Package ca.carleton.gcrc.auth.common

Examples of ca.carleton.gcrc.auth.common.User

154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
   
    logger.info("Login authorization: "+auth+" name:"+name+" adjustCookies: "+adjustCookies);
   
    if( null == auth ) {
      // No authentication provided. Assume default user.
      User user = userRepository.getDefaultUser();

      // If adjusting cookies, do not complain and return OK
      if( adjustCookies ) {
        acceptRequest(response, false, user);
       
      } else {
        // Inform client that authentication is required.
        rejectRequest(response);
      }
      return;
    }
   
    String[] userNameAndPassword = null;
    try {
      userNameAndPassword = AuthenticationUtils.getUserNameAndPassword(auth);
    } catch (Exception e) {
      throw new Exception("Unable to acquire user",e);
    }
   
    // An auth has been provided. Check that the auth corresponds to
    // the 'name' provided by the script. This is to avoid a situation
    // where the browser has changed its tokens, already learned from
    // the fact that this path is protected and supplies already known
    // credentials, ignoring the username and password provided in the
    // XmlHttpRequest
   
    if( false == adjustCookies ) {
      if( null == name ) {
        // We're not adjusting cookies, therefore we must know the
        // intended user
        throw new Exception("name parameter not provided");
      }
      if( false == name.equals( userNameAndPassword[0] ) ) {
        // The funny (interesting) situation has occurred.
        // Send back a 401 to get intended name and password
        rejectRequest(response);
        return;
      }
    }
   
    // From this point on, an auth has been provided for an intended
    // user. We do not want to return an error or else a pop-up box
    // from the browser (not javascript) will be displayed. Even if
    // login fails, return an OK status. The outcome of the login is
    // returned as a JSON object. Also, the cookie installed on the
    // client reflects a default user if the authentication fails.

    User user;
    boolean loggedIn = false;
    try {
      user = userRepository.authenticate(userNameAndPassword[0],userNameAndPassword[1]);
      loggedIn = true;
    } catch (Exception e) {
View Full Code Here
277
278
279
280
281
282
283
284
    // to return an error or else a pop-up box from the browser (not
    // javascript) will be displayed. At this point, we are logging out
    // so we are expecting bogus credentials and we should not check
    // them. Accept request as default user.
   
    User user = userRepository.getDefaultUser();
    acceptRequest(response, false, user);
  }
View Full Code Here
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
      logger.info("Unable to decode user name and password",e);
      return result;
    }

    // Fetch user from repository
    User user;
    try {
      user = userRepository.authenticate(userNameAndPassword[0],userNameAndPassword[1]);

      logger.info("user: "+user);
     
      result.user = user;
     
      if( allowAnonymous && user.isAnonymous() ) {
        result.allowed = true;
       
      } else if( allowAdmin && user.isAdmin() ) {
        result.allowed = true;
       
      } else if( allowUser && !user.isAdmin() && !user.isAnonymous() ) {
        result.allowed = true;
      }

    } catch (Exception e) {
     
View Full Code Here
177
178
179
180
181
182
183
184
185
186
187
  private void checkAuthentication(
      HttpServletRequest request,
      HttpServletResponse response,
      FilterChain chain) throws Exception {
    String[] userNameAndPassword = null;
    User user = null;
    if (request instanceof AuthHttpServletRequest) {
     
      user = AuthenticationUtils.getUserFromRequest(request);
      checkAndDispatch(user, request, response, chain);
     
View Full Code Here
40
41
42
43
44
45
46
47
48
49
50
51
 

  public JSONObject userInfoFromId(int id) throws Exception {
    JSONObject result = new JSONObject();
   
    User user = userFromId(id);
    result.put("display", user.getDisplayName());
    result.put("anonymous", user.isAnonymous());
    result.put("admin", user.isAdmin());
   
    return result;
  }
View Full Code Here
168
169
170
171
172
173
174
175
176
177
178
      sendErrorResponse(response, e);
    }
  }
 
  private void performGetSchema(HttpServletRequest request, HttpServletResponse response) throws Exception {
    User user = AuthenticationUtils.getUserFromRequest(request);
    String tableName = getTableNameFromRequest(request);
   
    DbTableAccess tableAccess = DbTableAccess.getAccess(dbSecurity, tableName, new DbUserAdaptor(user));
    JSONObject schema = tableAccess.getSchema();
   
View Full Code Here
178
179
180
181
182
183
184
185
186
187
188
   
    sendJsonResponse(response, schema);
  }
 
  private void performGetCapabilities(HttpServletRequest request, HttpServletResponse response) throws Exception {
    User user = AuthenticationUtils.getUserFromRequest(request);

    List<TableSchema> tableSchemas = dbSecurity.getAvailableTablesFromGroups( new DbUserAdaptor(user) );

    JSONArray array = new JSONArray();
    for(TableSchema schema : tableSchemas) {
View Full Code Here
226
227
228
229
230
231
232
233
234
235
236
   * @param request http request containing the query parameters.
   * @param response http response to be sent.
   * @throws Exception (for a variety of reasons detected while parsing and validating the http parms).
   */
  private void performQuery(HttpServletRequest request, HttpServletResponse response) throws Exception {
    User user = AuthenticationUtils.getUserFromRequest(request);
    String tableName = getTableNameFromRequest(request);
   
    DbTableAccess tableAccess = DbTableAccess.getAccess(dbSecurity, tableName, new DbUserAdaptor(user));
   
    List<RecordSelector> whereMap = getRecordSelectorsFromRequest(request);
View Full Code Here
311
312
313
314
315
316
317
318
319
320
321
   * @param request http request containing the query parameters.
   * @param response http response to be sent.
   * @throws Exception (for a variety of reasons detected while parsing and validating the http parms).
   */
  private void performMultiQuery(HttpServletRequest request, HttpServletResponse response) throws Exception {
    User user = AuthenticationUtils.getUserFromRequest(request);

    String[] queriesStrings = request.getParameterValues("queries");
    if( 1 != queriesStrings.length ) {
      throw new Exception("Parameter 'queries' must be specified exactly oncce");
    }
View Full Code Here
504
505
506
507
508
509
510
511
512
513
514
    return query;
  }

  private void performInsert(HttpServletRequest request, HttpServletResponse response) throws Exception {
    User user = AuthenticationUtils.getUserFromRequest(request);
    String tableName = getTableNameFromRequest(request);
   
    DbTableAccess tableAccess = DbTableAccess.getAccess(dbSecurity, tableName, new DbUserAdaptor(user));

    Map<String,String> setterMap = getSetParametersMap(request);
View Full Code Here
TOP

Related Classes of ca.carleton.gcrc.auth.common.User

  • ca.carleton.gcrc.auth.Authentication
  • ca.carleton.gcrc.auth.AuthFilter
  • ca.carleton.gcrc.auth.AuthServlet
  • ca.carleton.gcrc.auth.common.impl.UserRepositoryAbstract
  • ca.carleton.gcrc.auth.cookie.AuthFilter
  • ca.carleton.gcrc.auth.cookie.AuthServlet
  • ca.carleton.gcrc.auth.cookie.impl.CookieAuthentication
  • ca.carleton.gcrc.dbWeb.DbWebServlet
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.