Package unibg.overencrypt.server

Source Code of unibg.overencrypt.server.OverEncryptedSecurityManager

/**
* OverEncrypt project hosted by Università degli Studi di Bergamo
*   -> for PrimeLife project {@link http://www.primelife.eu/}
*/
package unibg.overencrypt.server;


import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import unibg.overencrypt.core.User;
import unibg.overencrypt.protocol.OverEncryptResponse;
import unibg.overencrypt.protocol.ServerPrimitives;
import unibg.overencrypt.server.managers.SessionManager;

import com.bradmcevoy.http.Auth;
import com.bradmcevoy.http.Request;
import com.bradmcevoy.http.Resource;
import com.bradmcevoy.http.SecurityManager;
import com.bradmcevoy.http.Request.Method;
import com.bradmcevoy.http.http11.auth.DigestResponse;

/**
* Manages the security of OverEncrypt application.
*
* @author Flavio Giovarruscio & Riccardo Tribbia
* @version 1.0
*/
public class OverEncryptedSecurityManager implements SecurityManager {

  /** Logger for this class. */
  private Logger log = LoggerFactory.getLogger(OverEncryptedSecurityManager.class);

  /** The resource manager. */
  ResourcesManager resourceManager;  

  /**
   * Instantiates a new over encrypted security manager.
   *
   * @param resourceManager the resource manager
   */
  public OverEncryptedSecurityManager(ResourcesManager resourceManager){
    this.resourceManager = resourceManager;
  }

  /* (non-Javadoc)
   * @see com.bradmcevoy.http.SecurityManager#authenticate(com.bradmcevoy.http.http11.auth.DigestResponse)
   */
  @Override
  public Object authenticate(DigestResponse digestRequest) {
    //NOT IMPLEMENTED
    log.debug("Authenticate digest called");
    return null
  }

  /* (non-Javadoc)
   * @see com.bradmcevoy.http.SecurityManager#authenticate(java.lang.String, java.lang.String)
   */
  @Override
  public Object authenticate(String user, String pwd) {
    log.debug("Authenticate called - user: " + user + " pwd: " + pwd);
    User overEncryptUser = null;
    try {
      overEncryptUser = new User();
      log.debug("UserRoot authenticate is called with: ("+user+","+pwd+")");
      if(overEncryptUser.login(user, pwd)) {
        String userRootPath = ServerConfiguration.getWebDAVrootPath() + "/" + overEncryptUser.getId();
        resourceManager.setRoot(userRootPath);
        log.debug("userRootPath: " + userRootPath.toString());

        //Check if user has already done DHKeyAgreement
        if(overEncryptUser.hasKeys()){
          OverEncryptResponse.generateResponse(ServerPrimitives.OE_AUTHENTICATION, userRootPath, ServerConfiguration.getREALM(), String.valueOf(overEncryptUser.getId()));
        }else{
          OverEncryptResponse.generateResponse(ServerPrimitives.OE_DHKEYPAIRS, userRootPath, ServerConfiguration.getREALM(), String.valueOf(overEncryptUser.getId()));           
        }
        SessionManager.saveSession(String.valueOf(overEncryptUser.getId()));
      } else {
        overEncryptUser = null;
        return null;
      }
    } catch (Exception e) {
      log.warn("Probably SQLException while trying to authenticate user (select to DB): ",e);
      overEncryptUser = null;
      return null;
    }
    return overEncryptUser;
  }

  /* (non-Javadoc)
   * @see com.bradmcevoy.http.SecurityManager#authorise(com.bradmcevoy.http.Request, com.bradmcevoy.http.Request.Method, com.bradmcevoy.http.Auth, com.bradmcevoy.http.Resource)
   */
  @Override
  public boolean authorise(Request request, Method method, Auth auth, Resource resource) {
    log.debug("Authorise called - request: " + request);
    boolean authorized = false;
    User user = new User();
    try {
      if(auth != null && user.login(auth.getUser(),auth.getPassword())){
        if(SessionManager.isAlreadyInSession(String.valueOf(user.getId()))){
          authorized = true;
        }     
      }
    } catch (Exception e) {
      log.error("Exception while trying to retrive user infos",e);
    }
    return authorized;
  }

  /* (non-Javadoc)
   * @see com.bradmcevoy.http.SecurityManager#getRealm(java.lang.String)
   */
  @Override
  public String getRealm(String host) {
    return ServerConfiguration.getREALM();
  }
}
TOP

Related Classes of unibg.overencrypt.server.OverEncryptedSecurityManager

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.