details: https://code.openbravo.com/erp/devel/pi/rev/3d63eb9bc450
changeset: 13687:3d63eb9bc450
user: Iván Perdomo <ivan.perdomo <at> openbravo.com>
date: Fri Sep 09 13:40:25 2011 +0200
summary: Fixes issue 18410 and fixes issue 15359: AuthenticationManager
refactor
- Refactor AuthenticationManager, change from Interface to Abstract class.
- The AuthManager custom implementations need to implement doAuthenticate and
doLogout
- Move code from LoginHandler to DefaultAuthenticationManager
diffstat:
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
| 6 +-
modules/org.openbravo.service.integration.google/src/org/openbravo/service/integration/google/GoogleAuthServlet.java
| 197 +------
src/index.jsp
| 2 +-
src/org/openbravo/authentication/AuthenticationException.java
| 37 +-
src/org/openbravo/authentication/AuthenticationManager.java
| 278 +++++++++-
src/org/openbravo/authentication/basic/AutologonAuthenticationManager.java
| 48 +-
src/org/openbravo/authentication/basic/DefaultAuthenticationManager.java
| 214 ++++---
src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
| 58 +-
src/org/openbravo/base/secureApp/LoginHandler.java
| 118 +--
src/org/openbravo/base/secureApp/LoginUtils.java
| 2 +-
10 files changed, 518 insertions(+), 442 deletions(-)
diffs (truncated from 1286 to 300 lines):
diff -r 5ed0d514fade -r 3d63eb9bc450
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
---
a/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
Fri Sep 09 13:22:51 2011 +0200
+++
b/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
Fri Sep 09 13:40:25 2011 +0200
@@ -107,10 +107,6 @@
}
}
- public ServletContext getServletContext() {
- return servletContext;
- }
-
protected void processComponentRequest(HttpServletRequest request,
HttpServletResponse response)
throws IOException, ServletException {
@@ -219,7 +215,7 @@
throw new UnsupportedOperationException("Only GET/POST is supported");
}
- @SuppressWarnings("unchecked")
+ @SuppressWarnings("rawtypes")
private Map<String, Object> getParameterMap(HttpServletRequest request) {
final Map<String, Object> parameterMap = new HashMap<String, Object>();
for (Enumeration keys = request.getParameterNames();
keys.hasMoreElements();) {
diff -r 5ed0d514fade -r 3d63eb9bc450
modules/org.openbravo.service.integration.google/src/org/openbravo/service/integration/google/GoogleAuthServlet.java
---
a/modules/org.openbravo.service.integration.google/src/org/openbravo/service/integration/google/GoogleAuthServlet.java
Fri Sep 09 13:22:51 2011 +0200
+++
b/modules/org.openbravo.service.integration.google/src/org/openbravo/service/integration/google/GoogleAuthServlet.java
Fri Sep 09 13:40:25 2011 +0200
@@ -19,17 +19,13 @@
package org.openbravo.service.integration.google;
import java.io.IOException;
-import java.io.PrintWriter;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
-import org.codehaus.jettison.json.JSONException;
-import org.codehaus.jettison.json.JSONObject;
import org.hibernate.exception.ConstraintViolationException;
import org.openbravo.base.HttpBaseServlet;
import org.openbravo.base.VariablesBase;
@@ -39,21 +35,15 @@
import org.openbravo.dal.core.OBContext;
import org.openbravo.dal.service.OBCriteria;
import org.openbravo.dal.service.OBDal;
-import org.openbravo.dal.service.OBQuery;
import org.openbravo.erpCommon.obps.ActivationKey;
import org.openbravo.erpCommon.security.SessionLogin;
import org.openbravo.erpCommon.utility.OBError;
-import org.openbravo.erpCommon.utility.OBVersion;
import org.openbravo.erpCommon.utility.Utility;
-import org.openbravo.model.ad.access.Session;
import org.openbravo.model.ad.access.User;
import org.openbravo.model.ad.access.UserRoles;
-import org.openbravo.model.ad.module.Module;
import org.openbravo.model.ad.system.Client;
-import org.openbravo.model.ad.system.SystemInformation;
import org.openbravo.service.integration.openid.OBSOIDUserIdentifier;
import org.openbravo.service.integration.openid.OpenIDManager;
-import org.openbravo.xmlEngine.XmlDocument;
import org.openid4java.discovery.Identifier;
/**
@@ -159,18 +149,14 @@
}
}
- HttpSession session = req.getSession(true);
- session.setAttribute("#Authenticated_user", null);
+ vars.removeSessionValue("#Authenticated_user");
- // TODO: Refactor
LoginHandler/AuthenticationManager/HttpSecureAppServlet to make this part
- // of the code extensible with a module
- // Code copied from LoginHandler
String sessionId = createDBSession(req, user.getUsername(),
user.getId());
- session.setAttribute("#Authenticated_user", user.getId());
- session.setAttribute("#AD_SESSION_ID", sessionId);
