1 /**
2 * This file Copyright (c) 2003-2010 Magnolia International
3 * Ltd. (http://www.magnolia-cms.com). All rights reserved.
4 *
5 *
6 * This file is dual-licensed under both the Magnolia
7 * Network Agreement and the GNU General Public License.
8 * You may elect to use one or the other of these licenses.
9 *
10 * This file is distributed in the hope that it will be
11 * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the
12 * implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT.
14 * Redistribution, except as permitted by whichever of the GPL
15 * or MNA you select, is prohibited.
16 *
17 * 1. For the GPL license (GPL), you can redistribute and/or
18 * modify this file under the terms of the GNU General
19 * Public License, Version 3, as published by the Free Software
20 * Foundation. You should have received a copy of the GNU
21 * General Public License, Version 3 along with this program;
22 * if not, write to the Free Software Foundation, Inc., 51
23 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
24 *
25 * 2. For the Magnolia Network Agreement (MNA), this file
26 * and the accompanying materials are made available under the
27 * terms of the MNA which accompanies this distribution, and
28 * is available at http://www.magnolia-cms.com/mna.html
29 *
30 * Any modifications to this file must keep this entire header
31 * intact.
32 *
33 */
34 package info.magnolia.cms.security;
35
36 import info.magnolia.cms.security.auth.callback.CredentialsCallbackHandler;
37 import info.magnolia.cms.security.auth.login.LoginResult;
38
39 import javax.security.auth.Subject;
40 import javax.security.auth.login.LoginContext;
41 import javax.security.auth.login.LoginException;
42
43 import org.apache.commons.lang.StringUtils;
44 import org.slf4j.Logger;
45 import org.slf4j.LoggerFactory;
46
47
48 /**
49 * @author philipp
50 * @version $Id: SecuritySupportBase.java 33167 2010-03-22 15:22:30Z gjoseph $
51 *
52 */
53 public abstract class SecuritySupportBase implements SecuritySupport {
54 private static final Logger log = LoggerFactory.getLogger(SecuritySupportBase.class);
55
56 public LoginResult authenticate(CredentialsCallbackHandler callbackHandler, String customLoginModule) {
57 Subject subject;
58 try {
59 LoginContext loginContext = createLoginContext(callbackHandler, customLoginModule);
60 loginContext.login();
61 subject = loginContext.getSubject();
62 User user = callbackHandler.getUser();
63 // not all jaas modules will support magnolia users
64 if(user == null){
65 user = SecuritySupport.Factory.getInstance().getUserManager().getUser(subject);
66 }
67 user.setSubject(subject);
68 return new LoginResult(LoginResult.STATUS_SUCCEEDED, user);
69 }
70 catch (LoginException e) {
71 logLoginException(e);
72 return new LoginResult(LoginResult.STATUS_FAILED, e);
73 }
74 }
75
76 /**
77 * Logs plain LoginException in error level, but subclasses in debug, since they
78 * are specifically thrown when a known error occurs (wrong password, blocked account,
79 * etc.)
80 */
81 private void logLoginException(LoginException e) {
82 if (e.getClass().equals(LoginException.class)) {
83 log.error("Can't login due to: ", e);
84 } else {
85 // specific subclasses were added in Java5 to identify what the login failure was
86 log.debug("Can't login due to: ", e);
87 }
88 }
89
90 protected static LoginContext createLoginContext(CredentialsCallbackHandler callbackHandler, String customLoginModule) throws LoginException {
91 final String loginContextName = StringUtils.defaultString(customLoginModule, "magnolia");
92 return new LoginContext(loginContextName, callbackHandler);
93 }
94
95 }