001: /*
002: * CoadunationLib: The coaduntion implementation library.
003: * Copyright (C) 2006 Rift IT Contracting
004: *
005: * This library is free software; you can redistribute it and/or
006: * modify it under the terms of the GNU Lesser General Public
007: * License as published by the Free Software Foundation; either
008: * version 2.1 of the License, or (at your option) any later version.
009: *
010: * This library is distributed in the hope that it will be useful,
011: * but WITHOUT ANY WARRANTY; without even the implied warranty of
012: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
013: * Lesser General Public License for more details.
014: *
015: * You should have received a copy of the GNU Lesser General Public
016: * License along with this library; if not, write to the Free Software
017: * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
018: *
019: * SessionAuthenticator.java
020: *
021: * This class acts as the standard interceptor authenticator.
022: */
023:
024: // package path
025: package com.rift.coad.lib.interceptor.authenticator;
026:
027: // logging import
028: import org.apache.log4j.Logger;
029:
030: // coadunation imports
031: import com.rift.coad.lib.interceptor.InterceptorAuthenticator;
032: import com.rift.coad.lib.interceptor.InterceptorException;
033: import com.rift.coad.lib.interceptor.credentials.Credential;
034: import com.rift.coad.lib.interceptor.credentials.Session;
035: import com.rift.coad.lib.security.AuthorizationException;
036: import com.rift.coad.lib.security.UserSession;
037: import com.rift.coad.lib.security.user.UserException;
038: import com.rift.coad.lib.security.user.UserSessionManager;
039: import com.rift.coad.lib.security.user.UserStoreManager;
040:
041: /**
042: * This class acts as the standard interceptor authenticator.
043: *
044: * @author Brett Chaldecott
045: */
046: public class SessionAuthenticator implements InterceptorAuthenticator {
047:
048: // the class log variable
049: protected Logger log = Logger.getLogger(SessionAuthenticator.class
050: .getName());
051:
052: // private member variables
053: private UserSessionManager userSessionManager = null;
054: private UserStoreManager userStoreManager = null;
055:
056: /**
057: * The private default constructor private so it cannot not be called
058: * by anyone
059: */
060: private SessionAuthenticator() {
061: System.out.println("The call to the default constructor");
062: }
063:
064: /**
065: * Creates a new instance of SessionAuthenticator
066: *
067: *
068: * @param userSessionManager The reference to the user session manager.
069: * @param userStoreManager Reference to the user store manager
070: */
071: public SessionAuthenticator(UserSessionManager userSessionManager,
072: UserStoreManager userStoreManager) {
073: this .userSessionManager = userSessionManager;
074: this .userStoreManager = userStoreManager;
075: }
076:
077: /**
078: * This method returns a valid user session object for the supplied
079: * credentials
080: *
081: * @return UserSession The new user session for the given credentials.
082: * @param credentials The credentials for the user session.
083: * @exception InterceptorException
084: * @exception AuthorizationException
085: */
086: public UserSession authenticate(Credential credential)
087: throws InterceptorException, AuthorizationException {
088: if (!(credential instanceof Session)) {
089: throw new InterceptorException(
090: "The session authenticator is only capable of dealling "
091: + "with session credentials.");
092: }
093: Session sessionCredential = (Session) credential;
094: UserSession userSession = null;
095: try {
096: userSession = (UserSession) (userSessionManager
097: .getSessionById(sessionCredential.getSessionId())
098: .clone());
099: } catch (UserException ex) {
100: try {
101: userSession = userStoreManager
102: .getUserInfo(sessionCredential.getUsername());
103: userSession.setSessionId(sessionCredential
104: .getSessionId());
105: userSessionManager.addUserSession(userSession);
106: userSession = (UserSession) userSession.clone();
107: } catch (Exception ex2) {
108: log.error(
109: "Failed to retrieve the session information : "
110: + ex2.getMessage(), ex2);
111: throw new InterceptorException(
112: "Failed to retrieve the session information : "
113: + ex2.getMessage(), ex2);
114: }
115: } catch (Exception ex) {
116: throw new InterceptorException(
117: "Failed to retrieve the session information : "
118: + ex.getMessage(), ex);
119: }
120: userSession.setPrincipals(sessionCredential.getPrincipals());
121: return userSession;
122: }
123: }
|