Examples of org.structr.core.auth.Authenticator

• org.structr.core.auth.Authenticator
  An authenticator interface that defines how the system can obtain a principal from a HttpServletRequest. @author Christian Morgner @author Axel Morgner

    }
  }

  public Authenticator getAuthenticator() {

    Authenticator authenticator = null;

    try {
      authenticator = (Authenticator) authenticatorClass.newInstance();
      authenticator.setUserAutoCreate(userAutoCreate, userClass);
      authenticator.setUserAutoLogin(userAutoLogin, userClass);

    } catch (Throwable t) {

      logger.log(Level.SEVERE, "Unable to instantiate authenticator {0}: {1}", new Object[] { authenticatorClass, t.getMessage() } );
    }

  // <editor-fold defaultstate="collapsed" desc="DELETE">
  @Override
  protected void doDelete(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {

    SecurityContext securityContext = null;
    Authenticator authenticator     = null;
    RestMethodResult result         = null;
    Resource resource               = null;

    try {

      // first thing to do!
      request.setCharacterEncoding("UTF-8");
      response.setCharacterEncoding("UTF-8");
      response.setContentType("application/json; charset=utf-8");

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        authenticator = config.getAuthenticator();
        securityContext = authenticator.initializeAndExamineRequest(request, response);
        tx.success();
      }

      final App app = StructrApp.getInstance(securityContext);

      // isolate resource authentication
      try (final Tx tx = app.tx()) {

        resource = ResourceHelper.optimizeNestedResourceChain(ResourceHelper.parsePath(securityContext, request, resourceMap, propertyView, config.getDefaultIdProperty()), config.getDefaultIdProperty());
        authenticator.checkResourceAccess(request, resource.getResourceSignature(), propertyView.get(securityContext));

        tx.success();
      }

      // isolate doDelete

  // <editor-fold defaultstate="collapsed" desc="GET">
  @Override
  protected void doGet(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {

    SecurityContext securityContext = null;
    Authenticator authenticator     = null;
    Result result                   = null;
    Resource resource               = null;

    try {

      // first thing to do!
      request.setCharacterEncoding("UTF-8");
      response.setCharacterEncoding("UTF-8");
      response.setContentType("application/json; charset=utf-8");

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        authenticator = config.getAuthenticator();
        securityContext = authenticator.initializeAndExamineRequest(request, response);
        tx.success();
      }

      final App app = StructrApp.getInstance(securityContext);

      // set default value for property view
      propertyView.set(securityContext, config.getDefaultPropertyView());

      // evaluate constraints and measure query time
      double queryTimeStart    = System.nanoTime();

      // isolate resource authentication
      try (final Tx tx = app.tx()) {

        resource = ResourceHelper.applyViewTransformation(request, securityContext,
          ResourceHelper.optimizeNestedResourceChain(
            ResourceHelper.parsePath(securityContext, request, resourceMap, propertyView,
              config.getDefaultIdProperty()), config.getDefaultIdProperty()), propertyView);
        authenticator.checkResourceAccess(request, resource.getResourceSignature(), propertyView.get(securityContext));
        tx.success();
      }

      // add sorting & paging
      String pageSizeParameter = request.getParameter(REQUEST_PARAMETER_PAGE_SIZE);

  // <editor-fold defaultstate="collapsed" desc="HEAD">
  @Override
  protected void doHead(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

    SecurityContext securityContext = null;
    Authenticator authenticator     = null;
    Resource resource               = null;

    try {

      // first thing to do!
      request.setCharacterEncoding("UTF-8");
      response.setCharacterEncoding("UTF-8");
      response.setContentType("application/json; charset=utf-8");

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        authenticator = config.getAuthenticator();
        securityContext = authenticator.initializeAndExamineRequest(request, response);
        tx.success();
      }

      final App app = StructrApp.getInstance(securityContext);

      // set default value for property view
      propertyView.set(securityContext, config.getDefaultPropertyView());

      // isolate resource authentication
      try (final Tx tx = app.tx()) {

        resource = ResourceHelper.applyViewTransformation(request, securityContext,
          ResourceHelper.optimizeNestedResourceChain(
            ResourceHelper.parsePath(securityContext, request, resourceMap, propertyView,
              config.getDefaultIdProperty()), config.getDefaultIdProperty()), propertyView);
        authenticator.checkResourceAccess(request, resource.getResourceSignature(), propertyView.get(securityContext));
        tx.success();
      }

      // add sorting & paging
      String pageSizeParameter = request.getParameter(REQUEST_PARAMETER_PAGE_SIZE);

  // <editor-fold defaultstate="collapsed" desc="OPTIONS">
  @Override
  protected void doOptions(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

    SecurityContext securityContext = null;
    Authenticator authenticator     = null;
    RestMethodResult result         = null;
    Resource resource               = null;

    try {

      // first thing to do!
      request.setCharacterEncoding("UTF-8");
      response.setCharacterEncoding("UTF-8");
      response.setContentType("application/json; charset=utf-8");

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        authenticator = config.getAuthenticator();
        securityContext = authenticator.initializeAndExamineRequest(request, response);
        tx.success();
      }

      final App app = StructrApp.getInstance(securityContext);

