/src/edu/ucsb/nceas/metacat/AuthSession.java - Annotate - Metacat - Ecoinformatics Redmine

metacat/src/edu/ucsb/nceas/metacat/AuthSession.java @ 7827

-            bojilova
+/**
  *  '$RCSfile$'
  *    Purpose: A Class that tracks sessions for MetaCatServlet users.
  *  Copyright: 2000 Regents of the University of California and the
  *             National Center for Ecological Analysis and Synthesis
  *    Authors: Matt Jones
+ *
  *   '$Author$'
  *     '$Date$'
  * '$Revision$'
             jones
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation; either version 2 of the License, or
  * (at your option) any later version.
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
+ *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-            bojilova
+ */
 package edu.ucsb.nceas.metacat;
 import java.net.ConnectException;
-            daigle
+import java.util.HashMap;
 import java.util.Vector;
-            bojilova
+import javax.servlet.http.HttpSession;
 import javax.servlet.http.HttpServletRequest;
-            sgarg
+import org.apache.log4j.Logger;
-            daigle
+import edu.ucsb.nceas.metacat.properties.PropertyService;
-            daigle
+import edu.ucsb.nceas.metacat.shared.MetacatUtilException;
-            daigle
+import edu.ucsb.nceas.metacat.util.AuthUtil;
-            jones
+import edu.ucsb.nceas.utilities.PropertyNotFoundException;
             daigle
-            bojilova
+/**
  * A Class that implements session tracking for MetaCatServlet users.
  * User's login data are stored in the session object.
  * User authentication is done through a dynamically determined AuthInterface.
  */
 public class AuthSession {
-            daigle
+	private String authClass = null;
 	private HttpSession session = null;
 	private AuthInterface authService = null;
 	private String statusMessage = null;
 	private static Logger logMetacat = Logger.getLogger(AuthSession.class);
             sgarg
-            daigle
+	/**
 	 * Construct an AuthSession
-            jones
+	 * @throws ClassNotFoundException
 	 * @throws IllegalAccessException
 	 * @throws InstantiationException
-            daigle
+	 */
-            jones
+	public AuthSession() throws InstantiationException, IllegalAccessException, ClassNotFoundException {
-            daigle
+		// Determine our session authentication method and
 		// create an instance of the auth class
-            jones
+		try {
             this.authClass = PropertyService.getProperty("auth.class");
         } catch (PropertyNotFoundException e) {
             // TODO Auto-generated catch block
             e.printStackTrace();
+        }
-            daigle
+		this.authService = (AuthInterface) createObject(authClass);
+	}
             sgarg
-            daigle
+	/**
 	 * Get the new session
 	 */
 	public HttpSession getSessions() {
 		return this.session;
+	}
             bojilova
-            daigle
+	/**
 	 * determine if the credentials for this session are valid by
 	 * authenticating them using the authService configured for this session.
+	 *
 	 * @param request the request made from the client
 	 * @param username the username entered when login
 	 * @param password the password entered when login
 	 */
 	public boolean authenticate(HttpServletRequest request, String username,
 			String password) {
 		String message = null;
 		try {
 			if (authService.authenticate(username, password)) {
             sgarg
-            daigle
+				// getGroups returns groupname along with their description.
 				// hence groups[] is generated from groupsWithDescription[][]
 				String[][] groupsWithDescription = authService.getGroups(username,
 						password, username);
 				String groups[] = new String[groupsWithDescription.length];
             sgarg
-            daigle
+				for (int i = 0; i < groupsWithDescription.length; i++) {
 					groups[i] = groupsWithDescription[i][0];
+				}
             sgarg
-            daigle
+				if (groups == null) {
 					groups = new String[0];
+				}
             bojilova
-            daigle
+				String[] userInfo = authService.getUserInfo(username, password);
             bojilova
-            daigle
+				this.session = createSession(request, username, password, groups,
 						userInfo);
 				String sessionId = session.getId();
 				message = "Authentication successful for user: " + username;
 				this.statusMessage = formatOutput("login", message, sessionId, username,
 						groups, userInfo);
 				return true;
 			} else {
 				message = "Authentication failed for user: " + username;
 				this.statusMessage = formatOutput("unauth_login", message);
 				return false;
+			}
 		} catch (ConnectException ce) {
 			message = "Connection to the authentication service failed in "
 					+ "AuthSession.authenticate: " + ce.getMessage();
 		} catch (IllegalStateException ise) {
 			message = ise.getMessage();
+		}
             bojilova
-            daigle
+		this.statusMessage = formatOutput("error_login", message);
 		return false;
+	}
             bojilova
-            daigle
+	/** Get new HttpSession and store username & password in it */
 	private HttpSession createSession(HttpServletRequest request, String username,
 			String password, String[] groups, String[] userInfo)
 			throws IllegalStateException {
             bojilova
-            daigle
+		// get the current session object, create one if necessary
 		HttpSession session = request.getSession(true);
             bojilova
-            daigle
+		// if it is still in use invalidate and get a new one
 		if (!session.isNew()) {
 			logMetacat.info("in session is not new");
 			logMetacat.info("the old session id is : " + session.getId());
 			logMetacat.info("the old session username : "
 					+ session.getAttribute("username"));
 			session.invalidate();
