01: /*
02:
03: This software is OSI Certified Open Source Software.
04: OSI Certified is a certification mark of the Open Source Initiative.
05:
06: The license (Mozilla version 1.0) can be read at the MMBase site.
07: See http://www.MMBase.org/license
08:
09: */
10: package org.mmbase.security.implementation.context;
11:
12: import org.mmbase.security.Rank;
13: import java.util.Map;
14:
15: import org.mmbase.util.logging.Logger;
16: import org.mmbase.util.logging.Logging;
17:
18: /**
19: * Class PasswordLogin
20: * @javadoc
21: *
22: * @author Eduard Witteveen
23: * @version $Id: PasswordLogin.java,v 1.9 2008/01/10 14:12:24 michiel Exp $
24: */
25:
26: public class PasswordLogin extends ContextLoginModule {
27: private static Logger log = Logging
28: .getLoggerInstance(PasswordLogin.class);
29:
30: public ContextUserContext login(Map<String, Object> userLoginInfo,
31: Object[] userParameters)
32: throws org.mmbase.security.SecurityException {
33:
34: // get userName
35: String userName = (String) userLoginInfo.get("username");
36: if (userName == null)
37: throw new org.mmbase.security.SecurityException(
38: "expected the property 'username' with login");
39:
40: // get password
41: String password = (String) userLoginInfo.get("password");
42: if (password == null)
43: throw new org.mmbase.security.SecurityException(
44: "expected the property 'password' with login");
45:
46: log.debug("request for user: '" + userName + "' with pass: '"
47: + password + "'");
48:
49: org.w3c.dom.Element node = getAccount(userName);
50: if (node == null) {
51: log.info("user with name:" + userName
52: + " doesnt have a value for this module");
53: return null;
54: }
55: org.w3c.dom.Element identify = (org.w3c.dom.Element) node
56: .getElementsByTagName("identify").item(0);
57: String configPassword = org.mmbase.util.xml.DocumentReader
58: .getNodeTextValue(identify);
59: if (!configPassword.equals(password)) {
60: log.debug("user with name:" + userName + " used pass:"
61: + password + " but needed :" + configPassword);
62: log.info("user with name:" + userName
63: + " didnt give the right password");
64: return null;
65: }
66:
67: Rank rank = getRank(userName);
68: if (rank == null) {
69: log
70: .warn("expected a rank for user with the name:"
71: + userName
72: + ", canceling a valid login due to the fact that the rank attribute wasnt set");
73: return null;
74:
75: }
76: return getValidUserContext(userName, rank);
77: }
78: }
|