/* ====================================================================
*
* Copyright (C) 2015 GeoSolutions S.A.S.
* http://www.geo-solutions.it
*
* GPLv3 + Classpath exception
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program.
*
* ====================================================================
*
* This software consists of voluntary contributions made by developers
* of GeoSolutions. For more information on GeoSolutions, please see
* <http://www.geo-solutions.it/>.
*
*/
package it.geosolutions.geostore.services.rest.security;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import it.geosolutions.geostore.core.model.User;
import it.geosolutions.geostore.services.UserService;
import it.geosolutions.geostore.services.UserSessionService;
/**
* Token based authentication filter that looks for the token in a user session service.
*
* The attribute name is configurable (defaults to UUID).
*
* @author Lorenzo Natali
*
*/
public class SessionTokenAuthenticationFilter extends TokenAuthenticationFilter {
private final static Logger LOGGER = Logger.getLogger(SessionTokenAuthenticationFilter.class);
@Autowired
UserSessionService userSessionService;
@Autowired
UserService userService;
@Override
protected Authentication checkToken(String token) {
if (userSessionService == null) {
return null;
}
User ud = userSessionService.getUserData(token);
if(ud != null) {
User user;
user = userService.get((Long) ud.getId());
if (user != null) {
return createAuthenticationForUser(user);
}
}
return null;
}
public UserSessionService getUserSessionService() {
return userSessionService;
}
public void setUserSessionService(UserSessionService userSessionService) {
this.userSessionService = userSessionService;
}
public UserService getUserService() {
return userService;
}
public void setUserService(UserService userService) {
this.userService = userService;
}
}