security-0.99/core/src/main/java/org/apache/stanbol/commons/security/auth/AuthenticationCheckerImpl.java - stanbol - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.stanbol.commons.security.auth;

 import java.security.AccessController;
 import java.util.Iterator;
 import java.util.concurrent.locks.Lock;
 import org.apache.felix.scr.annotations.Component;
 import org.apache.felix.scr.annotations.Reference;
 import org.apache.felix.scr.annotations.Service;
 import org.apache.stanbol.commons.security.PasswordUtil;
 import org.apache.clerezza.rdf.core.Literal;
 import org.apache.clerezza.rdf.core.NonLiteral;
 import org.apache.clerezza.rdf.core.Triple;
 import org.apache.clerezza.rdf.core.impl.PlainLiteralImpl;
 import org.apache.clerezza.rdf.ontologies.PERMISSION;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.apache.clerezza.platform.config.SystemConfig;
 import org.apache.clerezza.rdf.core.access.LockableMGraph;
 import org.apache.clerezza.rdf.ontologies.PLATFORM;

 /**
  * A service that checks if a provided username and password matches a
  * username and password stored in the system graph
  *
  * @author mir
  */
 @Component
 @Service(value=AuthenticationChecker.class)
 public class AuthenticationCheckerImpl implements AuthenticationChecker {

 	private final static Logger logger = LoggerFactory.getLogger(AuthenticationCheckerImpl.class);

 	@Reference(target=SystemConfig.SYSTEM_GRAPH_FILTER)
 	private LockableMGraph systemGraph;

 	/**
 	 * Checks if the provided username and password matches a username and
 	 * password stored in the system graph
 	 *
 	 * @param userName
 	 * @param password
 	 * @return true if the password matched, false otherwise
 	 * @throws org.apache.stanbol.commons.security.auth.NoSuchAgent
 	 */
 	@Override
 	public boolean authenticate(String userName, String password) throws NoSuchAgent
 	{
 		SecurityManager security = System.getSecurityManager();
 		if (security != null) {
 			AccessController.checkPermission(new CheckAuthenticationPermission());
 		}
 		NonLiteral agent = getAgentFromGraph(userName);
 		String storedPassword = getPasswordOfAgent(agent);
 		if (storedPassword.equals(PasswordUtil.convertPassword(password))) {
 			logger.debug("user {} successfully authenticated", userName);
 			return true;
 		} else {
 			logger.debug("unsuccessful authentication attempt as user {}", userName);
 			return false;
 		}
 	}

 	private NonLiteral getAgentFromGraph(String userName) throws NoSuchAgent {
 		NonLiteral agent;
 		Lock l = systemGraph.getLock().readLock();
 		l.lock();
 		try {
 			Iterator<Triple> agents = systemGraph.filter(null, PLATFORM.userName, new PlainLiteralImpl(userName));
 			if (agents.hasNext()) {
 				agent = agents.next().getSubject();
 			} else {
 				logger.debug("unsuccessful authentication attempt as non-existent user {}", userName);
 				throw new NoSuchAgent();
 			}
 		} finally {
 			l.unlock();
 		}
 		return agent;
 	}

 	private String getPasswordOfAgent(NonLiteral agent) {
 		String storedPassword = "";
 		Lock l = systemGraph.getLock().readLock();
 		l.lock();
 		try {
 			Iterator<Triple> agentPassword = systemGraph.filter(agent, PERMISSION.passwordSha1, null);
 			if (agentPassword.hasNext()) {
 				storedPassword = ((Literal) agentPassword.next().getObject()).getLexicalForm();
 			}
 		} finally {
 			l.unlock();
 		}
 		return storedPassword;
 	}
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.stanbol.commons.security.auth;

	import java.security.AccessController;
	import java.util.Iterator;
	import java.util.concurrent.locks.Lock;
	import org.apache.felix.scr.annotations.Component;
	import org.apache.felix.scr.annotations.Reference;
	import org.apache.felix.scr.annotations.Service;
	import org.apache.stanbol.commons.security.PasswordUtil;
	import org.apache.clerezza.rdf.core.Literal;
	import org.apache.clerezza.rdf.core.NonLiteral;
	import org.apache.clerezza.rdf.core.Triple;
	import org.apache.clerezza.rdf.core.impl.PlainLiteralImpl;
	import org.apache.clerezza.rdf.ontologies.PERMISSION;

	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;
	import org.apache.clerezza.platform.config.SystemConfig;
	import org.apache.clerezza.rdf.core.access.LockableMGraph;
	import org.apache.clerezza.rdf.ontologies.PLATFORM;

	/**
	* A service that checks if a provided username and password matches a
	* username and password stored in the system graph
	*
	* @author mir
	*/
	@Component
	@Service(value=AuthenticationChecker.class)
	public class AuthenticationCheckerImpl implements AuthenticationChecker {

	private final static Logger logger = LoggerFactory.getLogger(AuthenticationCheckerImpl.class);

	@Reference(target=SystemConfig.SYSTEM_GRAPH_FILTER)
	private LockableMGraph systemGraph;

	/**
	* Checks if the provided username and password matches a username and
	* password stored in the system graph
	*
	* @param userName
	* @param password
	* @return true if the password matched, false otherwise
	* @throws org.apache.stanbol.commons.security.auth.NoSuchAgent
	*/
	@Override
	public boolean authenticate(String userName, String password) throws NoSuchAgent
	{
	SecurityManager security = System.getSecurityManager();
	if (security != null) {
	AccessController.checkPermission(new CheckAuthenticationPermission());
	}
	NonLiteral agent = getAgentFromGraph(userName);
	String storedPassword = getPasswordOfAgent(agent);
	if (storedPassword.equals(PasswordUtil.convertPassword(password))) {
	logger.debug("user {} successfully authenticated", userName);
	return true;
	} else {
	logger.debug("unsuccessful authentication attempt as user {}", userName);
	return false;
	}
	}

	private NonLiteral getAgentFromGraph(String userName) throws NoSuchAgent {
	NonLiteral agent;
	Lock l = systemGraph.getLock().readLock();
	l.lock();
	try {
	Iterator<Triple> agents = systemGraph.filter(null, PLATFORM.userName, new PlainLiteralImpl(userName));
	if (agents.hasNext()) {
	agent = agents.next().getSubject();
	} else {
	logger.debug("unsuccessful authentication attempt as non-existent user {}", userName);
	throw new NoSuchAgent();
	}
	} finally {
	l.unlock();
	}
	return agent;
	}

	private String getPasswordOfAgent(NonLiteral agent) {
	String storedPassword = "";
	Lock l = systemGraph.getLock().readLock();
	l.lock();
	try {
	Iterator<Triple> agentPassword = systemGraph.filter(agent, PERMISSION.passwordSha1, null);
	if (agentPassword.hasNext()) {
	storedPassword = ((Literal) agentPassword.next().getObject()).getLexicalForm();
	}
	} finally {
	l.unlock();
	}
	return storedPassword;
	}
	}