Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java +16 −0 Original line number Diff line number Diff line Loading @@ -120,6 +120,22 @@ public interface UserPersistence<T extends Principal> throws UserNotFoundException, TransientException, AccessControlException; /** * Attempt to login the specified user. * * @param userID The userID. * @param password The password. * * @return Boolean * * @throws UserNotFoundException when the user is not found. * @throws TransientException If an temporary, unexpected problem occurred. * @throws AccessControlException If the operation is not permitted. */ Boolean loginUser(String userID, String password) throws UserNotFoundException, TransientException, AccessControlException; /** * Updated the user specified by User. * Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +13 −4 Original line number Diff line number Diff line Loading @@ -177,11 +177,11 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO * * @param username username to verify. * @param password password to verify. * @return User * @return Boolean * @throws TransientException * @throws UserNotFoundException */ public User<T> loginUser(final String username, final String password) public Boolean loginUser(final String username, final String password) throws TransientException, UserNotFoundException { try Loading @@ -191,7 +191,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO if (bindResult != null && bindResult.getResultCode() == ResultCode.SUCCESS) { return getUser((T) new HttpPrincipal(username)); return Boolean.TRUE; } else { Loading @@ -200,7 +200,16 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO } catch (LDAPException e) { logger.debug("addUser Exception: " + e, e); logger.debug("loginUser Exception: " + e, e); if (e.getResultCode() == ResultCode.INVALID_CREDENTIALS) { throw new AccessControlException("Invalid password"); } else if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT) { throw new AccessControlException("Invalid username"); } throw new RuntimeException("Unexpected LDAP exception", e); } Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java +30 −1 Original line number Diff line number Diff line Loading @@ -176,6 +176,35 @@ public class LdapUserPersistence<T extends Principal> } } /** * Get the user specified by userID. * * @param userID The userID. * * @return Boolean. * * @throws UserNotFoundException when the user is not found. * @throws TransientException If an temporary, unexpected problem occurred. * @throws AccessControlException If the operation is not permitted. */ public Boolean loginUser(String userID, String password) throws UserNotFoundException, TransientException, AccessControlException { LdapUserDAO<T> userDAO = null; try { userDAO = new LdapUserDAO<T>(this.config); return userDAO.loginUser(userID, password); } finally { if (userDAO != null) { userDAO.close(); } } } /** * Updated the user specified by User. * Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/LoginServlet.java 0 → 100755 +159 −0 Original line number Diff line number Diff line /* ************************************************************************ ******************* CANADIAN ASTRONOMY DATA CENTRE ******************* ************** CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES ************** * * (c) 2014. (c) 2014. * Government of Canada Gouvernement du Canada * National Research Council Conseil national de recherches * Ottawa, Canada, K1A 0R6 Ottawa, Canada, K1A 0R6 * All rights reserved Tous droits réservés * * NRC disclaims any warranties, Le CNRC dénie toute garantie * expressed, implied, or énoncée, implicite ou légale, * statutory, of any kind with de quelque nature que ce * respect to the software, soit, concernant le logiciel, * including without limitation y compris sans restriction * any warranty of merchantability toute garantie de valeur * or fitness for a particular marchande ou de pertinence * purpose. NRC shall not be pour un usage particulier. * liable in any event for any Le CNRC ne pourra en aucun cas * damages, whether direct or être tenu responsable de tout * indirect, special or general, dommage, direct ou indirect, * consequential or incidental, particulier ou général, * arising from the use of the accessoire ou fortuit, résultant * software. Neither the name de l'utilisation du logiciel. Ni * of the National Research le nom du Conseil National de * Council of Canada nor the Recherches du Canada ni les noms * names of its contributors may de ses participants ne peuvent * be used to endorse or promote être utilisés pour approuver ou * products derived from this promouvoir les produits dérivés * software without specific prior de ce logiciel sans autorisation * written permission. préalable et particulière * par écrit. * * This file is part of the Ce fichier fait partie du projet * OpenCADC project. OpenCADC. * * OpenCADC is free software: OpenCADC est un logiciel libre ; * you can redistribute it and/or vous pouvez le redistribuer ou le * modify it under the terms of modifier suivant les termes de * the GNU Affero General Public la “GNU Affero General Public * License as published by the License” telle que publiée * Free Software Foundation, par la Free Software Foundation * either version 3 of the : soit la version 3 de cette * License, or (at your option) licence, soit (à votre gré) * any later version. toute version ultérieure. * * OpenCADC is distributed in the OpenCADC est distribué * hope that it will be useful, dans l’espoir qu’il vous * but WITHOUT ANY WARRANTY; sera utile, mais SANS AUCUNE * without even the implied GARANTIE : sans même la garantie * warranty of MERCHANTABILITY