Search in sources :

Example 1 with BPMNAuthenticationException

use of org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException in project carbon-business-process by wso2.

the class BPSUserIdentityManager method checkPassword.

@Override
public Boolean checkPassword(String userId, String password) {
    String tenantDomain = MultitenantUtils.getTenantDomain(userId);
    String tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(userId);
    String userNameWithTenantDomain = tenantAwareUserName + "@" + tenantDomain;
    RealmService realmService = RegistryContext.getBaseInstance().getRealmService();
    TenantManager mgr = realmService.getTenantManager();
    int tenantId = 0;
    try {
        tenantId = mgr.getTenantId(tenantDomain);
    } catch (UserStoreException e) {
        throw new BPMNAuthenticationException("Identity exception thrown while getting tenant ID for user : " + userNameWithTenantDomain, e);
    }
    // tenantId == -1, means an invalid tenant.
    if (tenantId == -1) {
        if (log.isDebugEnabled()) {
            log.debug("Basic authentication request with an invalid tenant : " + userNameWithTenantDomain);
        }
        return false;
    }
    org.wso2.carbon.user.api.UserStoreManager userStoreManager = null;
    boolean authStatus = false;
    try {
        userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
        authStatus = userStoreManager.authenticate(tenantAwareUserName, password);
    } catch (UserStoreException e) {
        throw new BPMNAuthenticationException("User store exception thrown while authenticating user : " + userNameWithTenantDomain, e);
    }
    /* IdentityService identityService = BPMNOSGIService.getIdentityService();
        authStatus = identityService.checkPassword(userName, password);*/
    if (log.isDebugEnabled()) {
        log.debug("Basic authentication request completed. " + "Username : " + userNameWithTenantDomain + ", Authentication State : " + authStatus);
    }
    return authStatus;
}
Also used : RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreException(org.wso2.carbon.user.api.UserStoreException) BPMNAuthenticationException(org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException) TenantManager(org.wso2.carbon.user.core.tenant.TenantManager)

Example 2 with BPMNAuthenticationException

use of org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException in project carbon-business-process by wso2.

the class AuthenticationHandler method authenticate.

/**
 * Checks whether a given userName:password combination authenticates correctly against carbon userStore
 * Upon successful authentication returns true, false otherwise
 *
 * @param userName
 * @param password
 * @return
 * @throws RestApiBasicAuthenticationException wraps and throws exceptions occur when trying to authenticate
 *                                             the user
 */
private boolean authenticate(String userName, String password) throws RestApiBasicAuthenticationException {
    boolean authStatus;
    try {
        IdentityService identityService = BPMNOSGIService.getIdentityService();
        authStatus = identityService.checkPassword(userName, password);
        if (!authStatus) {
            return false;
        }
    } catch (BPMNAuthenticationException e) {
        throw new RestApiBasicAuthenticationException(e.getMessage(), e);
    }
    String tenantDomain = MultitenantUtils.getTenantDomain(userName);
    String tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(userName);
    String userNameWithTenantDomain = tenantAwareUserName + "@" + tenantDomain;
    RealmService realmService = RegistryContext.getBaseInstance().getRealmService();
    TenantManager mgr = realmService.getTenantManager();
    int tenantId = 0;
    try {
        tenantId = mgr.getTenantId(tenantDomain);
        // tenantId == -1, means an invalid tenant.
        if (tenantId == -1) {
            if (log.isDebugEnabled()) {
                log.debug("Basic authentication request with an invalid tenant : " + userNameWithTenantDomain);
            }
            return false;
        }
    } catch (UserStoreException e) {
        throw new RestApiBasicAuthenticationException("Identity exception thrown while getting tenant ID for user : " + userNameWithTenantDomain, e);
    }
    /* Upon successful authentication existing thread local carbon context
             * is updated to mimic the authenticated user */
    PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
    carbonContext.setUsername(tenantAwareUserName);
    carbonContext.setTenantId(tenantId);
    carbonContext.setTenantDomain(tenantDomain);
    return true;
}
Also used : IdentityService(org.activiti.engine.IdentityService) RestApiBasicAuthenticationException(org.wso2.carbon.bpmn.rest.common.exception.RestApiBasicAuthenticationException) RealmService(org.wso2.carbon.user.core.service.RealmService) UserStoreException(org.wso2.carbon.user.api.UserStoreException) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) BPMNAuthenticationException(org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException) TenantManager(org.wso2.carbon.user.core.tenant.TenantManager)

Aggregations

BPMNAuthenticationException (org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException)2 UserStoreException (org.wso2.carbon.user.api.UserStoreException)2 RealmService (org.wso2.carbon.user.core.service.RealmService)2 TenantManager (org.wso2.carbon.user.core.tenant.TenantManager)2 IdentityService (org.activiti.engine.IdentityService)1 RestApiBasicAuthenticationException (org.wso2.carbon.bpmn.rest.common.exception.RestApiBasicAuthenticationException)1 PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)1