Example 1 with AuthenticationProvider
use of org.craftercms.studio.api.v2.service.security.AuthenticationProvider in project studio by craftercms.
the class AuthenticationChainImpl method init.
public void init() {
List<HierarchicalConfiguration<ImmutableNode>> chainConfig = studioConfiguration.getSubConfigs(CONFIGURATION_AUTHENTICATION_CHAIN_CONFIG);
authenticationChain = new ArrayList<AuthenticationProvider>();
chainConfig.forEach(providerConfig -> {
AuthenticationProvider provider = AuthenticationProviderFactory.getAuthenticationProvider(providerConfig);
if (provider != null && provider.isEnabled()) {
authenticationChain.add(provider);
}
});
}
Also used :
AuthenticationProvider(org.craftercms.studio.api.v2.service.security.AuthenticationProvider)
HierarchicalConfiguration(org.apache.commons.configuration2.HierarchicalConfiguration)
Example 2 with AuthenticationProvider
use of org.craftercms.studio.api.v2.service.security.AuthenticationProvider in project studio by craftercms.
the class AuthenticationChainImpl method doAuthenticate.
@Override
public boolean doAuthenticate(HttpServletRequest request, HttpServletResponse response, String username, String password) throws Exception {
boolean authenticated = false;
Iterator<AuthenticationProvider> iterator = authenticationChain.iterator();
Exception lastError = null;
while (iterator.hasNext()) {
AuthenticationProvider authProvider = iterator.next();
if (authProvider.isEnabled()) {
try {
authenticated = authProvider.doAuthenticate(request, response, this, username, password);
} catch (Exception e) {
lastError = e;
}
if (authenticated)
break;
}
}
String ipAddress = request.getRemoteAddr();
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
if (authenticated) {
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_LOGIN);
auditLog.setActorId(username);
auditLog.setSiteId(siteFeed.getId());
auditLog.setPrimaryTargetId(username);
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(username);
auditServiceInternal.insertAuditLog(auditLog);
logger.info("User " + username + " logged in from IP: " + ipAddress);
} else {
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_LOGIN_FAILED);
auditLog.setActorId(username);
auditLog.setSiteId(siteFeed.getId());
auditLog.setPrimaryTargetId(StringUtils.isEmpty(username) ? StringUtils.EMPTY : username);
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(username);
auditServiceInternal.insertAuditLog(auditLog);
logger.info("Failed to authenticate user " + username + " logging in from IP: " + ipAddress);
if (lastError == null) {
lastError = new AuthenticationSystemException("Unknown service error");
}
throw lastError;
}
return authenticated;
}
Also used :
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException)
AuthenticationProvider(org.craftercms.studio.api.v2.service.security.AuthenticationProvider)
AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
Aggregations
AuthenticationProvider (org.craftercms.studio.api.v2.service.security.AuthenticationProvider)2
HierarchicalConfiguration (org.apache.commons.configuration2.HierarchicalConfiguration)1
SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)1
AuthenticationSystemException (org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException)1
AuditLog (org.craftercms.studio.api.v2.dal.AuditLog)1
