webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationProvider.java - incubator-atlas - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.atlas.web.security;

 import javax.annotation.PostConstruct;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.stereotype.Component;
 import org.apache.atlas.ApplicationProperties;
 import org.apache.commons.configuration.Configuration;

 @Component
 public class AtlasAuthenticationProvider extends
         AtlasAbstractAuthenticationProvider {
     private static final Logger LOG = LoggerFactory
             .getLogger(AtlasAuthenticationProvider.class);

     private boolean fileAuthenticationMethodEnabled = true;
     private String ldapType = "NONE";
     public static final String FILE_AUTH_METHOD = "atlas.authentication.method.file";
     public static final String LDAP_AUTH_METHOD = "atlas.authentication.method.ldap";
     public static final String LDAP_TYPE = "atlas.authentication.method.ldap.type";


     private boolean ssoEnabled = false;

     @Autowired
     AtlasLdapAuthenticationProvider ldapAuthenticationProvider;

     @Autowired
     AtlasFileAuthenticationProvider fileAuthenticationProvider;

     @Autowired
     AtlasADAuthenticationProvider adAuthenticationProvider;

     @PostConstruct
     void setAuthenticationMethod() {
         try {
             Configuration configuration = ApplicationProperties.get();

             this.fileAuthenticationMethodEnabled = configuration.getBoolean(
                     FILE_AUTH_METHOD, true);

             boolean ldapAuthenticationEnabled = configuration.getBoolean(LDAP_AUTH_METHOD, false);

             if (ldapAuthenticationEnabled) {
                 this.ldapType = configuration.getString(LDAP_TYPE, "NONE");
             } else {
                 this.ldapType = "NONE";
             }
         } catch (Exception e) {
             LOG.error("Error while getting atlas.login.method application properties", e);
         }
     }

     @Override
     public Authentication authenticate(Authentication authentication)
             throws AuthenticationException {

         if(ssoEnabled){
             if (authentication != null){
                 authentication = getSSOAuthentication(authentication);
                 if(authentication!=null && authentication.isAuthenticated()){
                     return authentication;
                 }
             }
         } else {

             if (ldapType.equalsIgnoreCase("LDAP")) {
                 try {
                     authentication = ldapAuthenticationProvider.authenticate(authentication);
                 } catch (Exception ex) {
                     LOG.error("Error while LDAP authentication", ex);
                 }
             } else if (ldapType.equalsIgnoreCase("AD")) {
                 try {
                     authentication = adAuthenticationProvider.authenticate(authentication);
                 } catch (Exception ex) {
                     LOG.error("Error while AD authentication", ex);
                 }
             }
         }

         if (authentication != null) {
             if (authentication.isAuthenticated()) {
                 return authentication;
             } else if (fileAuthenticationMethodEnabled) {  // If the LDAP/AD authentication fails try the local filebased login method
                 authentication = fileAuthenticationProvider.authenticate(authentication);

                 if (authentication != null && authentication.isAuthenticated()) {
                     return authentication;
                 }
             }
         }

         LOG.error("Authentication failed.");
         throw new AtlasAuthenticationException("Authentication failed.");
     }

     public boolean isSsoEnabled() {
         return ssoEnabled;
     }

     public void setSsoEnabled(boolean ssoEnabled) {
         this.ssoEnabled = ssoEnabled;
     }

     private Authentication getSSOAuthentication(Authentication authentication) throws AuthenticationException{
         return authentication;
     }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.atlas.web.security;

	import javax.annotation.PostConstruct;

	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;
	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.security.core.Authentication;
	import org.springframework.security.core.AuthenticationException;
	import org.springframework.stereotype.Component;
	import org.apache.atlas.ApplicationProperties;
	import org.apache.commons.configuration.Configuration;

	@Component
	public class AtlasAuthenticationProvider extends
	AtlasAbstractAuthenticationProvider {
	private static final Logger LOG = LoggerFactory
	.getLogger(AtlasAuthenticationProvider.class);

	private boolean fileAuthenticationMethodEnabled = true;
	private String ldapType = "NONE";
	public static final String FILE_AUTH_METHOD = "atlas.authentication.method.file";
	public static final String LDAP_AUTH_METHOD = "atlas.authentication.method.ldap";
	public static final String LDAP_TYPE = "atlas.authentication.method.ldap.type";



	private boolean ssoEnabled = false;

	@Autowired
	AtlasLdapAuthenticationProvider ldapAuthenticationProvider;

	@Autowired
	AtlasFileAuthenticationProvider fileAuthenticationProvider;

	@Autowired
	AtlasADAuthenticationProvider adAuthenticationProvider;

	@PostConstruct
	void setAuthenticationMethod() {
	try {
	Configuration configuration = ApplicationProperties.get();

	this.fileAuthenticationMethodEnabled = configuration.getBoolean(
	FILE_AUTH_METHOD, true);

	boolean ldapAuthenticationEnabled = configuration.getBoolean(LDAP_AUTH_METHOD, false);

	if (ldapAuthenticationEnabled) {
	this.ldapType = configuration.getString(LDAP_TYPE, "NONE");
	} else {
	this.ldapType = "NONE";
	}
	} catch (Exception e) {
	LOG.error("Error while getting atlas.login.method application properties", e);
	}
	}

	@Override
	public Authentication authenticate(Authentication authentication)
	throws AuthenticationException {

	if(ssoEnabled){
	if (authentication != null){
	authentication = getSSOAuthentication(authentication);
	if(authentication!=null && authentication.isAuthenticated()){
	return authentication;
	}
	}
	} else {

	if (ldapType.equalsIgnoreCase("LDAP")) {
	try {
	authentication = ldapAuthenticationProvider.authenticate(authentication);
	} catch (Exception ex) {
	LOG.error("Error while LDAP authentication", ex);
	}
	} else if (ldapType.equalsIgnoreCase("AD")) {
	try {
	authentication = adAuthenticationProvider.authenticate(authentication);
	} catch (Exception ex) {
	LOG.error("Error while AD authentication", ex);
	}
	}
	}

	if (authentication != null) {
	if (authentication.isAuthenticated()) {
	return authentication;
	} else if (fileAuthenticationMethodEnabled) { // If the LDAP/AD authentication fails try the local filebased login method
	authentication = fileAuthenticationProvider.authenticate(authentication);

	if (authentication != null && authentication.isAuthenticated()) {
	return authentication;
	}
	}
	}

	LOG.error("Authentication failed.");
	throw new AtlasAuthenticationException("Authentication failed.");
	}

	public boolean isSsoEnabled() {
	return ssoEnabled;
	}

	public void setSsoEnabled(boolean ssoEnabled) {
	this.ssoEnabled = ssoEnabled;
	}

	private Authentication getSSOAuthentication(Authentication authentication) throws AuthenticationException{
	return authentication;
	}
	}