/*******************************************************************************
$Source: /cvs/repositories/openii3/project/java/examples/org/openeai/cas/EnterpriseUserAuthnHandler.java,v $
$Revision: 1.5 $
*******************************************************************************/
/**********************************************************************
This file is part of the OpenEAI sample, reference implementation,
and deployment management suite created by Tod Jackson
(tod@openeai.org) and Steve Wheat (steve@openeai.org) at
the University of Illinois Urbana-Champaign.
Copyright (C) 2002-2006 The OpenEAI Software Foundation
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
For specific licensing details and examples of how this software
can be used to implement integrations for your enterprise, visit
http://www.OpenEai.org/licensing.
*/
package org.openeai.cas;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import java.util.Properties;
import org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.EnterpriseUser;
import org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.EnterpriseUserPassword;
import org.any_openeai_enterprise.moa.jmsobjects.coreapplication.v1_0.NetId;
import org.apache.log4j.Category;
import org.apache.log4j.PropertyConfigurator;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.openeai.config.AppConfig;
import org.openeai.config.EnterpriseConfigurationObjectException;
import org.openeai.config.EnterpriseFieldException;
import org.openeai.config.LoggerConfig;
import org.openeai.jms.producer.PointToPointProducer;
import org.openeai.moa.EnterpriseObjectCreateException;
import org.openeai.moa.EnterpriseObjectQueryException;
import org.openeai.moa.EnterpriseObjectUpdateException;
/**
* <p>
* EnterpriseUserAuthnHandler is a Authentication Handler for the
* <a href="http://www.ja-sig.org/products/cas/">
* Central Authentication Service, <abbr title="Central Authentication Service">CAS</abbr></a>.
* </p>
* <p>
* EnterpriseUserAuthnHandler uses the OpenEAI framework and needs to be supplied with a deployment document. A
* properties file must also be supplied that contains the location of the deployment document. CAS uses the Spring
* framework to configure authentication handlers so the location of the properties file should be encoded
* in the deployerConfigContext.xml, one the CAS deployment documents.
* </p>
* @author tcerven
*/
public class EnterpriseUserAuthnHandler extends
AbstractUsernamePasswordAuthenticationHandler {
private String propertyFile;
private Category logger;
private AppConfig appConfig;
private PointToPointProducer p2p;
static final String ENTERPRISE_USER = "EnterpriseUser.v1_0";
static final String CAS_PRODUCER = "CasProducer";
static final String ENTERPRISE_USER_PASSWORD="EnterpriseUserPassword.v1_0";
/**
* This method receives a username and password.
* <p>
* It is given a userId which it uses to create an EnterpriseUserPassword.Query-Request. The NetId.Principal
* of the EnterpriseUser in the EnterpriseUserPassword is set to the user name. The NetId.Domain is hardcoded
* "any-openeai-enterprise.org".
* TODO: Parameterize NetId.Domain
* </p><p>
* It is also given a password supplied by the <abbr title="Central Authentication Service">CAS</abbr> login page.
* If this password matches the one returned in the EnterpriseUserPassword, the user has been authenticated.
* </p>
* @see org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler#authenticateUsernamePasswordInternal(org.jasig.cas.authentication.principal.UsernamePasswordCredentials)
*/
protected boolean authenticateUsernamePasswordInternal(UsernamePasswordCredentials credentials)
throws AuthenticationException {
if (appConfig==null) {
System.out.println("["+this.getClass().getSimpleName()+"] AppConfig is null.");
// return false;
throw new BackEndException("["+this.getClass().getSimpleName()+"] AppConfig is null.");
}
String username = credentials.getUsername();
String password = credentials.getPassword();
System.out.println("["+this.getClass().getSimpleName()+"] Authentication request for "
+ username+ "@"+"any-openeai-enterprise.org");
try {
EnterpriseUserPassword eup=lookupEnterpriseUserPassword(username,"any-openeai-enterprise.org");
if (eup==null) {
System.out.println("["+this.getClass().getSimpleName()+"] No EnterpriseUserPassword found.");
System.out.println("["+this.getClass().getSimpleName()+"] Authentication request DENIED!.");
return false;
}
String correctPassword = eup.getPassword().getValue();
if (correctPassword.equals(password)) {
System.out.println("["+this.getClass().getSimpleName()+"] Credentials are in order.");
System.out.println("["+this.getClass().getSimpleName()+"] Authentication request GRANTED.");
} else {
System.out.println("["+this.getClass().getSimpleName()+"] Password does not match.");
System.out.println("["+this.getClass().getSimpleName()+"] Authentication request DENIED!n");
}
return correctPassword.equals(password);
} catch (EnterpriseFieldException e) {
String errMsg="["+this.getClass().getSimpleName()+"] EnterpriseFieldException";
System.out.println(errMsg);
e.printStackTrace();
throw new BackEndException(errMsg);
} catch (EnterpriseConfigurationObjectException e) {
String errMsg="["+this.getClass().getSimpleName()+"] EnterpriseConfigurationObjectException";
System.out.println(errMsg);
e.printStackTrace();
throw new BackEndException(errMsg);
} catch (EnterpriseObjectQueryException e) {
String errMsg="["+this.getClass().getSimpleName()+"] EnterpriseObjectQueryException";
System.out.println(errMsg);
e.printStackTrace();
throw new BackEndException(errMsg);
}
}
/**
* This method is called by CAS when it initializes the authentication handler. It is the perfect place to
* initialize the AppConfig.
