1 /* 2 * Copyright (c) 2002-2017, Mairie de Paris 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright notice 10 * and the following disclaimer. 11 * 12 * 2. Redistributions in binary form must reproduce the above copyright notice 13 * and the following disclaimer in the documentation and/or other materials 14 * provided with the distribution. 15 * 16 * 3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its 17 * contributors may be used to endorse or promote products derived from 18 * this software without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE 24 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 * 32 * License 1.0 33 */ 34 package fr.paris.lutece.plugins.mylutece.modules.webserver.authentication; 35 36 import fr.paris.lutece.plugins.mylutece.authentication.ExternalAuthentication; 37 import fr.paris.lutece.plugins.mylutece.modules.webserver.service.WebServerPlugin; 38 import fr.paris.lutece.portal.service.security.LuteceUser; 39 40 import java.security.Principal; 41 42 import javax.security.auth.login.LoginException; 43 44 import javax.servlet.http.HttpServletRequest; 45 46 47 /** 48 * The Class provides an implementation of the PortalService interface based on 49 * a WebServer authentication (Ex : Tomcat Realm). 50 * 51 * @author Mairie de Paris 52 * @version 1.1 53 * 54 * @since Lutece v1.1 55 */ 56 public class WebServerAuthentication extends ExternalAuthentication 57 { 58 private static final String AUTH_SERVICE_NAME = "Lutece Web Server based Authentication Service"; 59 60 /** 61 * Constructor 62 */ 63 public WebServerAuthentication( ) 64 { 65 } 66 67 /** 68 * Gets the Authentification service name 69 * @return The name of the authentication service 70 */ 71 public String getAuthServiceName( ) 72 { 73 return AUTH_SERVICE_NAME; 74 } 75 76 /** 77 * Gets the Authentification type 78 * @param request The HTTP request 79 * @return The type of authentication 80 */ 81 public String getAuthType( HttpServletRequest request ) 82 { 83 return HttpServletRequest.BASIC_AUTH; 84 } 85 86 /** 87 * This methods checks the login info in the base repository 88 * 89 * @param strUserName The username 90 * @param strUserPassword The password 91 * @param request The HTTP request 92 * @return A LuteceUser object corresponding to the login 93 * @throws LoginException The LoginException 94 */ 95 public LuteceUser login( String strUserName, String strUserPassword, HttpServletRequest request ) 96 throws LoginException 97 { 98 // There is no login required : the user is supposed to be already authenticated 99 return getHttpAuthenticatedUser( request ); 100 } 101 102 /** 103 * This methods logout the user 104 * @param user The user 105 */ 106 public void logout( LuteceUser user ) 107 { 108 } 109 110 /** 111 * This method returns an anonymous Lutece user 112 * 113 * @return An anonymous Lutece user 114 */ 115 public LuteceUser getAnonymousUser( ) 116 { 117 /**@todo Impl?menter cette m?thode fr.paris.lutece.portal.service.security.PortalAuthentication*/ 118 throw new java.lang.UnsupportedOperationException( 119 "La methode getAnonymousUser() n'est pas encore implementee." ); 120 } 121 122 /** 123 * Checks that the current user is associated to a given role 124 * @param user The user 125 * @param request The HTTP request 126 * @param strRole The role name 127 * @return Returns true if the user is associated to the role, otherwise false 128 */ 129 public boolean isUserInRole( LuteceUser user, HttpServletRequest request, String strRole ) 130 { 131 return request.isUserInRole( strRole ); 132 } 133 134 /** 135 * Indicate that the authentication uses only HttpRequest data to authenticate 136 * users (ex : Web Server authentication). 137 * @return true if the authentication service authenticates users only with the Http Request, otherwise false. 138 */ 139 public boolean isBasedOnHttpAuthentication( ) 140 { 141 return true; 142 } 143 144 /** 145 * Returns a Lutece user object if the user is already authenticated by the WebServer 146 * @param request The HTTP request 147 * @return Returns A Lutece User or null if there no user authenticated 148 */ 149 public LuteceUser getHttpAuthenticatedUser( HttpServletRequest request ) 150 { 151 Principal principal = request.getUserPrincipal( ); 152 153 if ( principal == null ) 154 { 155 return null; 156 } 157 158 WebServerUser user = new WebServerUser( principal.getName( ), this ); 159 160 return user; 161 } 162 163 /** 164 * 165 *{@inheritDoc} 166 */ 167 public String getIconUrl( ) 168 { 169 return null; 170 } 171 172 /** 173 * 174 *{@inheritDoc} 175 */ 176 public String getName( ) 177 { 178 return WebServerPlugin.PLUGIN_NAME; 179 } 180 181 /** 182 * 183 *{@inheritDoc} 184 */ 185 public String getPluginName( ) 186 { 187 return WebServerPlugin.PLUGIN_NAME; 188 } 189 }