Java tutorial
/** * Waffle (https://github.com/dblock/waffle) * * Copyright (c) 2010 - 2015 Application Security, Inc. * * All rights reserved. This program and the accompanying materials * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at * http://www.eclipse.org/legal/epl-v10.html * * Contributors: * Application Security, Inc. */ package waffle.spring; import java.util.Locale; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import waffle.servlet.WindowsPrincipal; import waffle.windows.auth.IWindowsAuthProvider; import waffle.windows.auth.IWindowsIdentity; import waffle.windows.auth.PrincipalFormat; /** * A Waffle authentication provider for Spring-security. * * @author dblock[at]dblock[dot]org */ public class WindowsAuthenticationProvider implements AuthenticationProvider { /** The Constant LOGGER. */ private static final Logger LOGGER = LoggerFactory.getLogger(WindowsAuthenticationProvider.class); /** The principal format. */ private PrincipalFormat principalFormat = PrincipalFormat.FQN; /** The role format. */ private PrincipalFormat roleFormat = PrincipalFormat.FQN; /** The allow guest login. */ private boolean allowGuestLogin = true; /** The auth provider. */ private IWindowsAuthProvider authProvider; /** The granted authority factory. */ private GrantedAuthorityFactory grantedAuthorityFactory = WindowsAuthenticationToken.DEFAULT_GRANTED_AUTHORITY_FACTORY; /** The default granted authority. */ private GrantedAuthority defaultGrantedAuthority = WindowsAuthenticationToken.DEFAULT_GRANTED_AUTHORITY; /** * Instantiates a new windows authentication provider. */ public WindowsAuthenticationProvider() { WindowsAuthenticationProvider.LOGGER.debug("[waffle.spring.WindowsAuthenticationProvider] loaded"); } /* * (non-Javadoc) * @see * org.springframework.security.authentication.AuthenticationProvider#authenticate(org.springframework.security. * core.Authentication) */ @Override public Authentication authenticate(final Authentication authentication) { final UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) authentication; final IWindowsIdentity windowsIdentity = this.authProvider.logonUser(auth.getName(), auth.getCredentials().toString()); WindowsAuthenticationProvider.LOGGER.debug("logged in user: {} ({})", windowsIdentity.getFqn(), windowsIdentity.getSidString()); if (!this.allowGuestLogin && windowsIdentity.isGuest()) { WindowsAuthenticationProvider.LOGGER.warn("guest login disabled: {}", windowsIdentity.getFqn()); throw new GuestLoginDisabledAuthenticationException(windowsIdentity.getFqn()); } final WindowsPrincipal windowsPrincipal = new WindowsPrincipal(windowsIdentity, this.principalFormat, this.roleFormat); WindowsAuthenticationProvider.LOGGER.debug("roles: {}", windowsPrincipal.getRolesString()); final WindowsAuthenticationToken token = new WindowsAuthenticationToken(windowsPrincipal, this.grantedAuthorityFactory, this.defaultGrantedAuthority); WindowsAuthenticationProvider.LOGGER.info("successfully logged in user: {}", windowsIdentity.getFqn()); return token; } /** * Supports. * * @param authentication * the authentication * @return true, if successful */ @Override public boolean supports(final Class<? extends Object> authentication) { return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication); } /** * Gets the principal format. * * @return the principal format */ public PrincipalFormat getPrincipalFormat() { return this.principalFormat; } /** * Sets the principal format enum. * * @param value * the new principal format enum */ public void setPrincipalFormatEnum(final PrincipalFormat value) { this.principalFormat = value; } /** * Sets the principal format. * * @param value * the new principal format */ public void setPrincipalFormat(final String value) { this.setPrincipalFormatEnum(PrincipalFormat.valueOf(value.toUpperCase(Locale.ENGLISH))); } /** * Gets the role format. * * @return the role format */ public PrincipalFormat getRoleFormat() { return this.roleFormat; } /** * Sets the role format enum. * * @param value * the new role format enum */ public void setRoleFormatEnum(final PrincipalFormat value) { this.roleFormat = value; } /** * Sets the role format. * * @param value * the new role format */ public void setRoleFormat(final String value) { this.setRoleFormatEnum(PrincipalFormat.valueOf(value.toUpperCase(Locale.ENGLISH))); } /** * Checks if is allow guest login. * * @return true, if is allow guest login */ public boolean isAllowGuestLogin() { return this.allowGuestLogin; } /** * Sets the allow guest login. * * @param value * the new allow guest login */ public void setAllowGuestLogin(final boolean value) { this.allowGuestLogin = value; } /** * Gets the auth provider. * * @return the auth provider */ public IWindowsAuthProvider getAuthProvider() { return this.authProvider; } /** * Sets the auth provider. * * @param value * the new auth provider */ public void setAuthProvider(final IWindowsAuthProvider value) { this.authProvider = value; } /** * Gets the granted authority factory. * * @return the granted authority factory */ public GrantedAuthorityFactory getGrantedAuthorityFactory() { return this.grantedAuthorityFactory; } /** * Sets the granted authority factory. * * @param value * the new granted authority factory */ public void setGrantedAuthorityFactory(final GrantedAuthorityFactory value) { this.grantedAuthorityFactory = value; } /** * Gets the default granted authority. * * @return the default granted authority */ public GrantedAuthority getDefaultGrantedAuthority() { return this.defaultGrantedAuthority; } /** * Sets the default granted authority. * * @param value * the new default granted authority */ public void setDefaultGrantedAuthority(final GrantedAuthority value) { this.defaultGrantedAuthority = value; } }