Revision 2058
Added by sgarg about 20 years ago
| AuthSession.java | ||
|---|---|---|
| 42 | 42 |
private HttpSession session = null; |
| 43 | 43 |
private AuthInterface authService = null; |
| 44 | 44 |
private String statusMessage = null; |
| 45 |
|
|
| 46 |
/**
|
|
| 45 |
|
|
| 46 |
/** |
|
| 47 | 47 |
* Construct an AuthSession |
| 48 | 48 |
*/ |
| 49 | 49 |
public AuthSession() throws Exception {
|
| ... | ... | |
| 53 | 53 |
this.authClass = util.getOption("authclass");
|
| 54 | 54 |
this.authService = (AuthInterface)createObject(authClass); |
| 55 | 55 |
} |
| 56 |
|
|
| 56 |
|
|
| 57 | 57 |
/** |
| 58 | 58 |
* Get the new session |
| 59 | 59 |
*/ |
| ... | ... | |
| 62 | 62 |
return this.session; |
| 63 | 63 |
} |
| 64 | 64 |
|
| 65 |
/**
|
|
| 66 |
* determine if the credentials for this session are valid by
|
|
| 65 |
/** |
|
| 66 |
* determine if the credentials for this session are valid by |
|
| 67 | 67 |
* authenticating them using the authService configured for this session. |
| 68 | 68 |
* |
| 69 | 69 |
* @param request the request made from the client |
| 70 | 70 |
* @param username the username entered when login |
| 71 | 71 |
* @param password the password entered when login |
| 72 | 72 |
*/ |
| 73 |
public boolean authenticate(HttpServletRequest request,
|
|
| 74 |
String username, String password) {
|
|
| 73 |
public boolean authenticate(HttpServletRequest request, |
|
| 74 |
String username, String password) {
|
|
| 75 | 75 |
String message = null; |
| 76 |
try {
|
|
| 76 |
try {
|
|
| 77 | 77 |
if ( authService.authenticate(username, password) ) {
|
| 78 |
String[] groups = authService.getGroups(username,password,username); |
|
| 78 |
|
|
| 79 |
// getGroups returns groupname along with their description. |
|
| 80 |
// hence groups[] is generated from groupsWithDescription[][] |
|
| 81 |
String[][] groupsWithDescription = |
|
| 82 |
authService.getGroups(username,password,username); |
|
| 83 |
String groups[] = new String[groupsWithDescription.length]; |
|
| 84 |
|
|
| 85 |
for(int i=0; i<groupsWithDescription.length; i++){
|
|
| 86 |
groups[i] = groupsWithDescription[i][0]; |
|
| 87 |
} |
|
| 88 |
|
|
| 79 | 89 |
if(groups == null) |
| 80 | 90 |
{
|
| 81 | 91 |
groups = new String[0]; |
| ... | ... | |
| 85 | 95 |
message = "Authentication successful for user: " + username; |
| 86 | 96 |
this.statusMessage = formatOutput("login", message, sessionId);
|
| 87 | 97 |
return true; |
| 88 |
} else {
|
|
| 98 |
} else {
|
|
| 89 | 99 |
message = "Authentication failed for user: " + username; |
| 90 | 100 |
this.statusMessage = formatOutput("unauth_login", message);
|
| 91 | 101 |
return false; |
| 92 |
}
|
|
| 102 |
} |
|
| 93 | 103 |
} catch ( ConnectException ce ) {
|
| 94 | 104 |
message = "Connection to the authentication service failed in " + |
| 95 | 105 |
"AuthSession.authenticate: " + ce.getMessage(); |
| 96 | 106 |
} catch ( IllegalStateException ise ) {
|
| 97 | 107 |
message = ise.getMessage(); |
| 98 | 108 |
} |
| 99 |
|
|
| 109 |
|
|
| 100 | 110 |
this.statusMessage = formatOutput("error_login", message);
|
| 101 | 111 |
return false; |
| 102 | 112 |
} |
| 103 | 113 |
|
| 104 | 114 |
/** Get new HttpSession and store username & password in it */ |
| 105 |
