CacheLdapSecurityContext.java example

Explorer
uPortal-master
/**
 * Licensed to Apereo under one or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information regarding copyright ownership. Apereo
 * licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use
 * this file except in compliance with the License. You may obtain a copy of the License at the
 * following location:
 *
 * <p>http://www.apache.org/licenses/LICENSE-2.0
 *
 * <p>Unless required by applicable law or agreed to in writing, software distributed under the
 * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apereo.portal.security.provider;

import org.apereo.portal.security.IOpaqueCredentials;
import org.apereo.portal.security.PortalSecurityException;

/**
 * This is an implementation of a SecurityContext that checks a user's credentials against an LDAP
 * directory. It expects to be able to bind to the LDAP directory as the user so that it can
 * authenticate the user. The user's credentials are cached.
 *
 * @deprecated As of uPortal 2.1.3, use {@link
 *     org.apereo.portal.security.provider.SimpleLdapSecurityContext} chained with {@link
 *     org.apereo.portal.security.provider.CacheSecurityContext} instead
 */
public class CacheLdapSecurityContext extends SimpleLdapSecurityContext {
    private final int CACHELDAPSECURITYAUTHTYPE = 0xFF06;
    private byte[] cachedCredentials;

    CacheLdapSecurityContext() {
        super();
    }

    /**
     * Returns the type of authentication this class provides.
     *
     * @return authorization type
     */
    public int getAuthType() {
        /*
         * What is this for?  No one would know what to do with the
         * value returned.  Subclasses might know but our getAuthType()
         * doesn't return anything easily useful.
         */
        return this.CACHELDAPSECURITYAUTHTYPE;
    }

    /** Authenticates the user. */
    public synchronized void authenticate() throws PortalSecurityException {
        // Save our credentials before parent's authenticate() method
        // destroys them.
        this.cachedCredentials = new byte[this.myOpaqueCredentials.credentialstring.length];
        System.arraycopy(
                this.myOpaqueCredentials.credentialstring,
                0,
                this.cachedCredentials,
                0,
                this.myOpaqueCredentials.credentialstring.length);

        super.authenticate();

        if (!this.isAuthenticated()) this.cachedCredentials = null;
    }

    /**
     * We need to override this method in order to return a class that implements the
     * NotSoOpaqueCredentials interface.
     */
    public IOpaqueCredentials getOpaqueCredentials() {
        if (this.isauth) {
            NotSoOpaqueCredentials oc = new CacheOpaqueCredentials();
            oc.setCredentials(this.cachedCredentials);
            return oc;
        } else return null;
    }

    /**
     * This is a new implementation of an OpaqueCredentials class that implements the less-opaque
     * NotSoOpaqueCredentials.
     */
    private class CacheOpaqueCredentials extends ChainingSecurityContext.ChainingOpaqueCredentials
            implements NotSoOpaqueCredentials {

        /**
         * Gets the credentials
         *
         * @return the credentials
         */
        public String getCredentials() {
            if (this.credentialstring != null) return new String(this.credentialstring);
            else return null;
        }
    }
}