01: /*
02: * Copyright (c) JForum Team
03: * All rights reserved.
04: *
05: * Redistribution and use in source and binary forms,
06: * with or without modification, are permitted provided
07: * that the following conditions are met:
08: *
09: * 1) Redistributions of source code must retain the above
10: * copyright notice, this list of conditions and the
11: * following disclaimer.
12: * 2) Redistributions in binary form must reproduce the
13: * above copyright notice, this list of conditions and
14: * the following disclaimer in the documentation and/or
15: * other materials provided with the distribution.
16: * 3) Neither the name of "Rafael Steil" nor
17: * the names of its contributors may be used to endorse
18: * or promote products derived from this software without
19: * specific prior written permission.
20: *
21: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT
22: * HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
23: * EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
24: * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
25: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
27: * THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
28: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
29: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES
30: * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
32: * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
33: * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
34: * IN CONTRACT, STRICT LIABILITY, OR TORT
35: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
36: * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
37: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
38: *
39: * Created on Mar 28, 2005 7:36:00 PM
40: * The JForum Project
41: * http://www.jforum.net
42: */
43: package net.jforum.sso;
44:
45: import net.jforum.context.RequestContext;
46: import net.jforum.entities.UserSession;
47: import net.jforum.util.preferences.ConfigKeys;
48: import net.jforum.util.preferences.SystemGlobals;
49:
50: /**
51: * Simple SSO authenticator. This class will try to validate an user by simple checking
52: * <code>request.getRemoteUser()</code> is not null.
53: *
54: * @author Rafael Steil
55: * @author Daniel Campagnoli
56: * @version $Id: RemoteUserSSO.java,v 1.10 2006/08/23 02:13:53 rafaelsteil Exp $
57: */
58: public class RemoteUserSSO implements SSO {
59: /**
60: * @see net.jforum.sso.SSO#authenticateUser(net.jforum.context.RequestContext)
61: * @param request AWebContextRequest * @return String
62: */
63: public String authenticateUser(RequestContext request) {
64: return request.getRemoteUser();
65: }
66:
67: public boolean isSessionValid(UserSession userSession,
68: RequestContext request) {
69: String remoteUser = request.getRemoteUser();
70:
71: // user has since logged out
72: if (remoteUser == null
73: && userSession.getUserId() != SystemGlobals
74: .getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
75: return false;
76: }
77: // user has since logged in
78: else if (remoteUser != null
79: && userSession.getUserId() == SystemGlobals
80: .getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
81: return false;
82: }
83: // user has changed user
84: else if (remoteUser != null
85: && !remoteUser.equals(userSession.getUsername())) {
86: return false;
87: }
88:
89: return true;
90: }
91: }
|