2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.cms
.internal
.auth
;
18 import java
.io
.IOException
;
19 import java
.util
.Locale
;
21 import javax
.security
.auth
.callback
.Callback
;
22 import javax
.security
.auth
.callback
.CallbackHandler
;
23 import javax
.security
.auth
.callback
.NameCallback
;
24 import javax
.security
.auth
.callback
.PasswordCallback
;
25 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
26 import javax
.security
.auth
.login
.CredentialNotFoundException
;
27 import javax
.security
.auth
.login
.LoginException
;
29 import org
.argeo
.security
.NodeAuthenticationToken
;
30 import org
.argeo
.util
.LocaleCallback
;
31 import org
.argeo
.util
.LocaleUtils
;
32 import org
.springframework
.security
.authentication
.BadCredentialsException
;
33 import org
.springframework
.security
.core
.Authentication
;
35 /** Authenticates an end user */
36 public class EndUserLoginModule
extends AbstractLoginModule
{
37 final static String NODE_REPO_URI
= "argeo.node.repo.uri";
39 private Long waitBetweenFailedLoginAttempts
= 5 * 1000l;
41 private Boolean remote
= false;
42 /** Comma separated list of locales */
43 private String availableLocales
= "";
46 protected Authentication
processLogin(CallbackHandler callbackHandler
)
47 throws LoginException
, UnsupportedCallbackException
, IOException
,
48 InterruptedException
{
49 // ask for username and password
50 NameCallback nameCallback
= new NameCallback("User");
51 PasswordCallback passwordCallback
= new PasswordCallback("Password",
53 final String defaultNodeUrl
= System
.getProperty(NODE_REPO_URI
,
54 "http://localhost:7070/org.argeo.jcr.webapp/remoting/node");
55 NameCallback urlCallback
= new NameCallback("Site URL", defaultNodeUrl
);
56 LocaleCallback localeCallback
= new LocaleCallback(availableLocales
);
59 callbackHandler
.handle(new Callback
[] { nameCallback
,
60 passwordCallback
, urlCallback
, localeCallback
});
62 callbackHandler
.handle(new Callback
[] { nameCallback
,
63 passwordCallback
, localeCallback
});
65 Locale selectedLocale
= localeCallback
.getSelectedLocale();
68 final String username
= nameCallback
.getName();
69 if (username
== null || username
.trim().equals(""))
70 throw new CredentialNotFoundException("No credentials provided");
73 if (passwordCallback
.getPassword() != null)
74 password
= passwordCallback
.getPassword();
76 throw new CredentialNotFoundException("No credentials provided");
78 NodeAuthenticationToken credentials
;
80 String url
= urlCallback
.getName();
81 credentials
= new NodeAuthenticationToken(username
, password
, url
);
83 credentials
= new NodeAuthenticationToken(username
, password
);
88 auth
= getAuthenticationManager().authenticate(credentials
);
89 } catch (BadCredentialsException e
) {
90 // wait between failed login attempts
91 Thread
.sleep(waitBetweenFailedLoginAttempts
);
95 if (selectedLocale
!= null)
96 LocaleUtils
.threadLocale
.set(selectedLocale
);
102 public boolean commit() throws LoginException
{
103 return super.commit();