return Collections.emptyMap();
        } catch (final LoginException e) {
            if (LOGGER.isLoggable(Level.SEVERE)) {
                LOGGER.log(Level.SEVERE, e.getMessage());
            }
            throw new AuthenticationFailedException(e.getMessage(), e);
        }
    }

    private ConsoleCallbackHandler createConsoleCallbackHandler(final HttpServletRequestAccessor request, final String tenantId) {
        return new ConsoleCallbackHandler(request.getUsername(), request.getPassword(), tenantId);
    }

    private String getLoginContextName(final long tenantId) {
        String loginContextName;
        if (tenantId >= 0) {
            loginContextName = JAAS_AUTH_LOGIN_CONTEXT + "_" + tenantId;
        } else {
            loginContextName = JAAS_AUTH_LOGIN_CONTEXT;
        }
        return loginContextName;
    }
}