@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
if (accountDAO == null) {
accountDAO = new AccountDAO();
}
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String username = upToken.getUsername();
if (username == null) {
throw new AccountException("Null usernames are not allowed by this realm.");
}
byte[] password = null;
try {
password = accountDAO.getPasswordForUser(username);
if (password == null) {
throw new UnknownAccountException("No account found for user [" + username + "]");
}
} catch (SQLException e) {
throw new AuthenticationException(
"An error occured while authenticating user [" + username + "]", e);
}
return new SimpleAuthenticationInfo(username, password, getName());
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
if (accountDAO == null) {
accountDAO = new AccountDAO();
}
if (principals == null) {
throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
}
String username = (String) getAvailablePrincipal(principals);
Set<String> roleNames = new HashSet<>();
try {
roleNames.add(accountDAO.getRoleNamesForUser(username));
} catch (SQLException e) {
throw new AuthorizationException(
"An error occured while authorizing user [" + username + "]", e);
}
return new SimpleAuthorizationInfo(roleNames);
}