JaasBean.java
2.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
package fi.insomnia.bortal.beans;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Vector;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import fi.insomnia.bortal.enums.BeanRole;
import fi.insomnia.bortal.enums.BortalApplication;
import fi.insomnia.bortal.enums.apps.IAppPermission;
import fi.insomnia.bortal.facade.UserFacade;
import fi.insomnia.bortal.model.ApplicationPermission;
import fi.insomnia.bortal.model.Role;
import fi.insomnia.bortal.model.User;
/**
* Session Bean implementation class SessionHandlerBean
*/
@Stateless
public class JaasBean implements JaasBeanLocal, JaasBeanRemote {
private static final Logger logger = LoggerFactory.getLogger(JaasBean.class);
@EJB
private UserFacade userfacade;
@EJB
private LoggingBeanLocal secubean;
@EJB
private UserBean userbean;
@EJB
private PermissionBeanLocal permbean;
public User tryLogin(String username, String password) {
User user = userfacade.findByLogin(username.trim());
logger.debug("Trying to login as {}", username);
User ret = null;
if (user != null) {
if (user.checkPassword(password)) {
ret = user;
} else {
secubean.logMessage(SecurityLogType.permissionDenied, user, "Login failed: wrong password for username ", username);
}
} else {
secubean.logMessage(SecurityLogType.permissionDenied, null, "Login failed: Username not found: ", username);
}
return ret;
}
@Override
public boolean authenticate(String username, String password) {
boolean ret = (tryLogin(username, password) != null);
return ret;
}
@Override
public Enumeration<String> getGroupNames(String user) {
User usr = userbean.getUser(user);
HashSet<String> roleset = new HashSet<String>();
if (usr != null) {
if (permbean.isLoggedIn()) {
roleset.add("USER");
}
// TODO: EI NÄIN!!!!! Superadmin ei saa kaikkia oikkia!!
if (usr.isSuperadmin()) {
for (BortalApplication app : BortalApplication.values()) {
for (IAppPermission perm : app.getPermissions()) {
roleset.add(perm.getFullName());
}
}
roleset.add(BeanRole.SUPERADMIN.name());
} else {
List<Role> usrroles = userbean.localFindUsersRoles(usr);
for (Role role : usrroles) {
for (ApplicationPermission apperm : role.getPermissions()) {
roleset.add(apperm.getPermission().getFullName());
}
}
}
}
Vector<String> retvect = new Vector<String>();
retvect.addAll(roleset);
logger.debug("group names for user {}: {}", user, retvect);
return retvect.elements();
}
}