DefaultAuthenticationStrategy.java example

Explorer
dcache-master
- archetypes
  - dcache-nearline-plugin-archetype
    - src
      - main
        resources
        archetype-resources
        src
        main
        java
        PluginNearlineStorage.java
        PluginNearlineStorageProvider.java
- modules
package org.dcache.gplazma.strategies;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.security.Principal;
import java.util.List;
import java.util.Set;

import org.dcache.gplazma.AuthenticationException;
import org.dcache.gplazma.monitor.LoginMonitor;
import org.dcache.gplazma.monitor.LoginMonitor.Result;
import org.dcache.gplazma.plugins.GPlazmaAuthenticationPlugin;
import org.dcache.gplazma.plugins.GPlazmaPlugin;

/**
 * This class provides support for the AUTH phase of logging in.  It tries
 * the first plugin.  For each plugin, it either tries the following plugin (if
 * one is available) or returns depending on the plugin's result and the
 * configured control (OPTIONAL, REQUIRED, etc).
 */
public class DefaultAuthenticationStrategy implements AuthenticationStrategy
{
    private static final Logger LOGGER =
            LoggerFactory.getLogger(DefaultAuthenticationStrategy.class);

    private volatile PAMStyleStrategy<GPlazmaAuthenticationPlugin> pamStyleAuthentiationStrategy;

    @Override
    public void setPlugins(List<GPlazmaPluginService<GPlazmaAuthenticationPlugin>> plugins)
    {
        pamStyleAuthentiationStrategy = new PAMStyleStrategy<>(plugins);
    }

    /**
     * Devegates execution of the
     * {@link GPlazmaAuthenticationPlugin#authenticate(SessionID, Set<Object>,Set<Object>, Set<Principal>) GPlazmaAuthenticationPlugin.authenticate}
     * methods of the plugins supplied by
     * {@link GPlazmaStrategy#setPlugins(List< GPlazmaPluginService <T>>) GPlazmaStrategy.setPlugins}
     *  to
     * {@link  PAMStyleStrategy#callPlugins(PluginCaller<T>) PAMStyleStrategy.callPlugins(PluginCaller<T>)}
     * by providing anonymous implementation of the
     * {@link PluginCaller#call(GPlazmaPlugin) PluginCaller}
     * interface.
     * @see PAMStyleStrategy
     * @see PluginCaller
     */
    @Override
    public void authenticate(final LoginMonitor monitor,
            final Set<Object> publicCredential,
            final Set<Object> privateCredential,
            final Set<Principal> identifiedPrincipals)
            throws AuthenticationException
    {
        pamStyleAuthentiationStrategy.callPlugins(service -> {
            monitor.authPluginBegins(service.getName(), service.getControl(),
                    publicCredential, privateCredential,
                    identifiedPrincipals);

            GPlazmaAuthenticationPlugin plugin = service.getPlugin();

            Result result = Result.FAIL;
            String error = null;
            try {
                plugin.authenticate(publicCredential,
                        privateCredential, identifiedPrincipals);
                result = Result.SUCCESS;
            } catch(AuthenticationException e) {
                error = e.getMessage();
                throw e;
            } finally {
                monitor.authPluginEnds(service.getName(), service.getControl(),
                        result, error, publicCredential, privateCredential,
                        identifiedPrincipals);
            }
        });
    }
}