 			logMetacat.info("in session is not new");
 			session = request.getSession(true);
+		}
 		// store the username, password, and groupname (the first only)
 		// in the session obj for use on subsequent calls to Metacat servlet
 		session.setMaxInactiveInterval(-1);
 		session.setAttribute("username", username);
 		session.setAttribute("password", password);
             jones
-            daigle
+		if (userInfo != null & userInfo.length == 3) {
 			session.setAttribute("name", userInfo[0]);
 			session.setAttribute("organization", userInfo[1]);
 			session.setAttribute("email", userInfo[2]);
+		}
             sgarg
-            daigle
+		if (groups.length > 0) {
 			session.setAttribute("groupnames", groups);
+		}
 		logMetacat.info("the new session id is : " + session.getId());
 		logMetacat.info("the new session username : " + session.getAttribute("username"));
 		return session;
+	}
             sgarg
-            daigle
+	/**
 	 * Get the message associated with authenticating this session. The
 	 * message is formatted in XML.
 	 */
 	public String getMessage() {
 		return this.statusMessage;
+	}
             bojilova
-            daigle
+	/**
 	 * Get all groups and users from authentication scheme.
 	 * The output is formatted in XML.
 	 * @param user the user which requests the information
 	 * @param password the user's password
 	 */
 	public String getPrincipals(String user, String password) throws ConnectException {
 		return authService.getPrincipals(user, password);
+	}
             daigle
 	/**
 	 * Get attributes describing a user or group
+	 *
 	 * @param foruser
 	 *            the user for which the attribute list is requested
 	 * @returns HashMap a map of attribute name to a Vector of values
 	 */
 	public HashMap<String, Vector<String>> getAttributes(String foruser)
 			throws ConnectException {
 		return authService.getAttributes(foruser);
+	}
             sgarg
-            daigle
+	/*
 	 * format the output in xml for processing from client applications
             daigle
 	 * @param tag the root element tag for the message (error or success) @param
 	 * message the message content of the root element
-            daigle
+	 */
 	private String formatOutput(String tag, String message) {
 		return formatOutput(tag, message, null, null, null, null);
+	}
 	/*
 	 * format the output in xml for processing from client applications
+	 *
 	 * @param tag the root element tag for the message (error or success)
 	 * @param message the message content of the root element
 	 * @param sessionId the session identifier for a successful login
 	 */
 	private String formatOutput(String tag, String message, String sessionId,
 			String username, String[] groups, String userInfo[]) {
 		StringBuffer out = new StringBuffer();
 		out.append("<?xml version=\"1.0\"?>\n");
 		out.append("<" + tag + ">");
 		out.append("\n  <message>" + message + "</message>\n");
 		if (sessionId != null) {
 			out.append("\n  <sessionId>" + sessionId + "</sessionId>\n");
 			if (userInfo != null && userInfo[0] != null) {
 				out.append("\n<name>\n");
 				out.append(userInfo[0]);
 				out.append("\n</name>\n");
+			}
             cjones
 			if(userInfo != null && userInfo[1]!=null){
 				out.append("\n<organization>\n");
 				out.append(userInfo[1]);
 				out.append("\n</organization>\n");
+			}
 			if(userInfo != null && userInfo[2]!=null){
 				out.append("\n<email>\n");
 				out.append(userInfo[2]);
 				out.append("\n</email>\n");
+			}
             daigle
 			try {
 				// insert <isAdministrator> tag if the user is an administrator
-            daigle
+				if (AuthUtil.isAdministrator(username, groups)) {
-            daigle
+					out.append("\n  <isAdministrator></isAdministrator>\n");
+				}
-            daigle
+			} catch (MetacatUtilException ue) {
-            daigle
+				logMetacat.error("Could not determine if user is administrator. "
 						+ "Omitting from xml output: " + ue.getMessage());
+			}
             daigle
 			try {
 				// insert <isModerator> tag if the user is a Moderator
 				if (AuthUtil.isModerator(username, groups)) {
 					out.append("\n  <isModerator></isModerator>\n");
+				}
-            daigle
+			} catch (MetacatUtilException ue) {
-            daigle
+				logMetacat.error("Could not determine if user is moderator. "
 						+ "Omitting from xml output: " + ue.getMessage());
             daigle
+		}
 		out.append("</" + tag + ">");
 		return out.toString();
+	}
 	/**
 	 * Instantiate a class using the name of the class at runtime
+	 *
 	 * @param className the fully qualified name of the class to instantiate
 	 */
-            jones
+	private static Object createObject(String className) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
             daigle
 		Object object = null;
-            jones
+//		try {
-            daigle
+			Class classDefinition = Class.forName(className);
 			object = classDefinition.newInstance();
-            jones
+//		} catch (InstantiationException e) {
 //			throw e;
 //		} catch (IllegalAccessException e) {
 //			throw e;
 //		} catch (ClassNotFoundException e) {
 //			throw e;
 //		}
-            daigle
+		return object;
+	}
 	/**
 	 * Instantiate a class using the name of the class at runtime
+	 *
 	 * @param className the fully qualified name of the class to instantiate
 	 */
 	private static Object createObject(String className, String orgName) throws Exception {
 		Object object = null;
 		try {
 			Class classDefinition = Class.forName(className);
 			object = classDefinition.newInstance();
 		} catch (InstantiationException e) {
 			throw e;
 		} catch (IllegalAccessException e) {
 			throw e;
 		} catch (ClassNotFoundException e) {
 			throw e;
+		}
 		return object;
+	}
             bojilova

Project

General

Profile

Metacat