Package org.openeai.cas

Source Code of org.openeai.cas.EnterpriseUserAuthnHandler

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
/*******************************************************************************
$Source: /cvs/repositories/openii3/project/java/examples/org/openeai/cas/EnterpriseUserAuthnHandler.java,v $
$Revision: 1.5 $
*******************************************************************************/

/**********************************************************************
This file is part of the OpenEAI sample, reference implementation,
and deployment management suite created by Tod Jackson
(tod@openeai.org) and Steve Wheat (steve@openeai.org) at
the University of Illinois Urbana-Champaign.

Copyright (C) 2002-2006 The OpenEAI Software Foundation

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

For specific licensing details and examples of how this software
can be used to implement integrations for your enterprise, visit
http://www.OpenEai.org/licensing.
*/

package org.openeai.cas;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import java.util.Properties;

import org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.EnterpriseUser;
import org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.EnterpriseUserPassword;
import org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.NetId;
import org.apache.log4j.Category;
import org.apache.log4j.PropertyConfigurator;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.openeai.config.AppConfig;
import org.openeai.config.EnterpriseConfigurationObjectException;
import org.openeai.config.EnterpriseFieldException;
import org.openeai.config.LoggerConfig;
import org.openeai.jms.producer.PointToPointProducer;
import org.openeai.moa.EnterpriseObjectCreateException;
import org.openeai.moa.EnterpriseObjectQueryException;
import org.openeai.moa.EnterpriseObjectUpdateException;

/**
* <p>
* EnterpriseUserAuthnHandler is a Authentication Handler for the
* <a href="http://www.ja-sig.org/products/cas/">
* Central Authentication Service, <abbr title="Central Authentication Service">CAS</abbr></a>.
* </p>
* <p>
* EnterpriseUserAuthnHandler uses the OpenEAI framework and needs to be supplied with a deployment document. A
* properties file must also be supplied that contains the location of the deployment document. CAS uses the Spring
* framework to configure authentication handlers so the location of the properties file should be encoded
* in the deployerConfigContext.xml, one the CAS deployment documents.
* </p>
* @author tcerven
*/
public class EnterpriseUserAuthnHandler extends
    AbstractUsernamePasswordAuthenticationHandler {
 
  private String propertyFile;
  private Category logger;
  private AppConfig appConfig;
  private PointToPointProducer p2p;
  static final String ENTERPRISE_USER = "EnterpriseUser.v1_0";
  static final String CAS_PRODUCER = "CasProducer";
  static final String ENTERPRISE_USER_PASSWORD="EnterpriseUserPassword.v1_0";
 
  /**
   * This method receives a username and password.
   * <p>
   * It is given a userId which it uses to create an EnterpriseUserPassword.Query-Request. The NetId.Principal
   * of the EnterpriseUser in the EnterpriseUserPassword is set to the user name. The NetId.Domain is hardcoded
   * "any-openeai-enterprise.org".
   * TODO: Parameterize NetId.Domain
   * </p><p>
   * It is also given a password supplied by the <abbr title="Central Authentication Service">CAS</abbr> login page.
   * If this password matches the one returned in the EnterpriseUserPassword, the user has been authenticated.
   * </p>
   * @see org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler#authenticateUsernamePasswordInternal(org.jasig.cas.authentication.principal.UsernamePasswordCredentials)
   */
  protected boolean authenticateUsernamePasswordInternal(UsernamePasswordCredentials credentials)
    throws AuthenticationException {
    if (appConfig==null) {
      System.out.println("["+this.getClass().getSimpleName()+"] AppConfig is null.");
      // return false;
      throw new BackEndException("["+this.getClass().getSimpleName()+"] AppConfig is null.");   
    }
    String username = credentials.getUsername();
    String password = credentials.getPassword();
    System.out.println("["+this.getClass().getSimpleName()+"] Authentication request for "
        + username+ "@"+"any-openeai-enterprise.org");
    try {
      EnterpriseUserPassword eup=lookupEnterpriseUserPassword(username,"any-openeai-enterprise.org");
      if (eup==null) {
        System.out.println("["+this.getClass().getSimpleName()+"] No EnterpriseUserPassword found.");
        System.out.println("["+this.getClass().getSimpleName()+"] Authentication request DENIED!.");
        return false;
      }
      String correctPassword = eup.getPassword().getValue();
      if (correctPassword.equals(password)) {
        System.out.println("["+this.getClass().getSimpleName()+"] Credentials are in order.");
        System.out.println("["+this.getClass().getSimpleName()+"] Authentication request GRANTED.");
      } else {
        System.out.println("["+this.getClass().getSimpleName()+"] Password does not match.");
        System.out.println("["+this.getClass().getSimpleName()+"] Authentication request DENIED!n");       
      }
      return correctPassword.equals(password);

    } catch (EnterpriseFieldException e) {
      String errMsg="["+this.getClass().getSimpleName()+"] EnterpriseFieldException";
      System.out.println(errMsg);
      e.printStackTrace();
      throw new BackEndException(errMsg);   
    } catch (EnterpriseConfigurationObjectException e) {
      String errMsg="["+this.getClass().getSimpleName()+"] EnterpriseConfigurationObjectException";
      System.out.println(errMsg);
      e.printStackTrace();
      throw new BackEndException(errMsg);   
    } catch (EnterpriseObjectQueryException e) {
      String errMsg="["+this.getClass().getSimpleName()+"] EnterpriseObjectQueryException";
      System.out.println(errMsg);
      e.printStackTrace();
      throw new BackEndException(errMsg);   
    }
  }

