LDAPRealmLoginManager.java example

Explorer
tizzit-master
/**
 * Copyright (c) 2009 Juwi MacMillan Group GmbH
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *         http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package de.juwimm.cms.safeguard.realmlogin;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Properties;

import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;

import org.apache.log4j.Logger;

import de.juwimm.cms.safeguard.model.RealmLdapHbm;
import de.juwimm.cms.safeguard.model.RealmLdapHbmDao;

/**
 * @author <a href="mailto:michael.meyer@juwimm.com">Michael Meyer</a>
 * @author <a href="mailto:carsten.schalm@juwimm.com">Carsten Schalm</a>
 * company Juwi|MacMillan Group Gmbh, Walsrode, Germany
 * @version $Id$
 */
public final class LDAPRealmLoginManager implements SafeguardLoginManager {
	private static Logger log = Logger.getLogger(LDAPRealmLoginManager.class);
	private final String username;
	private final String password;
	private final String roleNeeded;
	private final Integer realmId;
	private final RealmLdapHbmDao realmLdapHbmDao;

	public LDAPRealmLoginManager(RealmLdapHbmDao realmLdapHbmDao, Integer realmId, String userName, String password, String roleNeeded) {
		this.username = userName;
		this.password = password;
		this.realmId = realmId;
		this.roleNeeded = roleNeeded;
		this.realmLdapHbmDao = realmLdapHbmDao;
	}

	public byte login() {
		byte login = SafeguardLoginManager.LOGIN_UNAUTHENTICATED;
		try {
			RealmLdapHbm realm = realmLdapHbmDao.load(this.realmId);

			String secPrinc = realm.getLdapPrefix() + this.username + realm.getLdapSuffix();
			String ldapUrl = realm.getLdapUrl();
			String authType = realm.getLdapAuthenticationType();

			Properties env = new Properties();
			env.put(DirContext.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
			env.put(DirContext.PROVIDER_URL, ldapUrl);
			env.put(DirContext.SECURITY_AUTHENTICATION, authType);
			env.put(DirContext.SECURITY_PRINCIPAL, secPrinc);
			env.put(DirContext.SECURITY_CREDENTIALS, this.password);

			DirContext dc = new InitialDirContext(env);
			if (this.roleNeeded != null && this.roleNeeded.length() > 0) {
				login = SafeguardLoginManager.LOGIN_UNAUTHORIZED;
			}
			login = SafeguardLoginManager.LOGIN_SUCCESSFULLY;
			dc.close();
		} catch (NamingException nex) {
			if (log.isDebugEnabled()) log.debug("Naming Exception: " + nex.getMessage(), nex);
		} catch (Exception ex) {
			log.error("Error loging in user " + this.username + " on LdapRealm " + this.realmId + ": " + ex.getMessage(), ex);
		}
		if (log.isDebugEnabled()) log.debug("user \"" + this.username + "\" at realm " + this.realmId + " is logedin: " + login);
		return login;
	}

	public Collection<String> getRoles() {
		return new ArrayList<String>(0);
	}

}