01: /*
02:
03: This software is OSI Certified Open Source Software.
04: OSI Certified is a certification mark of the Open Source Initiative.
05:
06: The license (Mozilla version 1.0) can be read at the MMBase site.
07: See http://www.MMBase.org/license
08:
09: */
10: package org.mmbase.security.implementation.context;
11:
12: import org.mmbase.security.Rank;
13: import java.util.Map;
14:
15: import org.mmbase.util.logging.Logger;
16: import org.mmbase.util.logging.Logging;
17:
18: /**
19: * ClassLogin, authentication based on 'class', using <security>/classauthentication.xml or ClassAuthenticationWrapper.
20: *
21: * @author Michiel Meeuwissen
22: * @version $Id: ClassLogin.java,v 1.7 2008/01/10 14:12:24 michiel Exp $
23: * @since MMBase-1.8
24: */
25:
26: public class ClassLogin extends ContextLoginModule {
27: private static final Logger log = Logging
28: .getLoggerInstance(ClassLogin.class);
29:
30: public ContextUserContext login(Map<String, Object> userLoginInfo,
31: Object[] userParameters)
32: throws org.mmbase.security.SecurityException {
33:
34: org.mmbase.security.classsecurity.ClassAuthentication.Login li = org.mmbase.security.classsecurity.ClassAuthentication
35: .classCheck("class");
36: if (li == null) {
37: throw new SecurityException(
38: "Class authentication failed '" + userLoginInfo
39: + "' (class not authorized)");
40: }
41: // get username
42: String userName = li.getMap().get("username");
43: String reqRank = li.getMap().get("rank");
44: if (userName == null && reqRank == null)
45: throw new org.mmbase.security.SecurityException(
46: "expected the property 'username' and/or 'rank' with login");
47:
48: if ("anonymous".equals(reqRank) && userName == null) {
49: return getValidUserContext("anonymous", Rank.ANONYMOUS);
50: }
51:
52: org.w3c.dom.Element node = getAccount(userName, null, reqRank);
53: if (node == null) {
54: log.info("No user with name '" + userName + "' and rank '"
55: + reqRank + "'");
56: return null;
57: }
58: userName = node.getAttribute("name");
59:
60: Rank rank = getRank(userName, null);
61: if (rank == null) {
62: log
63: .warn("expected a rank for user with name '"
64: + userName
65: + "', canceling a valid login due to the fact that the rank attribute was not set");
66: return null;
67:
68: }
69: return getValidUserContext(userName, rank);
70: }
71: }
|