001: /**
002: * Copyright 2004-2005 jManage.org
003: *
004: * Licensed under the Apache License, Version 2.0 (the "License");
005: * you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */package org.jmanage.core.services;
016:
017: import org.jmanage.core.auth.*;
018: import org.jmanage.core.util.JManageProperties;
019: import org.jmanage.core.util.ErrorCodes;
020: import org.jmanage.core.util.UserActivityLogger;
021:
022: import javax.security.auth.login.LoginContext;
023: import javax.security.auth.login.LoginException;
024: import java.util.*;
025:
026: /**
027: *
028: * date: Feb 4, 2005
029: * @author Rakesh Kalra, Shashank Bellary
030: */
031: public class AuthServiceImpl implements AuthService {
032:
033: private static int MAX_LOGIN_ATTEMPTS_ALLOWED = Integer
034: .parseInt(JManageProperties.getInstance().getProperty(
035: JManageProperties.LOGIN_MAX_ATTEMPTS));
036:
037: /**
038: * @see AuthService login()
039: */
040: public void login(ServiceContext context, String username,
041: String password) throws ServiceException {
042:
043: LoginCallbackHandler callbackHandler = new LoginCallbackHandler(
044: username, password);
045: User user = null;
046: UserManager userManager = UserManager.getInstance();
047: UserActivityLogger logger = UserActivityLogger.getInstance();
048: try {
049: final LoginContext loginContext = new LoginContext(
050: AuthConstants.AUTH_CONFIG_INDEX, callbackHandler);
051: loginContext.login();
052: /* Need this for external login modules, user is really
053: authenticated after this step */
054:
055: Set principals = loginContext.getSubject().getPrincipals();
056: Object obj = null;
057: for (Iterator principalIt = principals.iterator(); principalIt
058: .hasNext();) {
059: if ((obj = principalIt.next()) instanceof User) {
060: user = (User) obj;
061: break;
062: }
063: }
064:
065: /* Successful login:
066: - Add new users authenticated through external LoginModules.
067: - Update the lock count and status of existing users */
068: if (user == null) {
069: user = new User();
070: user.setUsername(username);
071: user.setExternalUser(true);
072: List roles = new ArrayList();
073: roles.add(new Role(
074: org.jmanage.core.auth.ExternalUserRolesConfig
075: .getInstance().getUserRole(username)));
076: user.setRoles(roles);
077: } else {
078: user = userManager.getUser(user.getName());
079: user.setLockCount(0);
080: user.setStatus(User.STATUS_ACTIVE);
081: userManager.updateUser(user);
082: }
083: /* set Subject in session */
084: context._setUser(user);
085: logger
086: .logActivity(user.getName(),
087: "logged in successfully");
088: } catch (LoginException lex) {
089: user = userManager.getUser(username);
090: String errorCode = ErrorCodes.UNKNOWN_ERROR;
091: Object[] values = null;
092: /* Conditionalize the error message */
093: if (user == null) {
094: errorCode = ErrorCodes.INVALID_CREDENTIALS;
095: } else if (User.STATUS_LOCKED.equals(user.getStatus())) {
096: errorCode = ErrorCodes.ACCOUNT_LOCKED;
097: } else if (user.getLockCount() < MAX_LOGIN_ATTEMPTS_ALLOWED) {
098: int this Attempt = user.getLockCount() + 1;
099: user.setLockCount(this Attempt);
100: if (this Attempt == MAX_LOGIN_ATTEMPTS_ALLOWED) {
101: user.setStatus(User.STATUS_LOCKED);
102: userManager.updateUser(user);
103: errorCode = ErrorCodes.ACCOUNT_LOCKED;
104: } else {
105: userManager.updateUser(user);
106: errorCode = ErrorCodes.INVALID_LOGIN_ATTEMPTS;
107: values = new Object[] { String
108: .valueOf(MAX_LOGIN_ATTEMPTS_ALLOWED
109: - this Attempt) };
110: }
111: }
112: if (user != null)
113: logger.logActivity(username, user.getName()
114: + " failed to login");
115: throw new ServiceException(errorCode, values);
116: }
117: }
118:
119: /**
120: *
121: * @param context
122: * @throws ServiceException
123: */
124: public void logout(ServiceContext context, User user)
125: throws ServiceException {
126:
127: // TODO: loginContext needs to be held in the session, so that we
128: // can use the right object to do logout
129: //loginContext.logout();
130: UserActivityLogger.getInstance().logActivity(user.getName(),
131: "logged out successfully");
132: }
133: }
|