/** * @see org.eclipse.jetty.security.LoginService#login(java.lang.String, java.lang.Object, javax.servlet.ServletRequest) */ @Override public UserIdentity login(String username, Object credentials, ServletRequest request) { if (username == null) return null; UserPrincipal userPrincipal = loadUserInfo(username); if (userPrincipal != null && userPrincipal.authenticate(credentials)) { //safe to load the roles String[] roles = loadRoleInfo(userPrincipal); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(userPrincipal._credential); if (roles!=null) for (String role : roles) subject.getPrincipals().add(new RolePrincipal(role)); subject.setReadOnly(); return _identityService.newUserIdentity(subject,userPrincipal,roles); } return null; }
/** * @see org.eclipse.jetty.security.LoginService#validate(org.eclipse.jetty.server.UserIdentity) */ @Override public boolean validate(UserIdentity user) { if (!isFullValidate()) return true; //if we have a user identity it must be valid //Do a full validation back against the user store UserPrincipal fresh = loadUserInfo(user.getUserPrincipal().getName()); if (fresh == null) return false; //user no longer exists if (user.getUserPrincipal() instanceof UserPrincipal) { return fresh.authenticate(((UserPrincipal)user.getUserPrincipal())._credential); } throw new IllegalStateException("UserPrincipal not KnownUser"); //can't validate }
/** * @see org.eclipse.jetty.security.LoginService#login(java.lang.String, java.lang.Object, javax.servlet.ServletRequest) */ @Override public UserIdentity login(String username, Object credentials, ServletRequest request) { if (username == null) return null; UserPrincipal userPrincipal = loadUserInfo(username); if (userPrincipal != null && userPrincipal.authenticate(credentials)) { //safe to load the roles String[] roles = loadRoleInfo(userPrincipal); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(userPrincipal._credential); if (roles!=null) for (String role : roles) subject.getPrincipals().add(new RolePrincipal(role)); subject.setReadOnly(); return _identityService.newUserIdentity(subject,userPrincipal,roles); } return null; }
@Override public UserIdentity login(String username, Object credentials, ServletRequest request) { try { Credential credential = Credential.getCredential((String) credentials); User user = lookupUser(username, credential); if (user != null) { UserIdentity userIdentity = createUserIdentity(username, credential); AbstractLoginService.UserPrincipal principal = (AbstractLoginService.UserPrincipal) userIdentity.getUserPrincipal(); if (principal.authenticate(credentials)) { bindUserDataToThread(user); ThreadContext.bind(userIdentity.getSubject()); return userIdentity; } } } catch (IResourceStore.ResourceStoreException e) { log.error("Could not process login.", e); } catch (IResourceStore.ResourceNotFoundException e) { //no user entity found for the given username } return null; }
/** * @see org.eclipse.jetty.security.LoginService#validate(org.eclipse.jetty.server.UserIdentity) */ @Override public boolean validate(UserIdentity user) { if (!isFullValidate()) return true; //if we have a user identity it must be valid //Do a full validation back against the user store UserPrincipal fresh = loadUserInfo(user.getUserPrincipal().getName()); if (fresh == null) return false; //user no longer exists if (user.getUserPrincipal() instanceof UserPrincipal) { return fresh.authenticate(((UserPrincipal)user.getUserPrincipal())._credential); } throw new IllegalStateException("UserPrincipal not KnownUser"); //can't validate }