001: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
002: *
003: * Licensed under the Apache License, Version 2.0 (the "License");
004: * you may not use this file except in compliance with the License.
005: * You may obtain a copy of the License at
006: *
007: * http://www.apache.org/licenses/LICENSE-2.0
008: *
009: * Unless required by applicable law or agreed to in writing, software
010: * distributed under the License is distributed on an "AS IS" BASIS,
011: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
012: * See the License for the specific language governing permissions and
013: * limitations under the License.
014: */
015:
016: package org.acegisecurity.adapters.cas;
017:
018: import org.acegisecurity.Authentication;
019: import org.acegisecurity.AuthenticationException;
020: import org.acegisecurity.AuthenticationManager;
021:
022: import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
023:
024: import org.apache.commons.logging.Log;
025: import org.apache.commons.logging.LogFactory;
026:
027: import org.springframework.beans.factory.InitializingBean;
028:
029: import javax.servlet.ServletRequest;
030:
031: /**
032: * Provides actual CAS authentication by delegation to an <code>AuthenticationManager</code>.<P>Do not use this
033: * class directly. Instead configure CAS to use the {@link CasPasswordHandlerProxy}.</p>
034: *
035: * @author Ben Alex
036: * @version $Id: CasPasswordHandler.java 1496 2006-05-23 13:38:33Z benalex $
037: */
038: public final class CasPasswordHandler implements InitializingBean {
039: //~ Static fields/initializers =====================================================================================
040:
041: private static final Log logger = LogFactory
042: .getLog(CasPasswordHandler.class);
043:
044: //~ Instance fields ================================================================================================
045:
046: private AuthenticationManager authenticationManager;
047:
048: //~ Methods ========================================================================================================
049:
050: public void afterPropertiesSet() throws Exception {
051: if (this .authenticationManager == null) {
052: throw new IllegalArgumentException(
053: "An AuthenticationManager is required");
054: }
055: }
056:
057: /**
058: * Called by <code>CasPasswordHandlerProxy</code> for individual authentication requests.<P>Delegates to
059: * the configured <code>AuthenticationManager</code>.</p>
060: *
061: * @param servletRequest as provided by CAS
062: * @param username provided to CAS
063: * @param password provided to CAS
064: *
065: * @return whether authentication was successful or not
066: */
067: public boolean authenticate(ServletRequest servletRequest,
068: String username, String password) {
069: if ((username == null) || "".equals(username)) {
070: return false;
071: }
072:
073: if (password == null) {
074: password = "";
075: }
076:
077: Authentication request = new UsernamePasswordAuthenticationToken(
078: username.toString(), password.toString());
079: Authentication response = null;
080:
081: try {
082: response = authenticationManager.authenticate(request);
083: } catch (AuthenticationException failed) {
084: if (logger.isDebugEnabled()) {
085: logger.debug("Authentication request for user: "
086: + username + " failed: " + failed.toString());
087: }
088:
089: return false;
090: }
091:
092: if (logger.isDebugEnabled()) {
093: logger.debug("Authentication request for user: " + username
094: + " successful");
095: }
096:
097: return true;
098: }
099:
100: public AuthenticationManager getAuthenticationManager() {
101: return authenticationManager;
102: }
103:
104: public void setAuthenticationManager(
105: AuthenticationManager authenticationManager) {
106: this.authenticationManager = authenticationManager;
107: }
108: }
|