/** * Authorize user. * * @param bean the bean * @param httpMethod the http method * @return true, if successful * @throws VtnServiceWebAPIException the vtn service web api exception */ public static boolean authoriseUser(SessionBean bean, String httpMethod) throws VtnServiceWebAPIException { LOG.trace("Start VtnServiceCommonUtil#authoriseUser()"); boolean ipStatus = false; final ConfigurationManager configurationManager = ConfigurationManager.getInstance(); final String ipAddresses = configurationManager.getAccessProperty(ApplicationConstants.ACCESS_ALL); LOG.debug("Authorized IP Address from Configuration : " + ipAddresses); final String httpMethodAccessIpAddress = configurationManager.getAccessProperty(httpMethod.toUpperCase()); LOG.debug("Authorized methods from Configuration : " + ipAddresses); if (ipAddresses != null && ApplicationConstants.WILD_CARD_STAR.equals(ipAddresses.trim())) { ipStatus = true; } else if (ipAddresses.indexOf(bean.getIpAddress()) != -1) { ipStatus = true; } else if (null != httpMethodAccessIpAddress && !httpMethodAccessIpAddress.isEmpty() && ApplicationConstants.WILD_CARD_STAR.equals(httpMethodAccessIpAddress.trim())) { ipStatus = true; } else if (null != httpMethodAccessIpAddress && !httpMethodAccessIpAddress.isEmpty() && httpMethodAccessIpAddress.indexOf(bean.getIpAddress()) != -1) { ipStatus = true; } LOG.debug("Authorize User Result : " + ipStatus); LOG.trace("Complete VtnServiceCommonUtil#authoriseUser()"); return ipStatus; }
/** * Gets the session object. * * @param sessionJson the session json * @return the session object * @throws VtnServiceWebAPIException the vtn service web api exception */ public static SessionBean getSessionObject(final JsonObject sessionJson) throws VtnServiceWebAPIException { LOG.trace("Start VtnServiceCommonUtil#getSessionObject()"); final SessionBean sessionBean = new SessionBean(); final List<String> mandatoryList = Arrays.asList( SessionEnum.USERNAME.getSessionElement(), SessionEnum.PASSWORD.getSessionElement(), SessionEnum.IPADDRESS.getSessionElement()); final JsonObject sessionJsonObj = (JsonObject) sessionJson.get(ApplicationConstants.SESSION); for (final String value : mandatoryList) { if (!sessionJsonObj.has(value) || null == sessionJsonObj.get(value)) { throw new VtnServiceWebAPIException(HttpErrorCodeEnum.UNC_UNAUTHORIZED.getCode()); } } sessionBean.setUserName( sessionJsonObj.get(SessionEnum.USERNAME.getSessionElement()) != null ? sessionJsonObj.get(SessionEnum.USERNAME.getSessionElement()).getAsString() : null); sessionBean.setPassword( sessionJsonObj.get(SessionEnum.PASSWORD.getSessionElement()) != null ? sessionJsonObj.get(SessionEnum.PASSWORD.getSessionElement()).getAsString() : null); sessionBean.setIpAddress( sessionJsonObj.get(SessionEnum.IPADDRESS.getSessionElement()) != null ? sessionJsonObj.get(SessionEnum.IPADDRESS.getSessionElement()).getAsString() : null); sessionBean.setType(ApplicationConstants.SESSION_TYPE); LOG.debug("Username : "******"Password : "******"Type : " + sessionBean.getType()); LOG.trace("Complete VtnServiceCommonUtil#getSessionObject()"); return sessionBean; }