/*
* Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.ui;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.authenticator.proxy.AuthenticationAdminClient;
import org.wso2.carbon.authenticator.stub.RememberMeData;
import org.wso2.carbon.core.common.AuthenticationException;
import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.utils.ServerConstants;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import javax.servlet.ServletContext;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.rmi.RemoteException;
public class DefaultCarbonAuthenticator implements CarbonUIAuthenticator {
protected static final Log log = LogFactory.getLog(DefaultCarbonAuthenticator.class);
protected static final String AUTHENTICATION_ADMIN_SERVICE = "AuthenticationAdminService";
private static final int DEFAULT_PRIORITY_LEVEL = 5;
private static final String AUTHENTICATOR_NAME = "DefaultCarbonAuthenticator";
public boolean reAuthenticateOnSessionExpire(Object object) throws AuthenticationException {
boolean isValidRememberMe = false;
try {
HttpServletRequest request = (HttpServletRequest) object;
AuthenticationAdminClient client = getAuthenticationAdminCient(request);
Cookie[] cookies = request.getCookies();
for (Cookie cookie : cookies) {
if (cookie.getName().equals(CarbonConstants.REMEMBER_ME_COOKE_NAME)) {
isValidRememberMe = client.loginWithRememberMeCookie(cookie.getValue());
}
}
} catch (AxisFault e) {
log.error(e.getMessage(), e);
throw new AuthenticationException(e.getMessage(), e);
}
return isValidRememberMe;
}
public boolean isHandle(Object object) {
// try to authenticate any request that comes
// least priority authenticator
return true;
}
/**
* {@inheritDoc}
*/
public boolean authenticate(Object object) throws AuthenticationException {
HttpServletRequest request = (HttpServletRequest) object;
String userName = request.getParameter("username");
String password = request.getParameter("password");
String value = request.getParameter("rememberMe");
boolean isRememberMe = false;
if (value != null && value.equals("rememberMe")) {
isRememberMe = true;
}
boolean isAuthenticated = false;
try {
isAuthenticated = authenticate(request, userName, password, isRememberMe);
} catch (RemoteException e) {
throw new AuthenticationException(e.getMessage(), e);
}
return isAuthenticated;
}
/**
*
*/
public void unauthenticate(Object object) throws Exception {
try {
getAuthenticationAdminCient(((HttpServletRequest) object)).logout();
} catch (Exception ignored) {
String msg = "Configuration context is null.";
log.error(msg);
throw new Exception(msg);
}
}
protected boolean authenticate(HttpServletRequest request, String userName, String password,
boolean isRememberMe) throws RemoteException {
try {
ServletContext servletContext = request.getSession().getServletContext();
ConfigurationContext configContext = (ConfigurationContext) servletContext
.getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);
if (configContext == null) {
String msg = "Configuration context is null.";
log.error(msg);
throw new RemoteException(msg);
}
// Obtain the back-end server URL from the request. If not obtain it
// from the http session and then from the ServletContext.
AuthenticationAdminClient proxy = getAuthenticationAdminCient(request);
String userNameWithDomain = userName;
String domainName = (String) request.getAttribute(MultitenantConstants.TENANT_DOMAIN);
if (domainName != null) {
userNameWithDomain += "@" + domainName;
}
userNameWithDomain = userNameWithDomain.trim();
boolean isLogged = false;
if (isRememberMe) {
RememberMeData data = proxy.loginWithRememberMeOption(userNameWithDomain, password,
request.getRemoteAddr());
if (data != null) {
isLogged = true;
request.setAttribute(CarbonConstants.REMEMBER_ME_COOKIE_VALUE, data.getValue());
request.setAttribute(CarbonConstants.REMEMBER_ME_COOKIE_AGE,
new Integer(data.getMaxAge()).toString());
}
} else {
isLogged = proxy.login(userNameWithDomain, password, request.getRemoteAddr());
}
return isLogged;
} catch (AxisFault axisFault) {
throw axisFault;
} catch (RemoteException e) {
throw e;
} catch (Exception e) {
throw new AxisFault("Exception occured", e);
}
}
/**
* Returns the priority
*/
public int getPriority() {
AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig =
authenticatorsConfiguration.getAuthenticatorConfig(AUTHENTICATOR_NAME);
if (authenticatorConfig != null && authenticatorConfig.getPriority() > 0) {
return authenticatorConfig.getPriority();
}
return DEFAULT_PRIORITY_LEVEL;
}
public String getAuthenticatorName() {
return AUTHENTICATOR_NAME;
}
protected AuthenticationAdminClient getAuthenticationAdminCient(HttpServletRequest request)
throws AxisFault {
HttpSession session = request.getSession();
ServletContext servletContext = session.getServletContext();
String backendServerURL = request.getParameter("backendURL");
if (backendServerURL == null) {
backendServerURL = CarbonUIUtil.getServerURL(servletContext, request.getSession());
}
session.setAttribute(CarbonConstants.SERVER_URL, backendServerURL);
ConfigurationContext configContext = (ConfigurationContext) servletContext
.getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);
String cookie = (String) session.getAttribute(ServerConstants.ADMIN_SERVICE_AUTH_TOKEN);
return new AuthenticationAdminClient(configContext, backendServerURL, cookie, session, true);
}
public boolean isDisabled() {
AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig =
authenticatorsConfiguration.getAuthenticatorConfig(AUTHENTICATOR_NAME);
if (authenticatorConfig != null) {
return authenticatorConfig.isDisabled();
}
return false;
}
}