private HttpSession createSession(HttpServletRequest request,
|
|
| 115 |
private HttpSession createSession(HttpServletRequest request, |
|
| 106 | 116 |
String username, String password, |
| 107 |
String[] groups)
|
|
| 117 |
String[] groups) |
|
| 108 | 118 |
throws IllegalStateException {
|
| 109 | 119 |
|
| 110 | 120 |
// get the current session object, create one if necessary |
| ... | ... | |
| 140 | 150 |
* Get the message associated with authenticating this session. The |
| 141 | 151 |
* message is formatted in XML. |
| 142 | 152 |
*/ |
| 143 |
public String getMessage()
|
|
| 153 |
public String getMessage() |
|
| 144 | 154 |
{
|
| 145 | 155 |
return this.statusMessage; |
| 146 | 156 |
} |
| ... | ... | |
| 157 | 167 |
return authService.getPrincipals(user, password); |
| 158 | 168 |
} |
| 159 | 169 |
|
| 160 |
/*
|
|
| 170 |
/* |
|
| 161 | 171 |
* format the output in xml for processing from client applications |
| 162 | 172 |
* |
| 163 | 173 |
* @param tag the root element tag for the message (error or success) |
| 164 | 174 |
* @param message the message content of the root element |
| 165 | 175 |
*/ |
| 166 |
private String formatOutput(String tag, String message)
|
|
| 176 |
private String formatOutput(String tag, String message) |
|
| 167 | 177 |
{
|
| 168 | 178 |
return formatOutput(tag, message, null); |
| 169 | 179 |
} |
| 170 | 180 |
|
| 171 |
/*
|
|
| 181 |
/* |
|
| 172 | 182 |
* format the output in xml for processing from client applications |
| 173 | 183 |
* |
| 174 | 184 |
* @param tag the root element tag for the message (error or success) |
| 175 | 185 |
* @param message the message content of the root element |
| 176 | 186 |
* @param sessionId the session identifier for a successful login |
| 177 | 187 |
*/ |
| 178 |
private String formatOutput(String tag, String message, String sessionId)
|
|
| 188 |
private String formatOutput(String tag, String message, String sessionId) |
|
| 179 | 189 |
{
|
| 180 | 190 |
StringBuffer out = new StringBuffer(); |
| 181 |
|
|
| 191 |
|
|
| 182 | 192 |
out.append("<?xml version=\"1.0\"?>\n");
|
| 183 | 193 |
out.append("<" + tag + ">");
|
| 184 | 194 |
out.append("\n <message>" + message + "</message>\n");
|
| ... | ... | |
| 186 | 196 |
out.append("\n <sessionId>" + sessionId + "</sessionId>\n");
|
| 187 | 197 |
} |
| 188 | 198 |
out.append("</" + tag + ">");
|
| 189 |
|
|
| 199 |
|
|
| 190 | 200 |
return out.toString(); |
| 191 | 201 |
} |
| 192 | 202 |
|
| ... | ... | |
| 196 | 206 |
* @param className the fully qualified name of the class to instantiate |
| 197 | 207 |
*/ |
| 198 | 208 |
private static Object createObject(String className) throws Exception {
|
| 199 |
|
|
| 209 |
|
|
| 200 | 210 |
Object object = null; |
| 201 | 211 |
try {
|
| 202 | 212 |
Class classDefinition = Class.forName(className); |
Also available in: Unified diff
Made changes in these three files so that getPrincipal returns back more details about users and groups. Users now contain userDN, user Name and user Email. Groups now contain Group name and Group description. So some function calls which returned single string array earlier now returns multiple string arrays. AuthSession.java called one of these functions - so accordingly changes were made to fix that part of the code.