AuthenticationManagerImpl.java

package com.norteksoft.cas.authentication;

import java.util.ArrayList;
import java.util.List;

import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;

import org.jasig.cas.authentication.AbstractAuthenticationManager;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.handler.AuthenticationHandler;
import org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException;
import org.jasig.cas.authentication.handler.UnsupportedCredentialsException;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.CredentialsToPrincipalResolver;
import org.jasig.cas.authentication.principal.Principal;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;

public final class AuthenticationManagerImpl extends AbstractAuthenticationManager {

	@NotNull
    @Size(min=1)
    private List<AuthenticationHandler> authenticationHandlers;
	
	@NotNull
    @Size(min=1)
    private List<CredentialsToPrincipalResolver> credentialsToPrincipalResolvers;
	
	@NotNull
	private AuthenticationPatternHandler authenticationPatternHandler;
	
	@Override
	protected Pair<AuthenticationHandler, Principal> authenticateAndObtainPrincipal(
			Credentials credentials) throws AuthenticationException {
		boolean foundSupported = false;
        boolean authenticated = false;
        AuthenticationHandler authenticatedClass = null;
        
        String username = "";
        if(credentials instanceof UsernamePasswordCredentials){
        	username = ((UsernamePasswordCredentials)credentials).getUsername();
        }
        
        // List<AuthenticationHandler> handlers = authenticationHandlers;
        List<AuthenticationHandler> handlers = null;
        if(username == null){
        	handlers = authenticationHandlers;
        }else{
        	handlers = updateAuthenticationHandlers(username);
        }
        if(handlers == null){ // 用户名不存在
        	throw new BadCredentialsAuthenticationException("error.authentication.username.not.found");
        }
        
        for (final AuthenticationHandler authenticationHandler : handlers) {
            if (authenticationHandler.supports(credentials)) {
                foundSupported = true;
                if (!authenticationHandler.authenticate(credentials)) {
                    if (log.isInfoEnabled()) {
                        log.info("AuthenticationHandler: "
                                + authenticationHandler.getClass().getName()
                                + " failed to authenticate the user which provided the following credentials: "
                                + credentials.toString());
                    }
                } else {
                    if (log.isInfoEnabled()) {
                        log.info("AuthenticationHandler: "
                                + authenticationHandler.getClass().getName()
                                + " successfully authenticated the user which provided the following credentials: "
                                + credentials.toString());
                    }
                    authenticatedClass = authenticationHandler;
                    authenticated = true;
                    break;
                }
            }
        }

        if (!authenticated) {
            if (foundSupported) {
                throw BadCredentialsAuthenticationException.ERROR;
            }

            throw UnsupportedCredentialsException.ERROR;
        }

        foundSupported = false;

        for (final CredentialsToPrincipalResolver credentialsToPrincipalResolver : this.credentialsToPrincipalResolvers) {
            if (credentialsToPrincipalResolver.supports(credentials)) {
                final Principal principal = credentialsToPrincipalResolver
                    .resolvePrincipal(credentials);
                foundSupported = true;
                if (principal != null) {
                    return new Pair<AuthenticationHandler,Principal>(authenticatedClass, principal);
                }
            }
        }

        if (foundSupported) {
            if (log.isDebugEnabled()) {
                log.debug("CredentialsToPrincipalResolver found but no principal returned.");
            }

            throw BadCredentialsAuthenticationException.ERROR;
        }

        log.error("CredentialsToPrincipalResolver not found for " + credentials.getClass().getName());
        throw UnsupportedCredentialsException.ERROR;
	}
	
	private List<AuthenticationHandler> updateAuthenticationHandlers(String loginName){
		AuthenticationPattern pattern = authenticationPatternHandler.getAuthenticationPattern(loginName);
		if(pattern == null) return null;
		AuthenticationHandler handler = AuthenticationHandlerFactory.getAuthenticationHandler(
				authenticationPatternHandler.getJdbcTemplate(), pattern);
		if(handler == null){
			return authenticationHandlers;
		}else{
			List<AuthenticationHandler> handlers = new ArrayList<AuthenticationHandler>();
			handlers.add(authenticationHandlers.get(0));
			handlers.add(handler);
			return handlers;
		}
	}
	
	public void setAuthenticationPatternHandler(
			AuthenticationPatternHandler authenticationPatternHandler) {
		this.authenticationPatternHandler = authenticationPatternHandler;
	}
	
	public void setAuthenticationHandlers(
        final List<AuthenticationHandler> authenticationHandlers) {
        this.authenticationHandlers = authenticationHandlers;
    }

    public void setCredentialsToPrincipalResolvers(
        final List<CredentialsToPrincipalResolver> credentialsToPrincipalResolvers) {
        this.credentialsToPrincipalResolvers = credentialsToPrincipalResolvers;
    }
    
}