SampleSlingAuthenticationHandler.java example

Explorer

com.activecq.samples-master
- core
  - src
    - main
      - java
        com
        activecq
        samples
        clientcontext
        ClientContextBuilder.java
        ClientContextStore.java
        impl
        ClientContextBuilderImpl.java
        SampleClientContextStoreImpl.java
        contentfinder
        ContentFinderHitBuilder.java
        querybuilder
        ContentFinderResultHitWriter.java
        viewhandler
        ContentFinderConstants.java
        GQLToQueryBuilderConverter.java
        QueryBuilderViewHandler.java
        QueryBuilderViewQuery.java
        eventhandlers
        impl
        SampleEventHandler.java
        SampleEventPublisher.java
        SampleJcrEventListener.java
        liveactions
        impl
        SampleLiveAction.java
        loginmodule
        SampleAuthentication.java
        SampleLoginModule.java
        SamplePrincipal.java
        SamplePrincipalProvider.java
        mbeans
        SampleMBean.java
        impl
        SampleMBeanImpl.java
        querybuilder
        impl
        SampleJsonHitWriter.java
        replication
        impl
        ReverseReplicatorImpl.java
        resourcedecorators
        impl
        SampleResourceTypeResourceDecorator.java
        resourcewrappers
        SampleSlideshowResourceWrapper.java
        servlets
        impl
        SampleAllMethodsServlet.java
        SampleSafeMethodsServlet.java
        slingadapterfactories
        SampleAdaptable.java
        impl
        SampleAdapterFactory.java
        slingauthenticationhandler
        impl
        SampleSlingAuthenticationHandler.java
        slingfilters
        impl
        SampleSlingFilter.java
        SampleSlingIncludeFilter.java
        slingresourceprovider
        impl
        SampleSlingResourceProvider.java
        slingscheduler
        impl
        SampleScheduledService.java
        slingservice
        SampleClusterAwareService.java
        SampleMultiReferenceService.java
        SampleMutableStateService.java
        SampleService.java
        impl
        SampleClusterAwareServiceImpl.java
        SampleMultiReferenceServiceImpl.java
        SampleMutableStateServiceImpl.java
        SampleServiceImpl.java
        workflow
        impl
        LocalizedTagTitleExtractorProcessWorkflow.java
        SampleProcessWorkflow.java
        TagExplosionProcessWorkflow.java
    - test
      - java
        com
        activecq
        samples
        slingfilters
        impl
        SampleSlingFilterTest.java
        slingservice
        impl
        SampleServiceImplTest.java

/*
 * Copyright 2012 david.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.activecq.samples.slingauthenticationhandler.impl;

import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Deactivate;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.auth.core.spi.AuthenticationFeedbackHandler;
import org.apache.sling.auth.core.spi.AuthenticationHandler;
import org.apache.sling.auth.core.spi.AuthenticationInfo;
import org.apache.sling.commons.osgi.PropertiesUtil;
import org.apache.sling.jcr.resource.JcrResourceConstants;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.jcr.SimpleCredentials;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Dictionary;


@Component(label = "Samples - Sling Authentication Handler",
        description = "Sample Sling Authentication Handler",
        metatype = true,
        immediate = false
)
@Properties({

        @Property(label = "Authentication Paths",
                description = "JCR Paths which this Authentication Handler will authenticate",
                name = AuthenticationHandler.PATH_PROPERTY,
                value = {"/content/sample-path"},
                cardinality = Integer.MAX_VALUE),

        @Property(label = "Service Ranking",
                description = "Service ranking. Higher gives more priority.",
                name = "service.ranking",
                intValue = 20,
                propertyPrivate = false),

        @Property(
                name = AuthenticationHandler.TYPE_PROPERTY,
                value = HttpServletRequest.FORM_AUTH,
                propertyPrivate = true),

        @Property(label = "Vendor",
                name = "service.vendor",
                value = "ActiveCQ",
                propertyPrivate = true)
})

@Service
public class SampleSlingAuthenticationHandler implements AuthenticationHandler, AuthenticationFeedbackHandler {

