/**
* {@inheritDoc}
*
* <p>Creates a {@code UsernamePasswordAuthenticationToken} from the given {@code principal} and
* {@code credentials} and passes to Spring Security {@code AuthenticationManager}.
*/
@Override
protected Authentication getAuthentication(
final Principal principal, final Credentials credentials) throws RepositoryException {
// only handles SimpleCredential instances; DefaultLoginModule behaves the same way (albeit
// indirectly)
if (!(credentials instanceof SimpleCredentials)) {
logger.debug("credentials not instance of SimpleCredentials; returning null"); // $NON-NLS-1$
return null;
}
SimpleCredentials simpleCredentials = (SimpleCredentials) credentials;
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(
simpleCredentials.getUserID(), String.valueOf(simpleCredentials.getPassword()));
boolean authenticated = false;
try {
org.springframework.security.Authentication authentication =
SecurityContextHolder.getContext().getAuthentication();
if (authentication != null
&& authentication.getName().equals(simpleCredentials.getUserID())) {
// see if there's already an active Authentication for this user.
authenticated = true;
} else {
// delegate to Spring Security
getAuthenticationManager().authenticate(token);
authenticated = true;
}
} catch (AuthenticationException e) {
logger.debug("authentication exception", e); // $NON-NLS-1$
}
final boolean authenticateResult = authenticated;
return new Authentication() {
public boolean canHandle(Credentials credentials) {
// this is decided earlier in getAuthentication
return true;
}
public boolean authenticate(Credentials credentials) throws RepositoryException {
return authenticateResult;
}
};
}
/** @see FlowService#executeJob(String, String, String, long, long, String) */
@Override
public Job executeJob(
Credentials credentials,
String token,
String name,
String description,
long flowInstanceId,
long userId,
String userEmail) {
FlowDao flowDao = daoFactory.getFlowDao();
JobDao jobDao = daoFactory.getJobDao();
Flow flowInstance = flowDao.findById(flowInstanceId, false);
Job job = new Job();
job.setToken(token);
job.setName(name);
job.setDescription(description);
job.setFlow(flowInstance);
job.setOwnerId(userId);
job.setOwnerEmail(userEmail);
SimpleCredentials simpleCreds = (SimpleCredentials) credentials;
String serializedCreds = simpleCreds.getUserID() + ":" + new String(simpleCreds.getPassword());
job.setCredentials(serializedCreds);
jobDao.makePersistent(job);
jobScheduler.scheduleJob(job);
job.setJobStatus(JobStatus.SCHEDULED);
job.setScheduleTimestamp(new Date());
jobDao.makePersistent(job);
jobStatusMonitor.start(job, notificationCreator);
return job;
}
public Session getProviderSession(JCRStoreProvider provider) throws RepositoryException {
if (sessions.get(provider) == null) {
Session s = null;
if (credentials instanceof SimpleCredentials) {
SimpleCredentials simpleCredentials = (SimpleCredentials) credentials;
JahiaLoginModule.Token t =
JahiaLoginModule.getToken(
simpleCredentials.getUserID(), new String(simpleCredentials.getPassword()));
s = provider.getSession(credentials, workspace.getName());
credentials =
JahiaLoginModule.getCredentials(
simpleCredentials.getUserID(), t != null ? t.deniedPath : null);
} else {
s = provider.getSession(credentials, workspace.getName());
}
sessions.put(provider, s);
for (String token : tokens) {
s.addLockToken(token);
}
NamespaceRegistry namespaceRegistryWrapper = getWorkspace().getNamespaceRegistry();
NamespaceRegistry providerNamespaceRegistry = s.getWorkspace().getNamespaceRegistry();
if (providerNamespaceRegistry != null) {
for (String prefix : namespaceRegistryWrapper.getPrefixes()) {
try {
providerNamespaceRegistry.getURI(prefix);
} catch (NamespaceException ne) {
providerNamespaceRegistry.registerNamespace(
prefix, namespaceRegistryWrapper.getURI(prefix));
}
}
}
for (String prefix : prefixToNs.keySet()) {
s.setNamespacePrefix(prefix, prefixToNs.get(prefix));
}
}
return sessions.get(provider);
}
public void logout() {
for (Session session : sessions.values()) {
session.logout();
}
if (credentials instanceof SimpleCredentials) {
SimpleCredentials simpleCredentials = (SimpleCredentials) credentials;
JahiaLoginModule.removeToken(
simpleCredentials.getUserID(), new String(simpleCredentials.getPassword()));
}
isLive = false;
activeSessions.decrementAndGet();
}
@Override
protected boolean isPreAuthenticated(final Credentials creds) {
if (super.isPreAuthenticated(creds)) {
SimpleCredentials simpleCreds = (SimpleCredentials) creds;
String preAuth = (String) simpleCreds.getAttribute(getPreAuthAttributeName());
boolean preAuthenticated = preAuthenticationTokens.contains(preAuth);
if (preAuthenticated) {
if (logger.isDebugEnabled()) {
logger.debug(simpleCreds.getUserID() + " is pre-authenticated"); // $NON-NLS-1$
}
} else {
if (logger.isDebugEnabled()) {
logger.debug("pre-authentication token rejected"); // $NON-NLS-1$
}
}
return preAuthenticated;
}
return false;
}
@Override
protected String getUserID(Credentials credentials) {
if (!(credentials instanceof SimpleCredentials)) {
return super.getUserID(credentials);
}
SimpleCredentials cred = (SimpleCredentials) credentials;
String id = cred.getUserID();
if (id == null) {
return super.getUserID(credentials);
}
String key = id + String.valueOf(cred.getPassword());
String userId = ids.get(key);
if (userId != null) {
return userId;
}
boolean realId = false;
Object realIdAttr = cred.getAttribute(JackrabbitConstants.REAL_USER_ID_USED);
if (realIdAttr instanceof String) {
realId = Boolean.valueOf((String) realIdAttr);
}
if (!realId) {
try {
LoginTable loginTable = LoginDBHandler.getUserLoginByUserName(id);
userId = loginTable == null ? null : String.valueOf(loginTable.getUserId());
} catch (Exception e) {
e.printStackTrace();
}
}
if (userId == null) {
userId = super.getUserID(credentials);
}
if (userId != null) {
ids.put(key, userId);
}
return userId;
}