package nl.topicus.konijn.security; import nl.topicus.konijn.data.dao.hibernate.UserDao; import nl.topicus.konijn.data.entity.User; import nl.topicus.konijn.models.PersistenceModel; import org.apache.wicket.authroles.authentication.AuthenticatedWebSession; import org.apache.wicket.authroles.authorization.strategies.role.Roles; import org.apache.wicket.request.Request; import com.google.inject.Inject; /** * Authenticated Session * * @author Joost Limburg * */ public class AuthenticatedSession extends AuthenticatedWebSession { @Inject private UserDao userDao; private PersistenceModel<User> user; private static final long serialVersionUID = 1L; /** * Construct. * * @param request * The current request object */ @Inject public AuthenticatedSession(Request request) { super(request); } /** * @see org.apache.wicket.authentication.AuthenticatedWebSession#authenticate(java.lang.String, * java.lang.String) */ @Override public boolean authenticate(final String username, final String password) { // Check username and password boolean check = false; if (username != null && password != null) { User tmpUser = userDao.getUser(username, password); if (tmpUser != null) { user = new PersistenceModel<User>(tmpUser); check = true; } } return check; } /** * @see org.apache.wicket.authentication.AuthenticatedWebSession#getRoles() */ @Override public Roles getRoles() { if (isSignedIn() && user != null && user.getObject() != null) { // If the user is signed in, they have these roles return user.getObject().getRoles(); } return null; } public void removeUser() { if (user != null) user.detach(); this.user = null; } public User getUser() { if (user != null) return user.getObject(); else return null; } }