1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24 package waffle.spring;
25
26 import com.sun.jna.platform.win32.Win32Exception;
27
28 import java.util.Locale;
29
30 import org.slf4j.Logger;
31 import org.slf4j.LoggerFactory;
32 import org.springframework.security.authentication.AuthenticationProvider;
33 import org.springframework.security.authentication.AuthenticationServiceException;
34 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
35 import org.springframework.security.core.Authentication;
36 import org.springframework.security.core.GrantedAuthority;
37
38 import waffle.servlet.WindowsPrincipal;
39 import waffle.windows.auth.IWindowsAuthProvider;
40 import waffle.windows.auth.IWindowsIdentity;
41 import waffle.windows.auth.PrincipalFormat;
42
43
44
45
46 public class WindowsAuthenticationProvider implements AuthenticationProvider {
47
48
49 private static final Logger LOGGER = LoggerFactory.getLogger(WindowsAuthenticationProvider.class);
50
51
52 private PrincipalFormat principalFormat = PrincipalFormat.FQN;
53
54
55 private PrincipalFormat roleFormat = PrincipalFormat.FQN;
56
57
58 private boolean allowGuestLogin = true;
59
60
61 private IWindowsAuthProvider authProvider;
62
63
64 private GrantedAuthorityFactory grantedAuthorityFactory = WindowsAuthenticationToken.DEFAULT_GRANTED_AUTHORITY_FACTORY;
65
66
67 private GrantedAuthority defaultGrantedAuthority = WindowsAuthenticationToken.DEFAULT_GRANTED_AUTHORITY;
68
69
70
71
72 public WindowsAuthenticationProvider() {
73 WindowsAuthenticationProvider.LOGGER.debug("[waffle.spring.WindowsAuthenticationProvider] loaded");
74 }
75
76 @Override
77 public Authentication authenticate(final Authentication authentication) {
78 final UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) authentication;
79 IWindowsIdentity windowsIdentity;
80 try {
81 windowsIdentity = this.authProvider.logonUser(auth.getName(), auth.getCredentials().toString());
82 } catch (final Win32Exception e) {
83 throw new AuthenticationServiceException(e.getMessage(), e);
84 }
85 WindowsAuthenticationProvider.LOGGER.debug("logged in user: {} ({})", windowsIdentity.getFqn(),
86 windowsIdentity.getSidString());
87
88 if (!this.allowGuestLogin && windowsIdentity.isGuest()) {
89 WindowsAuthenticationProvider.LOGGER.warn("guest login disabled: {}", windowsIdentity.getFqn());
90 throw new GuestLoginDisabledAuthenticationException(windowsIdentity.getFqn());
91 }
92
93 final WindowsPrincipal windowsPrincipal = new WindowsPrincipal(windowsIdentity, this.principalFormat,
94 this.roleFormat);
95 WindowsAuthenticationProvider.LOGGER.debug("roles: {}", windowsPrincipal.getRolesString());
96
97 final WindowsAuthenticationToken token = new WindowsAuthenticationToken(windowsPrincipal,
98 this.grantedAuthorityFactory, this.defaultGrantedAuthority);
99
100 WindowsAuthenticationProvider.LOGGER.info("successfully logged in user: {}", windowsIdentity.getFqn());
101 return token;
102 }
103
104
105
106
107
108
109
110
111
112 @Override
113 public boolean supports(final Class<? extends Object> authentication) {
114 return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
115 }
116
117
118
119
120
121
122 public PrincipalFormat getPrincipalFormat() {
123 return this.principalFormat;
124 }
125
126
127
128
129
130
131
132 public void setPrincipalFormatEnum(final PrincipalFormat value) {
133 this.principalFormat = value;
134 }
135
136
137
138
139
140
141
142 public void setPrincipalFormat(final String value) {
143 this.setPrincipalFormatEnum(PrincipalFormat.valueOf(value.toUpperCase(Locale.ENGLISH)));
144 }
145
146
147
148
149
150
151 public PrincipalFormat getRoleFormat() {
152 return this.roleFormat;
153 }
154
155
156
157
158
159
160
161 public void setRoleFormatEnum(final PrincipalFormat value) {
162 this.roleFormat = value;
163 }
164
165
166
167
168
169
170
171 public void setRoleFormat(final String value) {
172 this.setRoleFormatEnum(PrincipalFormat.valueOf(value.toUpperCase(Locale.ENGLISH)));
173 }
174
175
176
177
178
179
180 public boolean isAllowGuestLogin() {
181 return this.allowGuestLogin;
182 }
183
184
185
186
187
188
189
190 public void setAllowGuestLogin(final boolean value) {
191 this.allowGuestLogin = value;
192 }
193
194
195
196
197
198
199 public IWindowsAuthProvider getAuthProvider() {
200 return this.authProvider;
201 }
202
203
204
205
206
207
208
209 public void setAuthProvider(final IWindowsAuthProvider value) {
210 this.authProvider = value;
211 }
212
213
214
215
216
217
218 public GrantedAuthorityFactory getGrantedAuthorityFactory() {
219 return this.grantedAuthorityFactory;
220 }
221
222
223
224
225
226
227
228 public void setGrantedAuthorityFactory(final GrantedAuthorityFactory value) {
229 this.grantedAuthorityFactory = value;
230 }
231
232
233
234
235
236
237 public GrantedAuthority getDefaultGrantedAuthority() {
238 return this.defaultGrantedAuthority;
239 }
240
241
242
243
244
245
246
247 public void setDefaultGrantedAuthority(final GrantedAuthority value) {
248 this.defaultGrantedAuthority = value;
249 }
250 }