001: /*
002: * Copyright (c) 2001 - 2005 ivata limited.
003: * All rights reserved.
004: * -----------------------------------------------------------------------------
005: * ivata groupware may be redistributed under the GNU General Public
006: * License as published by the Free Software Foundation;
007: * version 2 of the License.
008: *
009: * These programs are free software; you can redistribute them and/or
010: * modify them under the terms of the GNU General Public License
011: * as published by the Free Software Foundation; version 2 of the License.
012: *
013: * These programs are distributed in the hope that they will be useful,
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
016: *
017: * See the GNU General Public License in the file LICENSE.txt for more
018: * details.
019: *
020: * If you would like a copy of the GNU General Public License write to
021: *
022: * Free Software Foundation, Inc.
023: * 59 Temple Place - Suite 330
024: * Boston, MA 02111-1307, USA.
025: *
026: *
027: * To arrange commercial support and licensing, contact ivata at
028: * http://www.ivata.com/contact.jsp
029: * -----------------------------------------------------------------------------
030: * $Log: SecurityMaskAuthenticator.java,v $
031: * Revision 1.4 2005/10/02 14:08:57 colinmacleod
032: * Added/improved log4j logging.
033: *
034: * Revision 1.3 2005/09/14 15:40:17 colinmacleod
035: * Changed signature of authenticate to provide servlet context (for ivata
036: * cms).
037: * Removed unused local and class variables.
038: * Added serialVersionUID.
039: *
040: * Revision 1.2 2005/04/09 17:19:50 colinmacleod
041: * Changed copyright text to GPL v2 explicitly.
042: *
043: * Revision 1.1.1.1 2005/03/10 17:49:54 colinmacleod
044: * Restructured ivata op around Hibernate/PicoContainer.
045: * Renamed ivata groupware.
046: *
047: * Revision 1.1 2004/12/29 14:09:32 colinmacleod
048: * Changed subproject name from masks to mask
049: *
050: * Revision 1.1 2004/11/12 18:28:27 colinmacleod
051: * Added security session mask authenticator.
052: *
053: * -----------------------------------------------------------------------------
054: */
055: package com.ivata.groupware.mask.struts;
056:
057: import org.apache.log4j.Logger;
058:
059: import java.io.Serializable;
060:
061: import javax.servlet.ServletContext;
062: import javax.servlet.http.HttpServletRequest;
063: import javax.servlet.http.HttpSession;
064:
065: import com.ivata.groupware.admin.security.server.SecuritySession;
066: import com.ivata.mask.util.SystemException;
067: import com.ivata.mask.web.struts.MaskAuthenticator;
068:
069: /**
070: * <p>
071: * Authenticates the current user against the <strong>ivata groupware</strong> security
072: * session.
073: * </p>
074: *
075: * @since Nov 12, 2004
076: * @author Colin MacLeod
077: * <a href='mailto:colin.macleod@ivata.com'>colin.macleod@ivata.com</a>
078: * @version $Revision: 1.4 $
079: */
080:
081: public class SecurityMaskAuthenticator implements MaskAuthenticator,
082: Serializable {
083: /**
084: * Logger for this class.
085: */
086: private static final Logger logger = Logger
087: .getLogger(SecurityMaskAuthenticator.class);
088:
089: /**
090: * Serialization version (for <code>Serializable</code> interface).
091: */
092: private static final long serialVersionUID = 1L;
093:
094: /**
095: * <p>
096: * Authenticates the current user against the <strong>ivata groupware</strong> security
097: * session.
098: * </p>
099: *
100: * @return <code>null</code>, if this is a valid, logged-in user, otherwise
101: * "<code>login</code>".
102: * @see com.ivata.mask.web.struts.MaskAuthenticator#authenticate(HttpSession, HttpServletRequest, ServletContext, boolean)
103: */
104: public String authenticate(HttpSession sessionParam,
105: HttpServletRequest requestParam,
106: ServletContext servletContextParam, final boolean login)
107: throws SystemException {
108: if (logger.isDebugEnabled()) {
109: logger.debug("authenticate(HttpSession sessionParam = "
110: + sessionParam
111: + ", HttpServletRequest requestParam = "
112: + requestParam
113: + ", ServletContext servletContextParam = "
114: + servletContextParam + ", boolean login = "
115: + login + ") - start");
116: }
117:
118: HttpSession session = requestParam.getSession();
119: SecuritySession securitySession = (SecuritySession) session
120: .getAttribute("securitySession");
121:
122: // if we're logging in, or there is a valid security session, that means
123: // carry on as normal...
124: if (login
125: || ((securitySession != null) && !securitySession
126: .isGuest())) {
127: if (logger.isDebugEnabled()) {
128: logger
129: .debug("authenticate(HttpSession, HttpServletRequest, ServletContext, boolean) - end - return value = "
130: + null);
131: }
132: return null;
133: }
134: // otherwise login...
135:
136: if (logger.isDebugEnabled()) {
137: logger
138: .debug("authenticate(HttpSession, HttpServletRequest, ServletContext, boolean) - end - return value = login");
139: }
140: return "login";
141: }
142:
143: }
|