Session.java

package com.github.wicketoracle.session;

import java.sql.SQLException;
import java.util.Locale;

import org.apache.wicket.authentication.AuthenticatedWebSession;
import org.apache.wicket.authorization.strategies.role.Roles;
import org.apache.wicket.protocol.http.WebApplication;
import org.apache.wicket.protocol.http.request.WebClientInfo;
import org.apache.wicket.Request;
import org.apache.wicket.util.crypt.ICrypt;
import org.apache.wicket.util.crypt.KeyInSessionSunJceCryptFactory;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.github.wicketoracle.WicketApplication;
import com.github.wicketoracle.session.user.PersonalDetails;


/**
 * An authenticated session in the application.
 *
 * Because end-to-end authentication( app to db ) is used
 * both the username and password must be stored.
 *
 * @author Andrew Hall
 *
 */

public final class Session extends AuthenticatedWebSession
{
    private static final long serialVersionUID = 1L;

    private static final Logger LOGGER = LoggerFactory.getLogger( Session.class );

    private static final String APPLICATION_MODE = WebApplication.get().getConfigurationType();

    private ICrypt crypt;
    private String username;
    private String password;

    private PersonalDetails personalDetails = new PersonalDetails();

   /**
     * Constructor
     *
     * @param request
     */

    public Session( final Request pRequest )
    {
        super( pRequest );
    }

    /**
     * @see org.apache.wicket.authentication.AuthenticatedWebSession#authenticate( String, String )
     */
    public boolean authenticate( final String pUsername , final String pPassword )
    {
        boolean isSuccessful = true;

        SessionDAO loginDAO = null;

        try
        {
            LOGGER.debug( "Request new SessionDAO -> username -> {}" , pUsername );

            loginDAO = new SessionDAO( pUsername , pPassword );

            LOGGER.debug( "Built login DAO" );

            setPersonalDetails( loginDAO.getAppUserDetails() );

            LOGGER.debug( "Retrieved and added user details to the session" );

            this.setLocale( new Locale( getPersonalDetails().getLanguageCode() ) );

            LOGGER.debug( "Set user's locale -> {}" , this.getLocale().getCountry() );

            if ( isTemporary() )
            {
                bind();
            }

            LOGGER.debug( "Added this session to the session store" );

            final String ipAddress   = ( ( WebClientInfo ) super.getClientInfo() ).getProperties().getRemoteAddress();
            final String httpSession = getId();

            loginDAO.recordLogon( ipAddress , httpSession );

            LOGGER.debug( "Recorded the details of a successful logon ; IP Address -> {} ; HTTP Session -> {}" , ipAddress , httpSession );

            crypt = new KeyInSessionSunJceCryptFactory().newCrypt();
            setUsername( pUsername );
            setPassword( pPassword );

            LOGGER.debug( "Set username and password" );

        }
        catch ( SQLException sqle )
        {
            LOGGER.error
            (
                "SQL Exception in authenticate() -> {}; error code -> {}; sql state -> {};"
            ,   new Object []
                {
                    sqle.getMessage()
                ,   sqle.getErrorCode()
                ,   sqle.getSQLState()
                }
            );

            isSuccessful = false;
        }
        finally
        {
            if ( !( loginDAO == null ) && ! loginDAO.closeConnection() )
            {
                isSuccessful = false;
            }
        }

        return isSuccessful;
    }

    /**
     * @see org.apache.wicket.authentication.AuthenticatedWebSession#getRoles()
     */
    public Roles getRoles()
    {
        return personalDetails.getRoles();
    }

    /**
     * @return True if the user has signed in
     */
    public boolean isAuthenticated()
    {
        return ( getUsername() != null );
    }

    /**
     *
     * @return
     */
    public boolean isDebugInfoVisible()
    {
        return APPLICATION_MODE.equals( WicketApplication.DEVELOPMENT ) || getRoles().hasRole( RequiredRoles.ROLE_VIEW_DEBUG_INFO );
    }

    /**
     * @return Java bean containing personal details of authenticated user
     */
    public PersonalDetails getPersonalDetails()
    {
        return personalDetails;
    }

    /**
     *
     * @param pPersonalDetails
     *                        personal details of authenticated user
     */
    public void setPersonalDetails( final PersonalDetails pPersonalDetails )
    {
        personalDetails = pPersonalDetails;
    }

    /**
     * @return The username
     */
    public String getUsername()
    {
        return username;
    }

    /**
     * @param pUsername
     *                  The username
     */
    public void setUsername( final String pUsername )
    {
        username = pUsername;
    }

    /**
     *
     * @return the password in encrypted form
     */
    public String getEncryptedPassword()
    {
        return password;
    }

    /**
     * @return The password
     */
    public String getPassword()
    {
        return crypt.decryptUrlSafe( password );
    }

    /**
     * @param pPassword
     *                  The password
     */
    public void setPassword( final String pPassword )
    {
        password = crypt.encryptUrlSafe( pPassword );
    }
}