implicite de COMMERCIALISABILITÉ * or FITNESS FOR A PARTICULAR ni d’ADÉQUATION À UN OBJECTIF * PURPOSE. See the GNU Affero PARTICULIER. Consultez la Licence * General Public License for Générale Publique GNU Affero * more details. pour plus de détails. * * You should have received Vous devriez avoir reçu une * a copy of the GNU Affero copie de la Licence Générale * General Public License along Publique GNU Affero avec * with OpenCADC. If not, see OpenCADC ; si ce n’est * <http://www.gnu.org/licenses/>. pas le cas, consultez : * <http://www.gnu.org/licenses/>. * * $Revision: 4 $ * ************************************************************************ */ package ca.nrc.cadc.ac.server.web.users; import java.io.IOException; import java.security.AccessControlException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.server.ldap.LdapUserPersistence; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.SSOCookieManager; import ca.nrc.cadc.log.ServletLogInfo; import ca.nrc.cadc.util.StringUtil; @SuppressWarnings("serial") public class LoginServlet extends HttpServlet { private static final Logger log = Logger.getLogger(LoginServlet.class); private static final String CONTENT_TYPE = "text/plain"; /** * Attempt to login for userid/password. */ @SuppressWarnings("rawtypes") public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { long start = System.currentTimeMillis(); ServletLogInfo logInfo = new ServletLogInfo(request); try { log.info(logInfo.start()); String userID = request.getParameter("userid"); String password = request.getParameter("password"); if (StringUtil.hasText(userID)) { if (StringUtil.hasText(password)) { if (new LdapUserPersistence().loginUser(userID, password)) { String token = new SSOCookieManager().generate(new HttpPrincipal(userID)); response.setContentType(CONTENT_TYPE); response.setContentLength(token.length()); response.getWriter().write(token); } } else { throw new IllegalArgumentException("Missing password"); } } else { throw new IllegalArgumentException("Missing userid"); } } catch (IllegalArgumentException e) { log.debug(e.getMessage(), e); logInfo.setMessage(e.getMessage()); response.setContentType(CONTENT_TYPE); response.getWriter().write(e.getMessage()); response.setStatus(400); } catch (AccessControlException e) { log.debug(e.getMessage(), e); logInfo.setMessage(e.getMessage()); response.setContentType(CONTENT_TYPE); response.getWriter().write(e.getMessage()); response.setStatus(401); } catch (Throwable t) { String message = "Internal Server Error: " + t.getMessage(); log.error(message, t); logInfo.setSuccess(false); logInfo.setMessage(message); response.setContentType(CONTENT_TYPE); response.getWriter().write(message); response.setStatus(500); } finally { logInfo.setElapsedTime(System.currentTimeMillis() - start); log.info(logInfo.end()); } } } Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java +16 −0 Original line number Diff line number Diff line Loading @@ -120,6 +120,22 @@ public interface UserPersistence<T extends Principal> throws UserNotFoundException, TransientException, AccessControlException; /** * Attempt to login the specified user. * * @param userID The userID. * @param password The password. * * @return Boolean * * @throws UserNotFoundException when the user is not found. * @throws TransientException If an temporary, unexpected problem occurred. * @throws AccessControlException If the operation is not permitted. */ Boolean loginUser(String userID, String password) throws UserNotFoundException, TransientException, AccessControlException; /** * Updated the user specified by User. * Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +13 −4 Original line number Diff line number Diff line Loading @@ -177,11 +177,11 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO * * @param username username to verify. * @param password password to verify. * @return User * @return Boolean * @throws TransientException * @throws UserNotFoundException */ public User<T> loginUser(final String username, final String password) public Boolean loginUser(final String username, final String password) throws TransientException, UserNotFoundException { try Loading @@ -191,7 +191,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO if (bindResult != null && bindResult.getResultCode() == ResultCode.SUCCESS) { return getUser((T) new HttpPrincipal(username)); return Boolean.TRUE; } else { Loading @@ -200,7 +200,16 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO } catch (LDAPException e) { logger.debug("addUser Exception: " + e, e); logger.debug("loginUser Exception: " + e, e); if (e.getResultCode() == ResultCode.INVALID_CREDENTIALS) { throw new AccessControlException("Invalid password"); } else if (e.getResultCode() == ResultCode.NO_SUCH_OBJECT) { throw new AccessControlException("Invalid username"); } throw new RuntimeException("Unexpected LDAP exception", e); } Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java +30 −1 Original line number Diff line number Diff line Loading @@ -176,6 +176,35 @@ public class LdapUserPersistence<T extends Principal> } } /** * Get the user specified by userID. * * @param userID The userID. * * @return Boolean. * * @throws UserNotFoundException when the user is not found. * @throws TransientException If an temporary, unexpected problem occurred. * @throws AccessControlException If the operation is not permitted. */ public Boolean loginUser(String userID, String password) throws UserNotFoundException, TransientException, AccessControlException { LdapUserDAO<T> userDAO = null; try { userDAO = new LdapUserDAO<T>(this.config); return userDAO.loginUser(userID, password); } finally { if (userDAO != null) { userDAO.close(); } } } /** * Updated the user specified by User. * Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/LoginServlet.java 0 → 100755 +159 −0 Original line number Diff line number Diff line /* ************************************************************************ ******************* CANADIAN ASTRONOMY DATA CENTRE ******************* ************** CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES ************** * * (c) 2014. (c) 2014. * Government of Canada Gouvernement du Canada * National Research Council Conseil national de recherches * Ottawa, Canada, K1A 0R6 Ottawa, Canada, K1A 0R6 * All rights reserved Tous droits réservés * * NRC disclaims any warranties, Le CNRC dénie toute garantie * expressed, implied, or énoncée, implicite ou légale, * statutory, of any kind with de quelque nature que ce * respect to the software, soit, concernant le logiciel, * including without limitation y compris sans restriction * any warranty of merchantability toute garantie de valeur * or fitness for a particular marchande ou de pertinence * purpose. NRC shall not be pour un usage particulier. * liable in any event for any Le CNRC ne pourra en aucun cas * damages, whether direct or être tenu responsable de tout * indirect, special or general, dommage, direct ou indirect, * consequential or incidental, particulier ou général, * arising from the use of the accessoire ou fortuit, résultant * software. Neither the name de l'utilisation du logiciel. Ni * of the National Research le nom du Conseil National de * Council of Canada nor the Recherches du Canada ni les noms * names of its contributors may de ses participants ne peuvent * be used to endorse or promote être utilisés pour approuver ou * products derived from this promouvoir les produits dérivés * software without specific prior de ce logiciel sans autorisation * written permission. préalable et particulière * par écrit. * * This file is part of the Ce fichier fait partie du projet * OpenCADC project. OpenCADC. * * OpenCADC is free software: OpenCADC est un logiciel libre ; * you can redistribute it and/or vous pouvez le redistribuer ou le * modify it under the terms of modifier suivant les termes de * the GNU Affero General Public la “GNU Affero General Public * License as published by the License” telle que publiée * Free Software Foundation, par la Free Software Foundation * either version 3 of the : soit la version 3 de cette * License, or (at your option) licence, soit (à votre gré) * any later version. toute version ultérieure. * * OpenCADC is distributed in the OpenCADC est distribué * hope that it will be useful, dans l’espoir qu’il vous * but WITHOUT ANY WARRANTY; sera utile, mais SANS AUCUNE * without even the implied GARANTIE : sans même la garantie * warranty of MERCHANTABILITY implicite de COMMERCIALISABILITÉ * or FITNESS FOR A PARTICULAR ni d’ADÉQUATION À UN OBJECTIF * PURPOSE. See the GNU Affero PARTICULIER. Consultez la Licence * General Public License for Générale Publique GNU Affero * more details. pour plus de détails. * * You should have received Vous devriez avoir reçu une * a copy of the GNU Affero copie de la Licence Générale * General Public License along Publique GNU Affero avec * with OpenCADC. If not, see OpenCADC ; si ce n’est * <http://www.gnu.org/licenses/>. pas le cas, consultez : * <http://www.gnu.org/licenses/>. * * $Revision: 4 $ * ************************************************************************ */ package ca.nrc.cadc.ac.server.web.users; import java.io.IOException; import java.security.AccessControlException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.server.ldap.LdapUserPersistence; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.SSOCookieManager; import ca.nrc.cadc.log.ServletLogInfo; import ca.nrc.cadc.util.StringUtil; @SuppressWarnings("serial") public class LoginServlet extends HttpServlet { private static final Logger log = Logger.getLogger(LoginServlet.class); private static final String CONTENT_TYPE = "text/plain"; /** * Attempt to login for userid/password. */ @SuppressWarnings("rawtypes") public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { long start = System.currentTimeMillis(); ServletLogInfo logInfo = new ServletLogInfo(request); try { log.info(logInfo.start()); String userID = request.getParameter("userid"); String password = request.getParameter("password"); if (StringUtil.hasText(userID)) { if (StringUtil.hasText(password)) { if (new LdapUserPersistence().loginUser(userID, password)) { String token = new SSOCookieManager().generate(new HttpPrincipal(userID)); response.setContentType(CONTENT_TYPE); response.setContentLength(token.length()); response.getWriter().write(token); } } else { throw new IllegalArgumentException("Missing password"); } } else { throw new IllegalArgumentException("Missing userid"); } } catch (IllegalArgumentException e) { log.debug(e.getMessage(), e); logInfo.setMessage(e.getMessage()); response.setContentType(CONTENT_TYPE); response.getWriter().write(e.getMessage()); response.setStatus(400); } catch (AccessControlException e) { log.debug(e.getMessage(), e); logInfo.setMessage(e.getMessage()); response.setContentType(CONTENT_TYPE); response.getWriter().write(e.getMessage()); response.setStatus(401); } catch (Throwable t) { String message = "Internal Server Error: " + t.getMessage(); log.error(message, t); logInfo.setSuccess(false); logInfo.setMessage(message); response.setContentType(CONTENT_TYPE); response.getWriter().write(message); response.setStatus(500); } finally { logInfo.setElapsedTime(System.currentTimeMillis() - start); log.info(logInfo.end()); } } }
