001: /*
002: * $Header: /cvsroot/mvnforum/mvnforum/src/com/mvnforum/auth/SampleRealmAuthenticator.java,v 1.17 2008/01/29 09:54:55 phuongpdd Exp $
003: * $Author: phuongpdd $
004: * $Revision: 1.17 $
005: * $Date: 2008/01/29 09:54:55 $
006: *
007: * ====================================================================
008: *
009: * Copyright (C) 2002-2007 by MyVietnam.net
010: *
011: * All copyright notices regarding mvnForum MUST remain
012: * intact in the scripts and in the outputted HTML.
013: * The "powered by" text/logo with a link back to
014: * http://www.mvnForum.com and http://www.MyVietnam.net in
015: * the footer of the pages MUST remain visible when the pages
016: * are viewed on the internet or intranet.
017: *
018: * This program is free software; you can redistribute it and/or modify
019: * it under the terms of the GNU General Public License as published by
020: * the Free Software Foundation; either version 2 of the License, or
021: * any later version.
022: *
023: * This program is distributed in the hope that it will be useful,
024: * but WITHOUT ANY WARRANTY; without even the implied warranty of
025: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
026: * GNU General Public License for more details.
027: *
028: * You should have received a copy of the GNU General Public License
029: * along with this program; if not, write to the Free Software
030: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
031: *
032: * Support can be obtained from support forums at:
033: * http://www.mvnForum.com/mvnforum/index
034: *
035: * Correspondence and Marketing Questions can be sent to:
036: * info at MyVietnam net
037: *
038: * @author: Phong Ta Quoc
039: */
040: package com.mvnforum.auth;
041:
042: import net.myvietnam.mvncore.exception.*;
043: import net.myvietnam.mvncore.security.Encoder;
044: import net.myvietnam.mvncore.util.StringUtil;
045: import net.myvietnam.mvncore.web.GenericRequest;
046:
047: import org.apache.commons.logging.Log;
048: import org.apache.commons.logging.LogFactory;
049:
050: import com.mvnforum.common.RemoteUserUtil;
051: import com.mvnforum.db.DAOFactory;
052:
053: /**
054: * This is a sample class that implement Authenticator for authenticate user when the system use
055: * authentication type: Realm <p>
056: * Use this class as a sample to write your own Single Sign-On solution
057: */
058: public class SampleRealmAuthenticator extends
059: AbstractSampleAuthenticator {
060:
061: private static Log log = LogFactory
062: .getLog(SampleRealmAuthenticator.class);
063:
064: public String getRemoteUser(GenericRequest request) {
065:
066: String memberName = request.getRemoteUser();
067: memberName = StringUtil.getEmptyStringIfNull(memberName);
068: //log.debug("Member Name is " + memberName);
069:
070: try {
071: StringUtil.checkGoodName(memberName);
072: } catch (BadInputException e) {
073: //MVN accepted for StringBeans's usernames below :
074: if (memberName.equals("default-template")
075: || memberName.equals("login-template")
076: || memberName.equals("preference-template")
077: || memberName.equals("view-user-template")
078: || memberName.equals("home-template")) {
079: //do nothing
080: } else {
081: log.warn(
082: "Cannot accept remote user with a bad username :"
083: + memberName, e);
084: }
085: return null;
086: }
087:
088: if (memberName.length() > 0) {
089: try {
090: DAOFactory.getMemberDAO()
091: .findByAlternateKey_MemberName(memberName);
092: } catch (ObjectNotFoundException onfe) {
093: // memberName does not exist, let to add an account "memberName"
094: try {
095: RemoteUserUtil.createAccount(memberName, request);
096: } catch (Exception e) {
097: // just return null;
098: log.error("Error is :" + e);
099: return null;
100: }
101: } catch (DatabaseException de) {
102: // do nothing,
103: log.error("Error is :" + de);
104: }
105: }
106: //log.debug("Member Name is " + memberName);
107: return memberName;
108: }
109:
110: public boolean isCorrectCurrentPassword(String memberName,
111: String password, boolean encoded) {
112:
113: int memberID = 0;
114: try {
115: memberID = DAOFactory.getMemberDAO()
116: .getMemberIDFromMemberName(memberName);
117: String pass = DAOFactory.getMemberDAO().getPassword(
118: memberID);
119: if (encoded == false) {
120: password = Encoder.getMD5_Base64(password);
121: }
122: return password.equals(pass);
123: } catch (ObjectNotFoundException e) {
124: log.error("Error: ", e);
125: return false;
126: } catch (DatabaseException e) {
127: log.error("Error: ", e);
128: return false;
129: }
130: }
131: }
|