- session.setAttribute("#LOGGINGIN", "Y");
+ vars.setSessionValue("#Authenticated_user", user.getId());
+ vars.setSessionValue("#AD_SESSION_ID", sessionId);
+ vars.setSessionValue("#LOGGINGIN", "Y");
- checkLicenseAndGo(req, resp, vars, user.getId(), sessionId, true);
+ resp.sendRedirect(strDireccion + "/security/Menu.html");
} catch (Exception e) {
log.error("Error processing return of Google Auth Service:" +
e.getMessage(), e);
@@ -286,177 +272,4 @@
return null;
}
}
-
- @SuppressWarnings("incomplete-switch")
- private void checkLicenseAndGo(HttpServletRequest req, HttpServletResponse
res,
- VariablesSecureApp vars, String strUserAuth, String sessionId, boolean
doRedirect)
- throws IOException, ServletException {
- OBContext.setAdminMode();
- try {
- ActivationKey ak = ActivationKey.getInstance();
- boolean hasSystem = false;
-
- try {
- hasSystem = hasSystemRole(strUserAuth);
- } catch (Exception ignore) {
- log4j.error(ignore);
- }
- String msgType, action;
- if (hasSystem) {
- msgType = "Warning";
- action = "../security/Menu.html";
- } else {
- msgType = "Error";
- action = "../security/Login_FS.html";
- }
-
- // We check if there is a Openbravo Professional Subscription
restriction in the license,
- // or if the last rebuild didn't go well. If any of these are true, then
the user is
- // allowed to login only as system administrator
- switch (ak.checkOPSLimitations(sessionId)) {
- case NUMBER_OF_CONCURRENT_USERS_REACHED:
- String msg = Utility.messageBD(myPool,
"NUMBER_OF_CONCURRENT_USERS_REACHED",
- vars.getLanguage());
- String title = Utility.messageBD(myPool,
"NUMBER_OF_CONCURRENT_USERS_REACHED_TITLE",
- vars.getLanguage());
- log4j.warn("Concurrent Users Reached - Session: " + sessionId);
- updateDBSession(sessionId, msgType.equals("Warning"), "CUR");
- goToRetry(res, vars, msg, title, msgType, action, doRedirect);
- return;
- case NUMBER_OF_SOFT_USERS_REACHED:
- msg = Utility.messageBD(myPool, "NUMBER_OF_SOFT_USERS_REACHED",
vars.getLanguage());
- title = Utility.messageBD(myPool,
"NUMBER_OF_SOFT_USERS_REACHED_TITLE", vars.getLanguage());
- action = "../security/Menu.html";
- msgType = "Warning";
- log4j.warn("Soft Users Reached - Session: " + sessionId);
- updateDBSession(sessionId, true, "SUR");
- goToRetry(res, vars, msg, title, msgType, action, doRedirect);
- return;
- case OPS_INSTANCE_NOT_ACTIVE:
- msg = Utility.messageBD(myPool, "OPS_INSTANCE_NOT_ACTIVE",
vars.getLanguage());
- title = Utility.messageBD(myPool, "OPS_INSTANCE_NOT_ACTIVE_TITLE",
vars.getLanguage());
- log4j.warn("Innactive OBPS instance - Session: " + sessionId);
- updateDBSession(sessionId, msgType.equals("Warning"), "IOBPS");
- goToRetry(res, vars, msg, title, msgType, action, doRedirect);
- return;
- case MODULE_EXPIRED:
- msg = Utility.messageBD(myPool, "OPS_MODULE_EXPIRED",
vars.getLanguage());
- title = Utility.messageBD(myPool, "OPS_MODULE_EXPIRED_TITLE",
vars.getLanguage());
- StringBuffer expiredMoudules = new StringBuffer();
- log4j.warn("Expired modules - Session: " + sessionId);
- for (Module module : ak.getExpiredInstalledModules()) {
- expiredMoudules.append("<br/>").append(module.getName());
- log4j.warn(" module:" + module.getName());
- }
- msg += expiredMoudules.toString();
- updateDBSession(sessionId, msgType.equals("Warning"), "ME");
- goToRetry(res, vars, msg, title, msgType, action, doRedirect);
- return;
- }
-
- // Build checks
- SystemInformation sysInfo =
OBDal.getInstance().get(SystemInformation.class, "0");
- if (sysInfo.getSystemStatus() == null ||
sysInfo.getSystemStatus().equals("RB70")
- || this.globalParameters.getOBProperty("safe.mode",
"false").equalsIgnoreCase("false")) {
- // Last build went fine and tomcat was restarted. We should continue
with the rest of checks
- } else if (sysInfo.getSystemStatus().equals("RB60")
- || sysInfo.getSystemStatus().equals("RB51")) {
- String msg = Utility.messageBD(myPool, "TOMCAT_NOT_RESTARTED",
vars.getLanguage());
- String title = Utility.messageBD(myPool, "TOMCAT_NOT_RESTARTED_TITLE",
vars.getLanguage());
- log4j.warn("Tomcat not restarted");
- updateDBSession(sessionId, true, "RT");
- goToRetry(res, vars, msg, title, "Warning", "../security/Menu.html",
doRedirect);
- return;
- } else {
- String msg = Utility.messageBD(myPool, "LAST_BUILD_FAILED",
vars.getLanguage());
- String title = Utility.messageBD(myPool, "LAST_BUILD_FAILED_TITLE",
vars.getLanguage());
- updateDBSession(sessionId, msgType.equals("Warning"), "LBF");
- goToRetry(res, vars, msg, title, msgType, action, doRedirect);
- return;
- }
-
- // All checks passed successfully, continue logging in
- res.sendRedirect(strDireccion);
