/**
* OverEncrypt project hosted by Università degli Studi di Bergamo
* -> for PrimeLife project {@link http://www.primelife.eu/}
*/
package unibg.overencrypt.server;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import unibg.overencrypt.core.User;
import unibg.overencrypt.protocol.OverEncryptResponse;
import unibg.overencrypt.protocol.ServerPrimitives;
import unibg.overencrypt.server.managers.SessionManager;
import com.bradmcevoy.http.Auth;
import com.bradmcevoy.http.Request;
import com.bradmcevoy.http.Resource;
import com.bradmcevoy.http.SecurityManager;
import com.bradmcevoy.http.Request.Method;
import com.bradmcevoy.http.http11.auth.DigestResponse;
/**
* Manages the security of OverEncrypt application.
*
* @author Flavio Giovarruscio & Riccardo Tribbia
* @version 1.0
*/
public class OverEncryptedSecurityManager implements SecurityManager {
/** Logger for this class. */
private Logger log = LoggerFactory.getLogger(OverEncryptedSecurityManager.class);
/** The resource manager. */
ResourcesManager resourceManager;
/**
* Instantiates a new over encrypted security manager.
*
* @param resourceManager the resource manager
*/
public OverEncryptedSecurityManager(ResourcesManager resourceManager){
this.resourceManager = resourceManager;
}
/* (non-Javadoc)
* @see com.bradmcevoy.http.SecurityManager#authenticate(com.bradmcevoy.http.http11.auth.DigestResponse)
*/
@Override
public Object authenticate(DigestResponse digestRequest) {
//NOT IMPLEMENTED
log.debug("Authenticate digest called");
return null;
}
/* (non-Javadoc)
* @see com.bradmcevoy.http.SecurityManager#authenticate(java.lang.String, java.lang.String)
*/
@Override
public Object authenticate(String user, String pwd) {
log.debug("Authenticate called - user: " + user + " pwd: " + pwd);
User overEncryptUser = null;
try {
overEncryptUser = new User();
log.debug("UserRoot authenticate is called with: ("+user+","+pwd+")");
if(overEncryptUser.login(user, pwd)) {
String userRootPath = ServerConfiguration.getWebDAVrootPath() + "/" + overEncryptUser.getId();
resourceManager.setRoot(userRootPath);
log.debug("userRootPath: " + userRootPath.toString());
//Check if user has already done DHKeyAgreement
if(overEncryptUser.hasKeys()){
OverEncryptResponse.generateResponse(ServerPrimitives.OE_AUTHENTICATION, userRootPath, ServerConfiguration.getREALM(), String.valueOf(overEncryptUser.getId()));
}else{
OverEncryptResponse.generateResponse(ServerPrimitives.OE_DHKEYPAIRS, userRootPath, ServerConfiguration.getREALM(), String.valueOf(overEncryptUser.getId()));
}
SessionManager.saveSession(String.valueOf(overEncryptUser.getId()));
} else {
overEncryptUser = null;
return null;
}
} catch (Exception e) {
log.warn("Probably SQLException while trying to authenticate user (select to DB): ",e);
overEncryptUser = null;
return null;
}
return overEncryptUser;
}
/* (non-Javadoc)
* @see com.bradmcevoy.http.SecurityManager#authorise(com.bradmcevoy.http.Request, com.bradmcevoy.http.Request.Method, com.bradmcevoy.http.Auth, com.bradmcevoy.http.Resource)
*/
@Override
public boolean authorise(Request request, Method method, Auth auth, Resource resource) {
log.debug("Authorise called - request: " + request);
boolean authorized = false;
User user = new User();
try {
if(auth != null && user.login(auth.getUser(),auth.getPassword())){
if(SessionManager.isAlreadyInSession(String.valueOf(user.getId()))){
authorized = true;
}
}
} catch (Exception e) {
log.error("Exception while trying to retrive user infos",e);
}
return authorized;
}
/* (non-Javadoc)
* @see com.bradmcevoy.http.SecurityManager#getRealm(java.lang.String)
*/
@Override
public String getRealm(String host) {
return ServerConfiguration.getREALM();
}
}