Source Code of AuthenticatorBean

/***************************************************************************
 *  Copyright (c) 2004 - 2008  Fabrizio Boco fabboco@users.sourceforge.net *
 *                                                                         *
 *                                                                         *
 *   This is free software; you can redistribute it and/or                 *
 *   modify it under the terms of the GNU Library General Public           *
 *   License (version 2.1) as published by the Free Software Foundation    *
 *                                                                         *
 *   This library  is distributed in the hope that it will be useful,      *
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
 *   GNU Library General Public License for more details.                  *
 *                                                                         *
 *   You should have received a copy of the GNU Library General Public     *
 *   License along with this library; see the file COPYING.LIB. If not,    *
 *   write to the Free Software Foundation, Inc., 59 Temple Place,         *
 *   Suite 330, Boston, MA  02111-1307, USA                                *
 *                                                                         *
 ***************************************************************************/

/**
 - $Header: $
 - $Author: $
 - $Revision: $
 - $Date: $

 - $Log: $
 **/

package @basePackage.security;

import java.io.Serializable;
import java.util.Date;
import java.util.List;

import javax.ejb.Stateless;
import javax.faces.context.FacesContext;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
import javax.persistence.PersistenceContext;
import javax.transaction.SystemException;

import @basePackage.entity.ApplicationRole;
import @basePackage.entity.ApplicationUser;

import org.boco.seamUtility.messages.MessagesLoader;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Begin;
import org.jboss.seam.annotations.End;
import org.jboss.seam.annotations.FlushModeType;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Out;
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.log.Log;
import org.jboss.seam.security.Identity;
import org.jboss.seam.transaction.Transaction;

import @basePackage.entity.ApplicationRole;

@Name("authenticator")
@Stateless
public class AuthenticatorBean implements Serializable, Authenticator
{

  private static final long  serialVersionUID  = 1L;

  @PersistenceContext
  EntityManager          entityManager;

  @Out(required = false, scope = ScopeType.SESSION)
  @In(required = false, scope = ScopeType.SESSION)
  private ApplicationUser    user;

  @In(required = false)
  private FacesContext      facesContext;

  private String          newPasswordConfirmed;
  private String          newPassword;

  @Logger
  private Log            log;

  public boolean authenticate()
  {
    try
    {
      //  System.out.print("User " + Identity.instance().getUsername());
      //  System.out.print("Password " + Identity.instance().getPassword());

      String encryptedPassword = new DesEncrypter().encrypt(Identity.instance().getPassword());

      user = (ApplicationUser) entityManager.createQuery("select o from ApplicationUser o where o.enabled = true and o.username = :username and o.password = :password").setParameter("username", Identity.instance().getUsername()).setParameter("password", encryptedPassword).getSingleResult();

      log.debug("User " + Identity.instance().getUsername() + " authenticated on " + new Date());
      log.debug("Roles: ");

      List<ApplicationRole> roles = user.getRoles();

      for (ApplicationRole role : roles)
      {
        log.debug("\t"+role.getRoleName());
        Identity.instance().addRole(role.getRoleName());
      }

      return true;
    }
    catch (NoResultException ex)
    {
      FacesMessages messages = FacesMessages.instance();
      messages.clear();
      return false;
    }
  }

  public String getNewPasswordConfirmed()
  {
    return newPasswordConfirmed;
  }

  public void setNewPasswordConfirmed(String newPasswordConfirmed)
  {
    this.newPasswordConfirmed = newPasswordConfirmed;
  }

  public String getNewPassword()
  {
    return newPassword;
  }

  public void setNewPassword(String newPassword)
  {
    this.newPassword = newPassword;
  }

  @Begin(join = true, flushMode = FlushModeType.MANUAL)
  public String initChangePassword()
  {
    setNewPasswordConfirmed(null);
    setNewPassword(null);

    return "/ChangePassword.xhtml";
  }

  //@End()
  public String processChangePassword()
  {
    FacesMessages messages = FacesMessages.instance();

    if (!getNewPassword().equals(getNewPasswordConfirmed()))
    {

      String message = MessagesLoader.getMessageResourceString(facesContext.getApplication().getMessageBundle(), "form_ChangePassword_no_matching_password", null, facesContext.getViewRoot().getLocale());

      messages.add(message);

      return "/ChangePassword.xhtml";
    }

    user.setPassword(new DesEncrypter().encrypt(getNewPassword()));
    entityManager.merge(user);

    entityManager.flush();

    messages.clear();
    return "/Index.xhtml";
  }

  @End(beforeRedirect=true)
  public String cancel() throws IllegalStateException
  {
    try
    {
      Transaction.instance().setRollbackOnly();
    }
    catch (SystemException e)
    {
      log.debug(e);
    }
    return "/Index.xhtml";
  }
}