001 //$HeadURL$
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036
037 package org.deegree.security;
038
039 import java.util.Map;
040
041 import javax.servlet.http.HttpServletRequest;
042
043 import org.deegree.framework.log.ILogger;
044 import org.deegree.framework.log.LoggerFactory;
045 import org.deegree.i18n.Messages;
046 import org.deegree.security.drm.SecurityAccessManager;
047 import org.deegree.security.drm.WrongCredentialsException;
048 import org.deegree.security.drm.model.User;
049
050 /**
051 *
052 *
053 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
054 * @author last edited by: $Author: poth $
055 *
056 * @version $Revision: 6251 $, $Date: 2007-03-19 16:59:28 +0100 (Mo, 19 Mrz 2007) $
057 */
058 public class UserPrincipalAuthentication extends AbstractAuthentication {
059
060 private static final ILogger LOG = LoggerFactory.getLogger( UserPrincipalAuthentication.class );
061
062 protected static final String AUTH_PARAM_USERPRINCIPAL = "USERPRINCIPAL";
063
064 /**
065 *
066 * @param authenticationName
067 * @param initParams
068 */
069 public UserPrincipalAuthentication( String authenticationName, Map<String, String> initParams ) {
070 super( authenticationName, initParams );
071 }
072
073 /*
074 * (non-Javadoc)
075 *
076 * @see org.deegree.security.AbstractAuthentication#authenticate(java.util.Map,
077 * javax.servlet.http.HttpServletRequest)
078 */
079 public User authenticate( Map<String, String> params, HttpServletRequest request )
080 throws WrongCredentialsException {
081 return authenticate( params );
082 }
083
084 /*
085 * (non-Javadoc)
086 *
087 * @see org.deegree.security.AbstractAuthentication#authenticate(java.util.Map)
088 */
089 public User authenticate( Map<String, String> params )
090 throws WrongCredentialsException {
091 String user = params.get( AUTH_PARAM_USERPRINCIPAL );
092
093 LOG.logDebug( "USER: ", user );
094 User usr = null;
095 if ( user != null ) {
096 try {
097 SecurityAccessManager sam = SecurityAccessManager.getInstance();
098 usr = sam.getUserByName( user );
099 try {
100 usr.authenticate( null );
101 } catch ( Exception e ) {
102 LOG.logWarning( "no authentication of user: " + user + " without password" );
103 }
104 if ( !usr.isAuthenticated() ) {
105 LOG.logDebug( "authenticate user: " + user + " with password: " + user );
106 usr.authenticate( user );
107 }
108 } catch ( Exception e ) {
109 LOG.logWarning( "no authentication of user: " + user + " with password: " + user );
110 LOG.logError( e.getMessage() );
111 throw new WrongCredentialsException( Messages.getMessage( "OWSPROXY_USER_AUTH_ERROR", user ) );
112 }
113 }
114
115 return usr;
116 }
117
118 }