/* ====================================================================== Parts Copyright 2006 University of Leeds, Oxford University, University of the Highlands and Islands. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ====================================================================== */ package org.bodington.server.realm; import java.util.Properties; import org.apache.log4j.Logger; import org.bodington.database.PrimaryKey; import org.bodington.server.BuildingServerException; /** * The internal Pass Phrase authenticator that uses the internal Bodington * database. * @author Jon Maber */ public class PassPhraseAuthenticator implements Authenticator { private static Logger log = Logger.getLogger(PassPhraseAuthenticator.class); Properties credentials; boolean valid = false; boolean authenticated; PassPhrase pass_phrase; PrimaryKey user_id=null; String error=null; private void authenticate() throws AuthenticationException { if ( valid ) return; authenticated = false; error=null; user_id=null; if ( credentials == null ) throw new AuthenticationException( "Error, attempt to authenticate without credentials." ); try { String u = credentials.getProperty( "user_name" ); String p = credentials.getProperty( "pass_phrase" ); pass_phrase = PassPhrase.findPassPhraseByUserName( u ); if ( pass_phrase != null && pass_phrase.isPassPhrase( p ) ) { user_id = pass_phrase.getUserId(); authenticated = true; } } catch ( BuildingServerException bs ) { log.error( bs.getMessage(), bs ); throw new AuthenticationException( "Technical problem authenticating user." ); } valid = true; } public PrimaryKey getAuthenticatedUserId() throws AuthenticationException { authenticate(); return user_id; } public String getAuthenticationError() throws AuthenticationException { authenticate(); return error; } public void setAuthenticationCredentials(Properties credentials) throws AuthenticationException { this.credentials = credentials; valid = false; } public void changeCredentials( Properties credentials ) throws AuthenticationException { try { if ( !isAuthenticated() ) throw new AuthenticationException( "Technical problem changing password - user isn't authenticated." ); String p = credentials.getProperty( "pass_phrase" ); if ( p == null || p.length() == 0 ) throw new AuthenticationException( "Technical problem changing password - no password was supplied." ); if ( p.length() < 6 ) throw new AuthenticationException( "The password was not long enough - please supply at least 6 characters." ); if ( pass_phrase == null ) throw new AuthenticationException( "Technical problem changing password - can't find database record." ); pass_phrase.changePassPhrase( p ); pass_phrase.save(); } catch ( BuildingServerException bs ) { log.error( bs.getMessage(), bs ); throw new AuthenticationException( "Technical problem saving password." ); } } public boolean isAuthenticated() throws AuthenticationException { authenticate(); return authenticated; } public boolean isAnonymous() throws AuthenticationException { return false; } }