  /**
   * This method is called by CAS when it initializes the authentication handler. It is the perfect place to
   * initialize the AppConfig.
   * 
   * @see org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler#afterPropertiesSetInternal()
   */
  protected void afterPropertiesSetInternal() {
    System.out.println("["+this.getClass().getSimpleName()+"] "+ propertyFile);
      // Load the initial properties from the properties file.
      Properties initProps = new Properties();
      try {
        InputStream in = new FileInputStream(propertyFile);
        initProps.load(in);
        in.close();
      }
      catch (FileNotFoundException fnfe) {
        String errMsg = "["+this.getClass().getSimpleName()+"] Initial properties file not " +
          "found. The exception is: " + fnfe.getMessage();
        System.out.println(errMsg);
      }
      catch (IOException ioe) {
        String errMsg = "["+this.getClass().getSimpleName()+"] Error loading initial " +
          "properties from the properties file. The exception is: " +
          ioe.getMessage();
        System.out.println(errMsg);
      }
      // Initialize an AppConfig using the initial properties.
      appConfig = null;
      try {
        appConfig = new AppConfig(initProps);
      }
      catch (EnterpriseConfigurationObjectException ecoe) {
        String errMsg = "["+this.getClass().getSimpleName()+"] Error initializing AppConfig. " +
          "The exception is: " + ecoe.getMessage();
        System.out.println(errMsg);
        ecoe.printStackTrace();
      }
      // Get the logger from AppConfig.
      try {
        LoggerConfig lConfig = new LoggerConfig();
        lConfig = (LoggerConfig)appConfig.getObjectByType(lConfig.getClass()
          .getName());
        logger = Category.getInstance("org.openeai.SelfService.SelfServiceProducer");
        PropertyConfigurator.configure(lConfig.getProperties());
      }
      catch (Exception e) {
        logger = org.openeai.OpenEaiObject.logger;
      }   
    System.out.println("["+this.getClass().getSimpleName()+"] Got a logger. If it's working, you'll see the same message...");
    logger.info("["+this.getClass().getSimpleName()+"] Got a logger. If it's working, you'll see the same message...");
      // Get the producer from AppConfig.
    try {
      p2p = (PointToPointProducer) appConfig.getObject(CAS_PRODUCER);
      System.out.println("["+this.getClass().getSimpleName()+"] p2p is "+p2p.getClass());
    } catch (EnterpriseConfigurationObjectException e) {
          String errMsg = "["+this.getClass().getSimpleName()+"] Error configuring "+CAS_PRODUCER+": " +
            "The exception is: " + e.getMessage();
          logger.error(errMsg);
          System.out.println(errMsg);
          e.printStackTrace();
    }
  }
  /**
   * bean stuff
   * @return Returns the propertyFile.
   */
  public String getPropertyFile() {
    return propertyFile;
  }
  /**
   * So Spring can inject the location of the property file.
   * @param propertyFile The propertyFile to set.
   */
  public void setPropertyFile(String propertyFile) {
    this.propertyFile = propertyFile;
  }
 
  /**
   * Creates an EnterpriseUserPassword.Query-Request.
   * @param instID
   * @param principal
   * @param domain
   * @param newPassword
   * @return the EnterpriseUserPassword object or null if none were found.
   * @throws EnterpriseFieldException
   * @throws EnterpriseConfigurationObjectException
   * @throws EnterpriseFieldException
   * @throws EnterpriseConfigurationObjectException
   * @throws EnterpriseObjectQueryException
   * @throws EnterpriseObjectCreateException
   * @throws EnterpriseObjectQueryException
   * @throws EnterpriseObjectQueryException
   * @throws EnterpriseObjectUpdateException
   */
  private EnterpriseUserPassword lookupEnterpriseUserPassword(String principal, String domain) throws EnterpriseFieldException, EnterpriseConfigurationObjectException, EnterpriseObjectQueryException
    {
      EnterpriseUser eu = (EnterpriseUser)appConfig.getObject(ENTERPRISE_USER);
      System.out.println("["+this.getClass().getSimpleName()+"] Got " + ENTERPRISE_USER
          + " from AppConfig, performing Query...");
      NetId netId=eu.newNetId();
      netId.setPrincipal(principal);
      netId.setDomain(domain);
      List euQueryList=eu.query(netId,p2p);
      if (euQueryList.size()==0) {
        System.out.println("["+this.getClass().getSimpleName()+"] No EnterpriseUser for "+principal+"@"+domain+".");
        return null;
      }
      eu=(EnterpriseUser)euQueryList.get(0);
      System.out.println("["+this.getClass().getSimpleName()+"] EnterpriseUser found: "+eu);
     
      EnterpriseUserPassword eup=(EnterpriseUserPassword)appConfig.getObject(ENTERPRISE_USER_PASSWORD);
     
      java.util.List returnedEup = eup.query(eu, p2p);
      if (returnedEup.size() == 0) {
        System.out.println("["+this.getClass().getSimpleName()+"] No EnterpriseUserPassword for EnterpriseUser: "+eu);
        return null;
      }
      //return the first the password in the list
         System.out.println("["+this.getClass().getSimpleName()+"] EnterpriseUserPassword found: "+returnedEup.get(0));
         return (EnterpriseUserPassword) returnedEup.get(0);   
  }

}
TOP

Related Classes of org.openeai.cas.EnterpriseUserAuthnHandler

  • org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.EnterpriseUser
  • org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.EnterpriseUserPassword
  • org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.NetId
  • org.openeai.config.AppConfig
  • org.openeai.config.LoggerConfig
  • java.io.InputStream
  • java.io.FileInputStream
  • java.util.Properties
  • java.util.List
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.