2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.cms
.internal
.auth
;
18 import java
.io
.IOException
;
19 import java
.util
.Locale
;
21 import javax
.security
.auth
.callback
.Callback
;
22 import javax
.security
.auth
.callback
.CallbackHandler
;
23 import javax
.security
.auth
.callback
.NameCallback
;
24 import javax
.security
.auth
.callback
.PasswordCallback
;
25 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
26 import javax
.security
.auth
.login
.CredentialNotFoundException
;
27 import javax
.security
.auth
.login
.LoginException
;
29 import org
.argeo
.security
.NodeAuthenticationToken
;
30 import org
.argeo
.util
.LocaleCallback
;
31 import org
.argeo
.util
.LocaleUtils
;
32 import org
.springframework
.security
.authentication
.BadCredentialsException
;
33 import org
.springframework
.security
.core
.Authentication
;
35 /** Authenticates an end user */
36 public class EndUserLoginModule
extends AbstractLoginModule
{
37 final static String NODE_REPO_URI
= "argeo.node.repo.uri";
39 private Long waitBetweenFailedLoginAttempts
= 5 * 1000l;
41 private Boolean remote
= false;
42 /** Comma separated list of locales */
43 private String availableLocales
= "";
46 protected Authentication
processLogin(CallbackHandler callbackHandler
)
47 throws LoginException
, UnsupportedCallbackException
, IOException
,
48 InterruptedException
{
49 if (callbackHandler
== null)
52 // ask for username and password
53 NameCallback nameCallback
= new NameCallback("User");
54 PasswordCallback passwordCallback
= new PasswordCallback("Password",
56 final String defaultNodeUrl
= System
.getProperty(NODE_REPO_URI
,
57 "http://localhost:7070/org.argeo.jcr.webapp/remoting/node");
58 NameCallback urlCallback
= new NameCallback("Site URL", defaultNodeUrl
);
59 LocaleCallback localeCallback
= new LocaleCallback(availableLocales
);
62 callbackHandler
.handle(new Callback
[] { nameCallback
,
63 passwordCallback
, urlCallback
, localeCallback
});
65 callbackHandler
.handle(new Callback
[] { nameCallback
,
66 passwordCallback
, localeCallback
});
68 Locale selectedLocale
= localeCallback
.getSelectedLocale();
71 final String username
= nameCallback
.getName();
72 if (username
== null || username
.trim().equals(""))
73 throw new CredentialNotFoundException("No credentials provided");
76 if (passwordCallback
.getPassword() != null)
77 password
= passwordCallback
.getPassword();
79 throw new CredentialNotFoundException("No credentials provided");
81 NodeAuthenticationToken credentials
;
83 String url
= urlCallback
.getName();
84 credentials
= new NodeAuthenticationToken(username
, password
, url
);
86 credentials
= new NodeAuthenticationToken(username
, password
);
91 auth
= getAuthenticationManager().authenticate(credentials
);
92 } catch (BadCredentialsException e
) {
93 // wait between failed login attempts
94 Thread
.sleep(waitBetweenFailedLoginAttempts
);
98 if (selectedLocale
!= null)
99 LocaleUtils
.threadLocale
.set(selectedLocale
);
105 public boolean commit() throws LoginException
{
106 return super.commit();