1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.cms.security;
35
36 import info.magnolia.cms.security.auth.callback.CredentialsCallbackHandler;
37 import info.magnolia.cms.security.auth.login.LoginResult;
38
39 import javax.security.auth.Subject;
40 import javax.security.auth.login.LoginContext;
41 import javax.security.auth.login.LoginException;
42
43 import org.apache.commons.lang.StringUtils;
44 import org.slf4j.Logger;
45 import org.slf4j.LoggerFactory;
46
47
48
49
50
51
52
53 public abstract class SecuritySupportBase implements SecuritySupport {
54 private static final Logger log = LoggerFactory.getLogger(SecuritySupportBase.class);
55
56 public LoginResult authenticate(CredentialsCallbackHandler callbackHandler, String customLoginModule) {
57 Subject subject;
58 try {
59 LoginContext loginContext = createLoginContext(callbackHandler, customLoginModule);
60 loginContext.login();
61 subject = loginContext.getSubject();
62 User user = callbackHandler.getUser();
63
64 if(user == null){
65 user = SecuritySupport.Factory.getInstance().getUserManager().getUser(subject);
66 }
67 user.setSubject(subject);
68 return new LoginResult(LoginResult.STATUS_SUCCEEDED, user);
69 }
70 catch (LoginException e) {
71 logLoginException(e);
72 return new LoginResult(LoginResult.STATUS_FAILED, e);
73 }
74 }
75
76
77
78
79
80
81 private void logLoginException(LoginException e) {
82 if (e.getClass().equals(LoginException.class)) {
83 log.error("Can't login due to: ", e);
84 } else {
85
86 log.debug("Can't login due to: ", e);
87 }
88 }
89
90 protected static LoginContext createLoginContext(CredentialsCallbackHandler callbackHandler, String customLoginModule) throws LoginException {
91 final String loginContextName = StringUtils.defaultString(customLoginModule, "magnolia");
92 return new LoginContext(loginContextName, callbackHandler);
93 }
94
95 }