*
* @see org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler#afterPropertiesSetInternal()
*/
protected void afterPropertiesSetInternal() {
System.out.println("["+this.getClass().getSimpleName()+"] "+ propertyFile);
// Load the initial properties from the properties file.
Properties initProps = new Properties();
try {
InputStream in = new FileInputStream(propertyFile);
initProps.load(in);
in.close();
}
catch (FileNotFoundException fnfe) {
String errMsg = "["+this.getClass().getSimpleName()+"] Initial properties file not " +
"found. The exception is: " + fnfe.getMessage();
System.out.println(errMsg);
}
catch (IOException ioe) {
String errMsg = "["+this.getClass().getSimpleName()+"] Error loading initial " +
"properties from the properties file. The exception is: " +
ioe.getMessage();
System.out.println(errMsg);
}
// Initialize an AppConfig using the initial properties.
appConfig = null;
try {
appConfig = new AppConfig(initProps);
}
catch (EnterpriseConfigurationObjectException ecoe) {
String errMsg = "["+this.getClass().getSimpleName()+"] Error initializing AppConfig. " +
"The exception is: " + ecoe.getMessage();
System.out.println(errMsg);
ecoe.printStackTrace();
}
// Get the logger from AppConfig.
try {
LoggerConfig lConfig = new LoggerConfig();
lConfig = (LoggerConfig)appConfig.getObjectByType(lConfig.getClass()
.getName());
logger = Category.getInstance("org.openeai.SelfService.SelfServiceProducer");
PropertyConfigurator.configure(lConfig.getProperties());
}
catch (Exception e) {
logger = org.openeai.OpenEaiObject.logger;
}
System.out.println("["+this.getClass().getSimpleName()+"] Got a logger. If it's working, you'll see the same message...");
logger.info("["+this.getClass().getSimpleName()+"] Got a logger. If it's working, you'll see the same message...");
// Get the producer from AppConfig.
try {
p2p = (PointToPointProducer) appConfig.getObject(CAS_PRODUCER);
System.out.println("["+this.getClass().getSimpleName()+"] p2p is "+p2p.getClass());
} catch (EnterpriseConfigurationObjectException e) {
String errMsg = "["+this.getClass().getSimpleName()+"] Error configuring "+CAS_PRODUCER+": " +
"The exception is: " + e.getMessage();
logger.error(errMsg);
System.out.println(errMsg);
e.printStackTrace();
}
}
/**
* bean stuff
* @return Returns the propertyFile.
*/
public String getPropertyFile() {
return propertyFile;
}
/**
* So Spring can inject the location of the property file.
* @param propertyFile The propertyFile to set.
*/
public void setPropertyFile(String propertyFile) {
this.propertyFile = propertyFile;
}
/**
* Creates an EnterpriseUserPassword.Query-Request.
* @param instID
* @param principal
* @param domain
* @param newPassword
* @return the EnterpriseUserPassword object or null if none were found.
* @throws EnterpriseFieldException
* @throws EnterpriseConfigurationObjectException
* @throws EnterpriseFieldException
* @throws EnterpriseConfigurationObjectException
* @throws EnterpriseObjectQueryException
* @throws EnterpriseObjectCreateException
* @throws EnterpriseObjectQueryException
* @throws EnterpriseObjectQueryException
* @throws EnterpriseObjectUpdateException
*/
private EnterpriseUserPassword lookupEnterpriseUserPassword(String principal, String domain) throws EnterpriseFieldException, EnterpriseConfigurationObjectException, EnterpriseObjectQueryException
{
EnterpriseUser eu = (EnterpriseUser)appConfig.getObject(ENTERPRISE_USER);
System.out.println("["+this.getClass().getSimpleName()+"] Got " + ENTERPRISE_USER
+ " from AppConfig, performing Query...");
NetId netId=eu.newNetId();
netId.setPrincipal(principal);
netId.setDomain(domain);
List euQueryList=eu.query(netId,p2p);
if (euQueryList.size()==0) {
System.out.println("["+this.getClass().getSimpleName()+"] No EnterpriseUser for "+principal+"@"+domain+".");
return null;
}
eu=(EnterpriseUser)euQueryList.get(0);
System.out.println("["+this.getClass().getSimpleName()+"] EnterpriseUser found: "+eu);
EnterpriseUserPassword eup=(EnterpriseUserPassword)appConfig.getObject(ENTERPRISE_USER_PASSWORD);
java.util.List returnedEup = eup.query(eu, p2p);
if (returnedEup.size() == 0) {
System.out.println("["+this.getClass().getSimpleName()+"] No EnterpriseUserPassword for EnterpriseUser: "+eu);
return null;
}
//return the first the password in the list
System.out.println("["+this.getClass().getSimpleName()+"] EnterpriseUserPassword found: "+returnedEup.get(0));
return (EnterpriseUserPassword) returnedEup.get(0);
}
}