2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.security
.login
;
18 import java
.io
.IOException
;
19 import java
.util
.Locale
;
21 import javax
.security
.auth
.callback
.Callback
;
22 import javax
.security
.auth
.callback
.CallbackHandler
;
23 import javax
.security
.auth
.callback
.NameCallback
;
24 import javax
.security
.auth
.callback
.PasswordCallback
;
25 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
26 import javax
.security
.auth
.login
.LoginException
;
28 import org
.argeo
.security
.NodeAuthenticationToken
;
29 import org
.argeo
.util
.LocaleCallback
;
30 import org
.argeo
.util
.LocaleUtils
;
31 import org
.springframework
.security
.authentication
.BadCredentialsException
;
32 import org
.springframework
.security
.core
.Authentication
;
34 /** Authenticates an end user */
35 public class EndUserLoginModule
extends AbstractSpringLoginModule
{
36 final static String NODE_REPO_URI
= "argeo.node.repo.uri";
38 private Long waitBetweenFailedLoginAttempts
= 5 * 1000l;
40 private Boolean remote
= false;
41 /** Comma separated list of locales */
42 private String availableLocales
= "";
45 protected Authentication
processLogin(CallbackHandler callbackHandler
)
46 throws LoginException
, UnsupportedCallbackException
, IOException
,
47 InterruptedException
{
48 // ask for username and password
49 NameCallback nameCallback
= new NameCallback("User");
50 PasswordCallback passwordCallback
= new PasswordCallback("Password",
52 final String defaultNodeUrl
= System
.getProperty(NODE_REPO_URI
,
53 "http://localhost:7070/org.argeo.jcr.webapp/remoting/node");
54 NameCallback urlCallback
= new NameCallback("Site URL", defaultNodeUrl
);
55 LocaleCallback localeCallback
= new LocaleCallback(availableLocales
);
56 BundleContextCallback bundleContextCallback
= new BundleContextCallback();
60 callbackHandler
.handle(new Callback
[] { nameCallback
,
61 passwordCallback
, urlCallback
, localeCallback
,
62 bundleContextCallback
});
64 callbackHandler
.handle(new Callback
[] { nameCallback
,
65 passwordCallback
, localeCallback
, bundleContextCallback
});
67 Locale selectedLocale
= localeCallback
.getSelectedLocale();
70 final String username
= nameCallback
.getName();
71 if (username
== null || username
.trim().equals(""))
72 throw new LoginCanceledException();
75 if (passwordCallback
.getPassword() != null)
76 password
= passwordCallback
.getPassword();
78 NodeAuthenticationToken credentials
;
80 String url
= urlCallback
.getName();
81 credentials
= new NodeAuthenticationToken(username
, password
, url
);
83 credentials
= new NodeAuthenticationToken(username
, password
);
88 auth
= getAuthenticationManager(bundleContextCallback
)
89 .authenticate(credentials
);
90 } catch (BadCredentialsException e
) {
91 // wait between failed login attempts
92 Thread
.sleep(waitBetweenFailedLoginAttempts
);
96 if (selectedLocale
!= null)
97 LocaleUtils
.threadLocale
.set(selectedLocale
);
103 public boolean commit() throws LoginException
{
104 return super.commit();