JaasBean.java
4.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
package fi.insomnia.bortal.beans;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Vector;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import fi.insomnia.bortal.enums.BortalApplication;
import fi.insomnia.bortal.enums.apps.IAppPermission;
import fi.insomnia.bortal.enums.apps.SpecialPermission;
import fi.insomnia.bortal.enums.apps.UserPermission;
import fi.insomnia.bortal.facade.EventUserFacade;
import fi.insomnia.bortal.facade.UserFacade;
import fi.insomnia.bortal.model.ApplicationPermission;
import fi.insomnia.bortal.model.EventUser;
import fi.insomnia.bortal.model.LanEvent;
import fi.insomnia.bortal.model.Role;
import fi.insomnia.bortal.model.User;
/**
* Session Bean implementation class SessionHandlerBean
*/
@Stateless
public class JaasBean implements JaasBeanLocal, JaasBeanRemote {
private static final Logger logger = LoggerFactory.getLogger(JaasBean.class);
@EJB
private UserFacade userfacade;
@EJB
private EventUserFacade eventUserFacade;
@EJB
private LoggingBeanLocal secubean;
@EJB
private UserBean userbean;
@EJB
private PermissionBeanLocal permbean;
@EJB
private EventBeanLocal eventbean;
public EventUser tryLogin(String username, String password) {
EventUser eventUser = eventUserFacade.findByLogin(username.trim());
User user = null;
// Might not have EventUser
if (eventUser == null) {
user = userfacade.findByLogin(username.trim());
} else {
user = eventUser.getUser();
}
if (user != null) {
if (user.isAnonymous()) {
logger.info("logging in as anonymous!!!");
} else if (!user.checkPassword(password)) {
secubean.logMessage(SecurityLogType.permissionDenied, eventUser, "Login failed: wrong password for username ", username);
eventUser = null;
user = null;
}
if (user != null && eventUser == null)
{
LanEvent event = eventbean.getCurrentEvent();
eventUser = new EventUser(user, event, null);
// eventUser.setCreator(eventUser);
eventUserFacade.create(eventUser);
eventUserFacade.flush();
eventUser.setCreator(eventUser);
}
} else {
secubean.logMessage(SecurityLogType.permissionDenied, eventbean.getCurrentEvent(), null, "Login failed: Username not found: ", username);
}
return eventUser;
}
// public static void foo()
// {
// if (user != null) {
// LanEvent event = eventbean.getCurrentEvent();
// eventUser = new EventUser(user, event, null);
// // eventUser.setCreator(eventUser);
// eventUserFacade.create(eventUser);
// eventUserFacade.flush();
// eventUser.setCreator(eventUser);
// }
// }
@Override
public boolean authenticate(String username, String password) {
boolean ret = (tryLogin(username, password) != null);
return ret;
}
@Override
public Enumeration<String> getGroupNames(String user) {
logger.info("Fetching groupNames for user {} event {}", user, eventbean.getCurrentEvent().getName());
EventUser usr = eventUserFacade.findByLogin(user);
HashSet<String> roleset = new HashSet<String>();
roleset.add(UserPermission.ANYUSER.getFullName());
if (usr == null) {
if (SpecialPermission.VERKKOMAKSU_CHECKER.name().equals(user)) {
roleset.add(SpecialPermission.VERKKOMAKSU_CHECKER.name());
}
usr = permbean.getAnonEventUser();
roleset.add(SpecialPermission.ANONYMOUS.name());
}
if (!usr.getUser().isAnonymous()) {
roleset.add(SpecialPermission.USER.name());
}
// TODO: EI NÄIN!!!!! Superadmin ei saa kaikkia oikkia!!
if (usr.getUser().isSuperadmin()) {
for (BortalApplication app : BortalApplication.values()) {
for (IAppPermission perm : app.getPermissions()) {
roleset.add(perm.getFullName());
}
}
roleset.add(SpecialPermission.SUPERADMIN.name());
} else {
List<Role> usrroles = userbean.localFindUsersRoles(usr);
for (Role role : usrroles) {
for (ApplicationPermission apperm : role.getPermissions()) {
roleset.add(apperm.getPermission().getFullName());
}
}
LanEvent event = eventbean.getCurrentEvent();
if (event != null && !usr.getUser().isAnonymous() && event.getDefaultRole() != null) {
for (ApplicationPermission apperm : event.getDefaultRole().getPermissions()) {
roleset.add(apperm.getPermission().getFullName());
}
}
}
Vector<String> retvect = new Vector<String>();
retvect.addAll(roleset);
logger.info("group names for user {}: {}", user, retvect);
return retvect.elements();
}
}