- } finally {
- OBContext.restorePreviousMode();
- }
- }
-
- private void updateDBSession(String sessionId, boolean sessionActive, String
status) {
- try {
- OBContext.setAdminMode();
- Session session = OBDal.getInstance().get(Session.class, sessionId);
- session.setSessionActive(sessionActive);
- session.setLoginStatus(status);
- OBDal.getInstance().flush();
- } catch (Exception e) {
- log4j.error("Error updating session in DB", e);
- } finally {
- OBContext.restorePreviousMode();
- }
-
- }
-
- private void goToRetry(HttpServletResponse response, VariablesSecureApp
vars, String message,
- String title, String msgType, String action, boolean doRedirect) throws
IOException,
- ServletException {
- String msg = (message != null && !message.equals("")) ? message
- : "Please enter your username and password.";
-
- if (OBVersion.getInstance().is30() && !doRedirect) {
- // 3.0 instances show the message in the same login window, return a
json object with the info
- // to print the message
- try {
- JSONObject jsonMsg = new JSONObject();
- jsonMsg.put("showMessage", true);
- jsonMsg.put("target", "Error".equals(msgType) ? null : action);
- jsonMsg.put("messageType", msgType);
- jsonMsg.put("messageTitle", title);
- jsonMsg.put("messageText", msg);
-
- response.setContentType("application/json;charset=UTF-8");
- final PrintWriter out = response.getWriter();
- out.print(jsonMsg.toString());
- out.close();
- } catch (JSONException e) {
- log4j.error("Error setting login msg", e);
- throw new ServletException(e);
- }
- } else {
- // 2.50 instances show the message in a new window, print that window
- String discard[] = { "" };
-
- if (msgType.equals("Error")) {
- discard[0] = "continueButton";
- } else {
- discard[0] = "backButton";
- }
-
- final XmlDocument xmlDocument = xmlEngine.readXmlTemplate(
- "org/openbravo/base/secureApp/HtmlErrorLogin",
discard).createXmlDocument();
-
- // pass relevant mesasge to show inside the error page
- xmlDocument.setParameter("theme", vars.getTheme());
- xmlDocument.setParameter("messageType", msgType);
- xmlDocument.setParameter("action", action);
- xmlDocument.setParameter("messageTitle", title);
- xmlDocument.setParameter("messageMessage", msg.replaceAll("\\\\n",
"<br>"));
-
- response.setContentType("text/html");
- final PrintWriter out = response.getWriter();
- out.println(xmlDocument.print());
- out.close();
- }
- }
-
- private boolean hasSystemRole(String userId) throws Exception {
- OBQuery<UserRoles> urQuery =
OBDal.getInstance().createQuery(UserRoles.class,
- "userContact.id = :userid and role.userLevel = 'S'");
- urQuery.setNamedParameter("userid", userId);
- urQuery.setFilterOnReadableClients(false);
- urQuery.setFilterOnReadableOrganization(false);
-
- return urQuery.count() > 0;
- }
-
}
diff -r 5ed0d514fade -r 3d63eb9bc450 src/index.jsp
--- a/src/index.jsp Fri Sep 09 13:22:51 2011 +0200
+++ b/src/index.jsp Fri Sep 09 13:40:25 2011 +0200
@@ -7,7 +7,7 @@
<%@ page import="org.apache.log4j.Logger" %>
<%@ page contentType="text/html; charset=UTF-8" %>
<%
-/*
+ /*
*************************************************************************
* The contents of this file are subject to the Openbravo Public License
* Version 1.1 (the "License"), being the Mozilla Public License
diff -r 5ed0d514fade -r 3d63eb9bc450
src/org/openbravo/authentication/AuthenticationException.java
--- a/src/org/openbravo/authentication/AuthenticationException.java Fri Sep
09 13:22:51 2011 +0200
+++ b/src/org/openbravo/authentication/AuthenticationException.java Fri Sep
09 13:40:25 2011 +0200
@@ -1,6 +1,6 @@
/*
************************************************************************************
- * Copyright (C) 2001-2010 Openbravo S.L.U.
+ * Copyright (C) 2001-2011 Openbravo S.L.U.
* Licensed under the Apache Software License version 2.0
* You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
distributed
@@ -12,31 +12,34 @@
package org.openbravo.authentication;
+import org.openbravo.base.exception.OBException;
+import org.openbravo.erpCommon.utility.OBError;
+
/**
*
------------------------------------------------------------------------------
Why Cloud-Based Security and Archiving Make Sense
Osterman Research conducted this study that outlines how and why cloud
computing security and archiving is rapidly being adopted across the IT
space for its ease of implementation, lower cost, and increased
reliability. Learn more. http://www.accelacomm.com/jaw/sfnl/114/51425301/
_______________________________________________
Openbravo-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openbravo-commits
