Search in sources :

Example 1 with SystemUserCredentials

use of com.haulmont.cuba.security.auth.SystemUserCredentials in project cuba by cuba-platform.

the class SystemAuthenticationProvider method authenticate.

@Override
public AuthenticationDetails authenticate(Credentials credentials) throws LoginException {
    SystemUserCredentials systemLogin = (SystemUserCredentials) credentials;
    String login = systemLogin.getLogin();
    Locale credentialsLocale = systemLogin.getLocale() == null ? messages.getTools().getDefaultLocale() : systemLogin.getLocale();
    User user = loadUser(login);
    if (user == null) {
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    Locale userLocale = getUserLocale(systemLogin, user);
    UserSession session = userSessionManager.createSession(user, userLocale, true);
    return new SimpleAuthenticationDetails(session);
}
Also used : Locale(java.util.Locale) User(com.haulmont.cuba.security.entity.User) SystemUserCredentials(com.haulmont.cuba.security.auth.SystemUserCredentials) UserSession(com.haulmont.cuba.security.global.UserSession) SimpleAuthenticationDetails(com.haulmont.cuba.security.auth.SimpleAuthenticationDetails) LoginException(com.haulmont.cuba.security.global.LoginException)

Example 2 with SystemUserCredentials

use of com.haulmont.cuba.security.auth.SystemUserCredentials in project cuba by cuba-platform.

the class RunnerBean method setSecurityContext.

protected void setSecurityContext(ScheduledTask task, @Nullable UserSession userSession) throws LoginException {
    if (userSession == null) {
        UUID sessionId = userSessionIds.get(task.getUserName());
        userSession = sessionId == null ? null : userSessions.getAndRefresh(sessionId);
        if (userSession == null) {
            userSession = authenticationManager.login(new SystemUserCredentials(task.getUserName())).getSession();
            userSessionIds.put(task.getUserName(), userSession.getId());
        }
    }
    AppContext.setSecurityContext(new SecurityContext(userSession));
}
Also used : SystemUserCredentials(com.haulmont.cuba.security.auth.SystemUserCredentials) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext)

Example 3 with SystemUserCredentials

use of com.haulmont.cuba.security.auth.SystemUserCredentials in project cuba by cuba-platform.

the class Authentication method begin.

/**
 * Begin an authenticated code block.
 * <br>
 * If a valid current thread session exists, does nothing.
 * Otherwise sets the current thread session, logging in if necessary.
 * <br>
 * Subsequent {@link #end()} method must be called in "finally" section.
 *
 * @param login user login. If null, a value of {@code cuba.jmxUserLogin} app property is used.
 * @return new or cached instance of system user session
 */
public UserSession begin(@Nullable String login) {
    if (cleanupCounter.get() == null) {
        cleanupCounter.set(0);
    }
    // check if a current thread session exists, that is we got here from authenticated code
    SecurityContext securityContext = AppContext.getSecurityContext();
    if (securityContext != null) {
        UserSession userSession = userSessions.getAndRefresh(securityContext.getSessionId());
        if (userSession != null) {
            log.trace("Already authenticated, do nothing");
            cleanupCounter.set(cleanupCounter.get() + 1);
            if (log.isTraceEnabled()) {
                log.trace("New cleanup counter value: {}", cleanupCounter.get());
            }
            return userSession;
        }
    }
    // no current thread session or it is expired - need to authenticate
    if (StringUtils.isBlank(login)) {
        login = getSystemLogin();
    }
    UserSession session = null;
    log.trace("Authenticating as {}", login);
    UUID sessionId = sessions.get(login);
    if (sessionId != null) {
        session = userSessions.getAndRefresh(sessionId);
    }
    if (session == null) {
        // saved session doesn't exist or is expired
        synchronized (this) {
            // double check to prevent the same log in by subsequent threads
            sessionId = sessions.get(login);
            if (sessionId != null) {
                session = userSessions.get(sessionId);
            }
            if (session == null) {
                try {
                    session = authenticationManager.login(new SystemUserCredentials(login)).getSession();
                    session.setClientInfo("System authentication");
                } catch (LoginException e) {
                    throw new RuntimeException("Unable to perform system login", e);
                }
                sessions.put(login, session.getId());
            }
        }
    }
    AppContext.setSecurityContext(new SecurityContext(session));
    return session;
}
Also used : SystemUserCredentials(com.haulmont.cuba.security.auth.SystemUserCredentials) UserSession(com.haulmont.cuba.security.global.UserSession) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext) AppContext.getSecurityContext(com.haulmont.cuba.core.sys.AppContext.getSecurityContext) AppContext.setSecurityContext(com.haulmont.cuba.core.sys.AppContext.setSecurityContext) LoginException(com.haulmont.cuba.security.global.LoginException) UUID(java.util.UUID)

Aggregations

SystemUserCredentials (com.haulmont.cuba.security.auth.SystemUserCredentials)3 SecurityContext (com.haulmont.cuba.core.sys.SecurityContext)2 LoginException (com.haulmont.cuba.security.global.LoginException)2 UserSession (com.haulmont.cuba.security.global.UserSession)2 AppContext.getSecurityContext (com.haulmont.cuba.core.sys.AppContext.getSecurityContext)1 AppContext.setSecurityContext (com.haulmont.cuba.core.sys.AppContext.setSecurityContext)1 SimpleAuthenticationDetails (com.haulmont.cuba.security.auth.SimpleAuthenticationDetails)1 User (com.haulmont.cuba.security.entity.User)1 Locale (java.util.Locale)1 UUID (java.util.UUID)1