    @SuppressWarnings("unused")
    private final Logger log = LoggerFactory.getLogger(this.getClass().getName());

    private static final String DEFAULT_TRUST_CREDENTIALS = "TrustedInfo";
    private String trustCredentials = DEFAULT_TRUST_CREDENTIALS;
    @Property(label = "Trust Credentials",
            description = "The Trust Credentials found in repository.xml or ldap.config",
            value = DEFAULT_TRUST_CREDENTIALS)
    private static final String PROP_TRUST_CREDENTIALS = "prop.trust-credentials";

    /**
     * OSGi Service References *
     */

    @Reference
    private ResourceResolverFactory resourceResolverFactory;


    /** AuthenticationHandler Methods **/

    /**
     * Extract the credentials contained inside the request, parameter or cookie
     *
     * @see com .day.cq.auth.impl.AbstractHTTPAuthHandler#authenticate(javax.servlet.http.HttpServletRequest,
     *      javax.servlet.http.HttpServletResponse)
     */
    @Override
    public AuthenticationInfo extractCredentials(HttpServletRequest request,
                                                 HttpServletResponse response) {

        final String extractedUserId = request.getParameter("j_username");
        final String extractedPassword = request.getParameter("j_password");

        // Extract UserId and Password from Request and store in SimpleCredentials object
        final SimpleCredentials credentials =
                new SimpleCredentials(extractedUserId, extractedPassword.toCharArray());

        // Execute any pre-authentication here such as authenticating cookies
        // or authentication credentials to third-party systems

        boolean preauthenticated = false; // hased on pre-authentication success

        if (preauthenticated) {
            // If preauthenticated and the trustCredentials are applied, the
            // credentials.getUser() in the credentials object will be logged in
            // regardless of the credentials.getPassword() is valid

            // Set Trusted Credentials Attributes; Must match to what is in
            // repository.xml or ldap.config (if LDAP is used)
            credentials.setAttribute(trustCredentials, "this value is inconsequential");
        }

        // Return a populated AuthenticationInfo object which will be
        // authenticated by the registered LoginModules
        final AuthenticationInfo info = new AuthenticationInfo(
                HttpServletRequest.FORM_AUTH, credentials.getUserID());

        // Add the credentials obj to the AuthenticationInfo obj
        info.put(JcrResourceConstants.AUTHENTICATION_INFO_CREDENTIALS, credentials);

        return info;
    }

    @Override
    public void dropCredentials(HttpServletRequest request,
                                HttpServletResponse response) {
        // Remove credentials from the request/response
        // This generally removed removing/expiring auth Cookies
    }

    @Override
    public boolean requestCredentials(HttpServletRequest request,
                                      HttpServletResponse response) {
        // Invoked when an anonymous request is made to a resource this
        // authetication handler handles (based on OSGi paths properties)
        return false;
    }

    /**
     * AuthenticationFeedbackHandler Methods *
     */

    @Override
    public void authenticationFailed(HttpServletRequest request, HttpServletResponse response, AuthenticationInfo authInfo) {
        // Executes if authentication by the LoginModule fails

        // Executes after extractCredentials(..) returns a credentials object
        // that CANNOT be authenticated by the LoginModule
    }

    @Override
    public boolean authenticationSucceeded(HttpServletRequest request, HttpServletResponse response, AuthenticationInfo authInfo) {
        // Executes if authentication by the LoginModule succeeds

        // Executes after extractCredentials(..) returns a credentials object
        // that CAN be authenticated by the LoginModule


        // Return true if the handler sent back a response to the client and request processing should terminate.
        // Return false if the request should proceed as authenticated through the framework. (This is usually the desired behavior)
        return false;
    }

    /**
     * OSGi Component Methods *
     */

    @Activate
    protected void activate(ComponentContext componentContext) {
        Dictionary properties = componentContext.getProperties();

        this.trustCredentials = PropertiesUtil.toString(
                properties.get(PROP_TRUST_CREDENTIALS), DEFAULT_TRUST_CREDENTIALS);
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext) {
    }
}