use of org.openldap.accelerator.api.createSession.RbacCreateSessionRequestImpl in project directory-fortress-core by apache.
the class AcceleratorDAO method createSession.
/**
* Authenticate user and return sessionId inside {@link org.apache.directory.fortress.core.model.Session#sessionId}.
* This function follows the pattern from: {@link org.apache.directory.fortress.core.AccessMgr#createSession(org.apache.directory.fortress.core.model.User, boolean)}
* Success will result in impl session state, i.e. {@link org.apache.directory.fortress.core.model.Session}, to be stored on server-side.
* Result may be stored inside RBAC server-side audit record and retrieved with {@link org.apache.directory.fortress.core.AuditMgr#searchBinds(org.apache.directory.fortress.core.model.UserAudit)}
*
* It uses the {@link RbacCreateSessionRequest} and {@link RbacCreateSessionResponse} accelerator APIs.
*
* @param user
* @return session contains a valid sessionId captured from accelerator createSession method.
*
* @throws SecurityException rethrows {@code LdapException} with {@code GlobalErrIds.ACEL_CREATE_SESSION_ERR}.
*/
Session createSession(User user) throws SecurityException {
Session session = null;
LdapConnection ld = null;
try {
ld = getAdminConnection();
ld.setTimeOut(0);
// Create a new RBAC session
RbacCreateSessionRequest rbacCreateSessionRequest = new RbacCreateSessionRequestImpl();
// rbacCreateSessionRequest.setTenantId( "jts" );
rbacCreateSessionRequest.setTenantId(user.getContextId());
rbacCreateSessionRequest.setUserIdentity(user.getUserId());
rbacCreateSessionRequest.setPassword(new String(user.getPassword()));
if (CollectionUtils.isNotEmpty(user.getRoles())) {
for (UserRole userRole : user.getRoles()) {
rbacCreateSessionRequest.addRole(userRole.getName());
}
}
// Send the request
RbacCreateSessionResponse rbacCreateSessionResponse = (RbacCreateSessionResponse) ld.extended(rbacCreateSessionRequest);
LOG.debug("createSession userId: {}, sessionId: {}, resultCode: {}", user.getUserId(), rbacCreateSessionResponse.getSessionId(), rbacCreateSessionResponse.getLdapResult().getResultCode());
session = new Session(user, rbacCreateSessionResponse.getSessionId());
if (rbacCreateSessionResponse.getLdapResult().getResultCode() == ResultCodeEnum.SUCCESS) {
session.setAuthenticated(true);
} else {
session.setAuthenticated(false);
String info = "createSession UserId [" + user.getUserId() + "] failed: " + rbacCreateSessionResponse.getLdapResult() + " , resultCode: " + rbacCreateSessionResponse.getLdapResult().getResultCode().getResultCode();
throw new SecurityException(GlobalErrIds.USER_PW_INVLD, info);
}
} catch (LdapException e) {
String error = "createSession userId [" + user.getUserId() + "] caught LDAPException=" + " msg=" + e.getMessage();
throw new SecurityException(GlobalErrIds.ACEL_CREATE_SESSION_ERR, error, e);
} finally {
closeAdminConnection(ld);
}
return session;
}
Aggregations