1
2
3
4
5
6
7
8
9
10
11
12
13
14 package waffle.spring;
15
16 import java.util.Locale;
17
18 import org.slf4j.Logger;
19 import org.slf4j.LoggerFactory;
20 import org.springframework.security.authentication.AuthenticationProvider;
21 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
22 import org.springframework.security.core.Authentication;
23 import org.springframework.security.core.GrantedAuthority;
24
25 import waffle.servlet.WindowsPrincipal;
26 import waffle.windows.auth.IWindowsAuthProvider;
27 import waffle.windows.auth.IWindowsIdentity;
28 import waffle.windows.auth.PrincipalFormat;
29
30
31
32
33
34
35 public class WindowsAuthenticationProvider implements AuthenticationProvider {
36
37
38 private static final Logger LOGGER = LoggerFactory
39 .getLogger(WindowsAuthenticationProvider.class);
40
41
42 private PrincipalFormat principalFormat = PrincipalFormat.FQN;
43
44
45 private PrincipalFormat roleFormat = PrincipalFormat.FQN;
46
47
48 private boolean allowGuestLogin = true;
49
50
51 private IWindowsAuthProvider authProvider;
52
53
54 private GrantedAuthorityFactory grantedAuthorityFactory = WindowsAuthenticationToken.DEFAULT_GRANTED_AUTHORITY_FACTORY;
55
56
57 private GrantedAuthority defaultGrantedAuthority = WindowsAuthenticationToken.DEFAULT_GRANTED_AUTHORITY;
58
59
60
61
62 public WindowsAuthenticationProvider() {
63 WindowsAuthenticationProvider.LOGGER.debug("[waffle.spring.WindowsAuthenticationProvider] loaded");
64 }
65
66
67
68
69 @Override
70 public Authentication authenticate(final Authentication authentication) {
71 final UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) authentication;
72 final IWindowsIdentity windowsIdentity = this.authProvider.logonUser(auth.getName(), auth.getCredentials()
73 .toString());
74 WindowsAuthenticationProvider.LOGGER.debug("logged in user: {} ({})", windowsIdentity.getFqn(), windowsIdentity.getSidString());
75
76 if (!this.allowGuestLogin && windowsIdentity.isGuest()) {
77 WindowsAuthenticationProvider.LOGGER.warn("guest login disabled: {}", windowsIdentity.getFqn());
78 throw new GuestLoginDisabledAuthenticationException(windowsIdentity.getFqn());
79 }
80
81 final WindowsPrincipal windowsPrincipal = new WindowsPrincipal(windowsIdentity, this.principalFormat,
82 this.roleFormat);
83 WindowsAuthenticationProvider.LOGGER.debug("roles: {}", windowsPrincipal.getRolesString());
84
85 final WindowsAuthenticationToken token = new WindowsAuthenticationToken(windowsPrincipal,
86 this.grantedAuthorityFactory, this.defaultGrantedAuthority);
87
88 WindowsAuthenticationProvider.LOGGER.info("successfully logged in user: {}", windowsIdentity.getFqn());
89 return token;
90 }
91
92
93
94
95
96
97
98
99 @Override
100 public boolean supports(final Class<? extends Object> authentication) {
101 return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
102 }
103
104
105
106
107
108
109 public PrincipalFormat getPrincipalFormat() {
110 return this.principalFormat;
111 }
112
113
114
115
116
117
118
119 public void setPrincipalFormatEnum(final PrincipalFormat value) {
120 this.principalFormat = value;
121 }
122
123
124
125
126
127
128
129 public void setPrincipalFormat(final String value) {
130 this.setPrincipalFormatEnum(PrincipalFormat.valueOf(value.toUpperCase(Locale.ENGLISH)));
131 }
132
133
134
135
136
137
138 public PrincipalFormat getRoleFormat() {
139 return this.roleFormat;
140 }
141
142
143
144
145
146
147
148 public void setRoleFormatEnum(final PrincipalFormat value) {
149 this.roleFormat = value;
150 }
151
152
153
154
155
156
157
158 public void setRoleFormat(final String value) {
159 this.setRoleFormatEnum(PrincipalFormat.valueOf(value.toUpperCase(Locale.ENGLISH)));
160 }
161
162
163
164
165
166
167 public boolean isAllowGuestLogin() {
168 return this.allowGuestLogin;
169 }
170
171
172
173
174
175
176
177 public void setAllowGuestLogin(final boolean value) {
178 this.allowGuestLogin = value;
179 }
180
181
182
183
184
185
186 public IWindowsAuthProvider getAuthProvider() {
187 return this.authProvider;
188 }
189
190
191
192
193
194
195
196 public void setAuthProvider(final IWindowsAuthProvider value) {
197 this.authProvider = value;
198 }
199
200
201
202
203
204
205 public GrantedAuthorityFactory getGrantedAuthorityFactory() {
206 return this.grantedAuthorityFactory;
207 }
208
209
210
211
212
213
214
215 public void setGrantedAuthorityFactory(final GrantedAuthorityFactory value) {
216 this.grantedAuthorityFactory = value;
217 }
218
219
220
221
222
223
224 public GrantedAuthority getDefaultGrantedAuthority() {
225 return this.defaultGrantedAuthority;
226 }
227
228
229
230
231
232
233
234 public void setDefaultGrantedAuthority(final GrantedAuthority value) {
235 this.defaultGrantedAuthority = value;
236 }
237 }