コード例 #1
0
  /**
   * Retrieve the details of a user by username
   *
   * @param username The username of a user to retrieve
   * @param source The authentication source if known
   * @return User The user requested
   * @throws AuthenticationException if any errors occur
   */
  @Override
  public User getUser(JsonSessionState session, String username, String source)
      throws AuthenticationException {
    // Sanity check
    if (username == null || username.equals("") || source == null || source.equals("")) {
      throw new AuthenticationException("Invalid user data requested");
    }

    // SSO Users
    if (sso.containsKey(source)) {
      GenericUser user = (GenericUser) sso.get(source).getUserObject(session);
      // Sanity check our data
      if (user == null || !user.getUsername().equals(username)) {
        throw new AuthenticationException("Unknown user '" + username + "'");
      }
      return user;
    }

    // Trust token users
    if (source.startsWith(TRUST_TOKEN_PREFIX)) {
      String sUsername = (String) session.get("username");
      String sSource = (String) session.get("source");

      // We can't lookup token users so it must match
      if (sUsername == null
          || !username.equals(sUsername)
          || sSource == null
          || !source.equals(sSource)) {
        throw new AuthenticationException("Unknown user '" + username + "'");
      }

      // Seems valid, create a basic user object and return
      GenericUser user = new GenericUser();
      user.setUsername(username);
      user.setSource(source);
      return user;
    }

    // Standard users
    authManager.setActivePlugin(source);
    return authManager.getUser(username);
  }
コード例 #2
0
  /**
   * Logout the provided user
   *
   * @return user The user to logout
   */
  @Override
  public void logout(JsonSessionState session, User user) throws AuthenticationException {
    String source = user.getSource();

    // Clear session
    session.remove("username");
    session.remove("source");

    // SSO Users
    if (sso.containsKey(source)) {
      sso.get(source).logout(session);
      return;
    }

    // Trust token users
    if (source.startsWith(TRUST_TOKEN_PREFIX)) {
      session.remove("validToken");
      return;
    }

    // Standard users
    authManager.logOut(user);
  }