Examples with UserInfo org.smartdata.model.UserInfo used on opensource projects

Example 1 with UserInfo

use of org.smartdata.model.UserInfo in project SSM by Intel-bigdata.

the class LoginRestApi method postLogin.

/**
 * Post Login
 * Returns userName & password
 * for anonymous access, username is always anonymous.
 * After getting this ticket, access through websockets become safe
 *
 * The username/password is managed by SSM in essence, instead of being
 * managed in conf/shiro.ini. SSM will keep username/password in database
 * and every time of authentication, SSM will check login username/password
 * with the one in database
 *
 * @return 200 response
 */
@POST
@ZeppelinApi
public Response postLogin(@FormParam("userName") String userName, @FormParam("password") String password) {
    JsonResponse response = null;
    // ticket set to anonymous for anonymous user. Simplify testing.
    Subject currentUser = org.apache.shiro.SecurityUtils.getSubject();
    if (currentUser.isAuthenticated()) {
        currentUser.logout();
    }
    boolean isCorrectCredential = false;
    try {
        password = StringUtil.toSHA512String(password);
        isCorrectCredential = engine.getCmdletManager().authentic(new UserInfo(userName, password));
    } catch (Exception e) {
        LOG.error("Exception in login: ", e);
    }
    if (!currentUser.isAuthenticated() && isCorrectCredential) {
        response = loginWithZeppelinCredential(currentUser);
    }
    if (response == null) {
        response = new JsonResponse(Response.Status.FORBIDDEN, "", "");
    }
    LOG.warn(response.toString());
    return response.build();
}

Example 2 with UserInfo

use of org.smartdata.model.UserInfo in project SSM by Intel-bigdata.

the class UserInfoDao method insert.

public void insert(UserInfo userInfo) {
    SimpleJdbcInsert simpleJdbcInsert = new SimpleJdbcInsert(dataSource);
    simpleJdbcInsert.setTableName(TABLE_NAME);
    simpleJdbcInsert.execute(toMap(new UserInfo(userInfo.getUserName(), StringUtil.toSHA512String(userInfo.getUserPassword()))));
}

Example 3 with UserInfo

use of org.smartdata.model.UserInfo in project SSM by Intel-bigdata.

the class LoginRestApi method postPassword.

@POST
@Path("newPassword")
@ZeppelinApi
public Response postPassword(@FormParam("userName") String userName, @FormParam("oldPassword") String oldPassword, @FormParam("newPassword1") String newPassword, @FormParam("newPassword2") String newPassword2) {
    LOG.info("Trying to change password for user: " + userName);
    JsonResponse response = null;
    // ticket set to anonymous for anonymous user. Simplify testing.
    Subject currentUser = org.apache.shiro.SecurityUtils.getSubject();
    if (currentUser.isAuthenticated()) {
        currentUser.logout();
    }
    boolean isCorrectCredential = false;
    try {
        String password = StringUtil.toSHA512String(oldPassword);
        isCorrectCredential = engine.getCmdletManager().authentic(new UserInfo(userName, password));
    } catch (Exception e) {
        LOG.error("Exception in login: ", e);
    }
    if (isCorrectCredential) {
        if (newPassword.equals(newPassword2)) {
            try {
                engine.getCmdletManager().newPassword(new UserInfo(userName, newPassword));
                LOG.info("The password has been changed for user: " + userName);
            } catch (Exception e) {
                LOG.error("Exception in setting password: ", e);
            }
        } else {
            LOG.warn("Unmatched password typed in two times, please do it again!");
        }
    }
    // Re-login
    if (!currentUser.isAuthenticated() && isCorrectCredential) {
        response = loginWithZeppelinCredential(currentUser);
    }
    if (response == null) {
        LOG.warn("Incorrect credential for changing password!");
        response = new JsonResponse(Response.Status.FORBIDDEN, "", "");
    }
    return response.build();
}

Example 4 with UserInfo

use of org.smartdata.model.UserInfo in project SSM by Intel-bigdata.

the class LoginRestApi method postAddUser.

/**
 * Adds new user. Only admin user has the permission.
 *
 * @param userName the new user's name to be added
 * @param password1 the new user's password
 * @param password2 the new user's password for verification.
 * @return
 */
@POST
@Path("adduser")
@ZeppelinApi
public Response postAddUser(@FormParam("adminPassword") String adminPassword, @FormParam("userName") String userName, @FormParam("password1") String password1, @FormParam("password2") String password2) {
    Subject currentUser = org.apache.shiro.SecurityUtils.getSubject();
    if (!password1.equals(password2)) {
        String msg = "Unmatched password typed in two times!";
        LOG.warn(msg);
        return new JsonResponse(Response.Status.BAD_REQUEST, msg, "").build();
    }
    String password = StringUtil.toSHA512String(adminPassword);
    try {
        boolean hasCredential = engine.getCmdletManager().authentic(new UserInfo(SSM_ADMIN, password));
        if (hasCredential && currentUser.isAuthenticated()) {
            engine.getCmdletManager().addNewUser(new UserInfo(userName, password1));
        } else {
            String msg = "The typed admin password is not correct!";
            LOG.warn(msg + " Failed to register new user!");
            return new JsonResponse(Response.Status.FORBIDDEN, msg, "").build();
        }
    } catch (MetaStoreException e) {
        LOG.warn(e.getMessage());
        return new JsonResponse(Response.Status.BAD_REQUEST, e.getMessage(), "").build();
    }
    return new JsonResponse(Response.Status.OK, "", "").build();
}