API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 10th, 2017
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.21 KB | None | 0 0
raw download clone embed print report
  1. package org.wso2.carbon.identity.application.authenticator.basicauth;
  2.  
  3. import java.io.IOException;
  4.  
  5. import javax.servlet.http.HttpServletRequest;
  6. import javax.servlet.http.HttpServletResponse;
  7.  
  8. import org.apache.commons.logging.Log;
  9. import org.apache.commons.logging.LogFactory;
  10. import org.wso2.carbon.CarbonConstants;
  11. import org.wso2.carbon.core.util.AnonymousSessionUtil;
  12. import org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator;
  13. import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationSessionDTO;
  14. import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticatorConstants;
  15. import org.wso2.carbon.registry.core.service.RegistryService;
  16. import org.wso2.carbon.user.core.UserRealm;
  17. import org.wso2.carbon.user.core.UserStoreManager;
  18. import org.wso2.carbon.user.core.service.RealmService;
  19. import org.wso2.carbon.user.core.util.UserCoreUtil;
  20. import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
  21.  
  22. /**
  23. * Username Password based Authenticator
  24. *
  25. */
  26. public class BasicAuthenticator extends AbstractApplicationAuthenticator {
  27.  
  28. private static Log log = LogFactory.getLog(BasicAuthenticator.class);
  29.  
  30. private RegistryService registryService;
  31. private RealmService realmService;
  32.  
  33. public BasicAuthenticator(RegistryService registryService, RealmService realmService) {
  34. this.registryService = registryService;
  35. this.realmService = realmService;
  36. }
  37.  
  38. @Override
  39. public int doAuthentication(HttpServletRequest request, HttpServletResponse response) {
  40. int status = getStatus(request);
  41.  
  42. if (status == BasicAuthenticatorConstants.CUSTOM_STATUS_AUTHENTICATE
  43. || request.getSession().getAttribute(ApplicationAuthenticatorConstants.DO_AUTHENTICATION) != null) {
  44.  
  45. if (canHandle(request)) {
  46. try {
  47. if (authenticate(request)) {
  48. status = ApplicationAuthenticatorConstants.STATUS_AUTHENTICATION_PASS;
  49. cleanUpSession(request);
  50. } else {
  51. //send to re-authenticate
  52. String loginPage = getAuthenticatorConfig().getStatusMap().get(String.valueOf(BasicAuthenticatorConstants.CUSTOM_STATUS_SEND_TO_LOGIN));
  53. status = BasicAuthenticatorConstants.CUSTOM_STATUS_AUTHENTICATE;
  54.  
  55. try {
  56. String sessionDataKey = request.getParameter(ApplicationAuthenticatorConstants.SESSION_DATA_KEY);
  57. ApplicationAuthenticationSessionDTO sessionDTO = (ApplicationAuthenticationSessionDTO)request.getSession().getAttribute(sessionDataKey);
  58. response.sendRedirect(loginPage + sessionDTO.getQueryParams() + "&authFailure=true");
  59. } catch (IOException e) {
  60. e.printStackTrace();
  61. }
  62.  
  63. request.getSession().setAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS, status);
  64. }
  65.  
  66. } catch (Exception e) {
  67. String msg = "Error on BasicAuthenticator authentication";
  68. log.error(msg, e);
  69. status = ApplicationAuthenticatorConstants.STATUS_AUTHENTICATION_FAIL;
  70. }
  71. } else {
  72. status = ApplicationAuthenticatorConstants.STATUS_AUTHENTICATION_CANNOT_HANDLE;
  73. }
  74.  
  75. } else if (status == BasicAuthenticatorConstants.CUSTOM_STATUS_SEND_TO_LOGIN) {
  76. String loginPage = getAuthenticatorConfig().getStatusMap().get(String.valueOf(status));
  77. status = BasicAuthenticatorConstants.CUSTOM_STATUS_AUTHENTICATE;
  78.  
  79. if (isSingleFactorMode()) {
  80. request.getSession().setAttribute(ApplicationAuthenticatorConstants.DO_AUTHENTICATION, Boolean.TRUE);
  81. }
  82.  
  83. try {
  84. response.sendRedirect(loginPage + request.getAttribute("commonAuthQueryParams"));
  85. } catch (IOException e) {
  86. e.printStackTrace();
  87. }
  88.  
  89. request.getSession().setAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS, status);
  90. }
  91.  
  92. return status;
  93. }
  94.  
  95. @Override
  96. public int getStatus(HttpServletRequest request) {
  97. Integer status = (Integer)request.getSession().getAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS);
  98.  
  99. //Read from the configuration , if this is the first time this method is called,
  100. if (status == null){
  101. status = super.getStatus(request);
  102. }
  103.  
  104. return status;
  105. }
  106.  
  107. @Override
  108. public String getAuthenticatorName() {
  109. return BasicAuthenticatorConstants.AUTHENTICATOR_NAME;
  110. }
  111.  
  112. public boolean canHandle(HttpServletRequest request) {
  113.  
  114. String userName = request.getParameter("username");
  115. String password = request.getParameter("password");
  116.  
  117. if (userName != null && password != null) {
  118. return true;
  119. }
  120.  
  121. // This is to login with Remember Me.
  122. // Cookie[] cookies = request.getCookies();
  123. // if (cookies != null) {
  124. // for (Cookie cookie : cookies) {
  125. // if (cookie.getName().equals(CarbonConstants.REMEMBER_ME_COOKE_NAME)) {
  126. // return true;
  127. // }
  128. // }
  129. // }
  130.  
  131. return false;
  132. }
  133.  
  134. private boolean authenticate(HttpServletRequest request) throws Exception {
  135.  
  136. String username = request.getParameter("username");
  137. String password = request.getParameter("password");
  138.  
  139. boolean isAuthenticated = false;
  140. UserRealm realm = AnonymousSessionUtil.getRealmByUserName(registryService, realmService, username);
  141.  
  142. if (realm == null) {
  143. log.warn("Realm creation failed. Tenant may be inactive or invalid.");
  144. return false;
  145. }
  146.  
  147. UserStoreManager userStoreManager = realm.getUserStoreManager();
  148.  
  149. // Check the authentication
  150. isAuthenticated = userStoreManager.authenticate(
  151. MultitenantUtils.getTenantAwareUsername(username), password);
  152. if (!isAuthenticated) {
  153. if (log.isDebugEnabled()) {
  154. log.debug("user authentication failed due to invalid credentials.");
  155. }
  156. return false;
  157. }
  158.  
  159. int index = username.indexOf("/");
  160.  
  161. if (index < 0) {
  162. String domain = UserCoreUtil.getDomainFromThreadLocal();
  163.  
  164. if (domain != null) {
  165. username = domain + "/" + username;
  166. }
  167. }
  168.  
  169. // Check the authorization
  170. boolean isAuthorized = realm.getAuthorizationManager().
  171. isUserAuthorized(MultitenantUtils.getTenantAwareUsername(username),
  172. "/permission/admin/login",
  173. CarbonConstants.UI_PERMISSION_ACTION);
  174.  
  175. if (!isAuthorized) {
  176. if (log.isDebugEnabled()) {
  177. log.debug("Authorization Failure when performing log-in action");
  178. }
  179. return false;
  180. }
  181.  
  182. if (log.isDebugEnabled()) {
  183. log.debug("User is successfully authenticated.");
  184. }
  185.  
  186. request.getSession().setAttribute("username", username);
  187.  
  188. return true;
  189. }
  190.  
  191. private void cleanUpSession(HttpServletRequest request){
  192. request.getSession().setAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS, null);
  193. }
  194. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!