01: package org.drools.brms.server.security;
02:
03: /*
04: * Copyright 2005 JBoss Inc
05: *
06: * Licensed under the Apache License, Version 2.0 (the "License");
07: * you may not use this file except in compliance with the License.
08: * You may obtain a copy of the License at
09: *
10: * http://www.apache.org/licenses/LICENSE-2.0
11: *
12: * Unless required by applicable law or agreed to in writing, software
13: * distributed under the License is distributed on an "AS IS" BASIS,
14: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15: * See the License for the specific language governing permissions and
16: * limitations under the License.
17: */
18:
19: import org.apache.log4j.Logger;
20: import org.jboss.seam.annotations.Name;
21: import org.jboss.seam.security.Identity;
22:
23: /**
24: * This is kind of a nil authenticator, does not validate the user at all.
25: * This will accept any user name except the "guest" user name (as that is used for skipping logging in altogether).
26: * @author Michael Neale
27: */
28: @Name("defaultAuthenticator")
29: public class DefaultAuthenticator {
30:
31: private static final Logger log = Logger
32: .getLogger(DefaultAuthenticator.class);
33:
34: public boolean authenticate() {
35: if (SecurityServiceImpl.GUEST_LOGIN.equals(Identity.instance()
36: .getUsername())) {
37: return false;
38: }
39: log
40: .info("User logged in via default authentication module (no security check).");
41: return true;
42: }
43: }
|