Package org.drools.guvnor.server.security

Source Code of org.drools.guvnor.server.security.DemoAuthenticator

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
/*
* Copyright 2005 JBoss Inc
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*      http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.drools.guvnor.server.security;

import java.io.Serializable;
import java.util.Arrays;
import java.util.List;
import javax.inject.Inject;

import org.jboss.seam.security.BaseAuthenticator;
import org.jboss.seam.security.Credentials;
import org.picketlink.idm.api.Credential;
import org.picketlink.idm.impl.api.PasswordCredential;
import org.picketlink.idm.impl.api.model.SimpleUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
* This will let any user in (as long as the password matches the username),
* effectively removing proper authentication.
* <p/>
* Useful for demo's, tests and development.
*/
public class DemoAuthenticator extends BaseAuthenticator implements Serializable {

    protected transient final Logger log = LoggerFactory.getLogger(getClass());

    @Inject
    private Credentials credentials;

    @Inject
    private RoleBasedPermissionStore roleBasedPermissionStore;

    public void authenticate() {
        upgradeGuestToAdmin();
        String username = credentials.getUsername();
        Credential credential = credentials.getCredential();
        if (username == null || !(credential instanceof PasswordCredential)) {
            setStatus(AuthenticationStatus.FAILURE);
            log.info("Demo login for user (" + username + ") failed: unsupported username/credential.");
            return;
        }
        PasswordCredential passwordCredential = (PasswordCredential) credentials.getCredential();
        if (!username.equals(passwordCredential.getValue())) {
            setStatus(AuthenticationStatus.FAILURE);
            log.info("Demo login for user (" + username + ") failed: wrong username/password.");
            return;
        }
        setStatus(AuthenticationStatus.SUCCESS);
        setUser(new SimpleUser(username));
        log.info("Demo login for user (" + username + ") succeeded.");
    }

    private void upgradeGuestToAdmin() {
        if (credentials.getUsername() != null && credentials.getUsername().equals("guest")) {
            credentials.setUsername("admin");
            credentials.setCredential(new org.picketlink.idm.impl.api.PasswordCredential("admin"));
        }
    }

}
TOP

Related Classes of org.drools.guvnor.server.security.DemoAuthenticator

  • org.picketlink.idm.api.Credential
  • org.picketlink.idm.impl.api.model.SimpleUser
  • org.picketlink.idm.impl.api.PasswordCredential
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.