      // isolate resource authentication
      try (final Tx tx = app.tx()) {

        resource = ResourceHelper.applyViewTransformation(request, securityContext,
          ResourceHelper.optimizeNestedResourceChain(ResourceHelper.parsePath(securityContext, request, resourceMap, propertyView,
            config.getDefaultIdProperty()), config.getDefaultIdProperty()), propertyView);
        authenticator.checkResourceAccess(request, resource.getResourceSignature(), propertyView.get(securityContext));
        tx.success();
      }

      // isolate doOptions
      boolean retry = true;

  @Override
  protected void doPost(final HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

    final List<RestMethodResult> results = new LinkedList<>();
    SecurityContext securityContext      = null;
    Authenticator authenticator          = null;
    IJsonInput jsonInput          = null;
    Resource resource                    = null;

    try {


      // first thing to do!
      request.setCharacterEncoding("UTF-8");
      response.setCharacterEncoding("UTF-8");
      response.setContentType("application/json; charset=utf-8");

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        authenticator = config.getAuthenticator();
        securityContext = authenticator.initializeAndExamineRequest(request, response);
        tx.success();
      }

      final App app = StructrApp.getInstance(securityContext);

      String input = IOUtils.toString(request.getReader());
      if (StringUtils.isBlank(input)) {
        input = "{}";
      }

      // isolate input parsing (will include read and write operations)
      try (final Tx tx = app.tx()) {
        jsonInput   = gson.get().fromJson(input, IJsonInput.class);
        tx.success();
      }

      if (securityContext != null) {

        // isolate resource authentication
        try (final Tx tx = app.tx()) {

          resource = ResourceHelper.applyViewTransformation(request, securityContext,
              ResourceHelper.optimizeNestedResourceChain(ResourceHelper.parsePath(securityContext, request, resourceMap, propertyView,
              config.getDefaultIdProperty()), config.getDefaultIdProperty()), propertyView);
          authenticator.checkResourceAccess(request, resource.getResourceSignature(), propertyView.get(securityContext));
          tx.success();
        }

        // isolate doPost
        boolean retry = true;

  // <editor-fold defaultstate="collapsed" desc="PUT">
  @Override
  protected void doPut(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {

    SecurityContext securityContext = null;
    Authenticator authenticator     = null;
    RestMethodResult result         = null;
    IJsonInput jsonInput            = null;
    Resource resource               = null;

    try {

      // first thing to do!
      request.setCharacterEncoding("UTF-8");
      response.setCharacterEncoding("UTF-8");
      response.setContentType("application/json; charset=utf-8");

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        authenticator = config.getAuthenticator();
        securityContext = authenticator.initializeAndExamineRequest(request, response);
        tx.success();
      }

      final App app = StructrApp.getInstance(securityContext);

      String input = IOUtils.toString(request.getReader());
      if (StringUtils.isBlank(input)) {
        input = "{}";
      }

      // isolate input parsing (will include read and write operations)
      try (final Tx tx = app.tx()) {
        jsonInput   = gson.get().fromJson(input, IJsonInput.class);
        tx.success();
      }

      if (securityContext != null) {

        // isolate resource authentication
        try (final Tx tx = app.tx()) {

          // evaluate constraint chain
          resource = ResourceHelper.applyViewTransformation(request, securityContext,
            ResourceHelper.optimizeNestedResourceChain(ResourceHelper.parsePath(securityContext, request, resourceMap, propertyView,
              config.getDefaultIdProperty()), config.getDefaultIdProperty()), propertyView);
          authenticator.checkResourceAccess(request, resource.getResourceSignature(), propertyView.get(securityContext));
          tx.success();
        }

        // isolate doPut
        boolean retry = true;

  }

  @Override
  protected void doGet(final HttpServletRequest request, final HttpServletResponse response) {

    final Authenticator auth = config.getAuthenticator();
    final SecurityContext securityContext;
    final App app;

    try {
      String path = request.getPathInfo();

      // check for registration (has its own tx because of write access
      if (checkRegistration(auth, request, response, path)) {

        return;
      }

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        securityContext = auth.initializeAndExamineRequest(request, response);
        tx.success();
      }

      app = StructrApp.getInstance(securityContext);

  }

  @Override
  protected void doHead(final HttpServletRequest request, final HttpServletResponse response) {

    final Authenticator auth = config.getAuthenticator();
    final SecurityContext securityContext;
    final App app;

    try {
      String path = request.getPathInfo();

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        securityContext = auth.initializeAndExamineRequest(request, response);
        tx.success();
      }

      app = StructrApp.getInstance(securityContext);

  }

  @Override
  protected void doOptions(final HttpServletRequest request, final HttpServletResponse response) {

    final Authenticator auth = config.getAuthenticator();

    try {

      // isolate request authentication in a transaction
      try (final Tx tx = StructrApp.getInstance().tx()) {
        auth.initializeAndExamineRequest(request, response);
        tx.success();
      }

      response.setContentLength(0);
      response.setHeader("Allow", "GET,HEAD,OPTIONS");