001/*
002 * Copyright (c) 2013 - 2016 TDP Ltd All Rights Reserved.
003 * TDP Ltd grants permission, free of charge, to any person obtaining copies
004 * of this software and its associated documentation files (the "Software"),
005 * to deal in the Software without restriction, including to use, copy, adapt,
006 * publish, distribute, display, perform, sublicense, and sell copies of the
007 * Software, subject to the following condition: You must include the above
008 * copyright notice and this permission notice in all full or partial copies
009 * of the Software.
010 * 
011 * TDP LTD PROVIDES THE SOFTWARE "AS IS," WITHOUT ANY EXPRESS OR IMPLIED WARRANTY,
012 * INCLUDING WITHOUT THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
013 * PARTICULAR PURPOSE, AND NON-INFRINGMENT. TDP LTD, THE AUTHORS OF THE SOFTWARE,
014 * AND THE OWNERS OF COPYRIGHT IN THE SOFTWARE ARE NOT LIABLE FOR ANY CLAIM, DAMAGES,
015 * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT, OR OTHERWISE, ARISING
016 * FROM, OUT OF, OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
017 * THE SOFTWARE.
018 */
019package cz.tdp.kshield.integration.cas;
020
021import org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
022import org.jasig.cas.authentication.principal.Credentials;
023import org.jasig.cas.authentication.principal.SimplePrincipal;
024import org.springframework.beans.factory.annotation.Autowired;
025import org.springframework.util.Assert;
026
027import cz.tdp.kshield.client.UserInfo;
028import cz.tdp.kshield.integration.AuthenticationService;
029
030/**
031 * <b>This is central class in cas package.</b>
032 */
033public class KShieldAuthenticationHandler extends AbstractPreAndPostProcessingAuthenticationHandler
034{
035  private final AuthenticationService authenticationService;
036  
037  /**
038   * @param authService
039   */
040  @Autowired
041  public KShieldAuthenticationHandler(AuthenticationService authService) {
042    Assert.notNull(authService, "Please provide KeyShield SSO Server authentication Service instance");
043    
044    this.authenticationService = authService;
045  }
046
047  @Override
048  protected final boolean doAuthentication(final Credentials credentials) {
049    final KShieldCredentials c = (KShieldCredentials)credentials;
050
051    final boolean result;
052    
053    final UserInfo userInfo = authenticationService.createUserInfo(c.getIpAddr());
054    
055    if (userInfo != null) {
056      c.setPrincipal(new SimplePrincipal(userInfo.getUsername()));
057  
058      if (log.isDebugEnabled()) {
059        log.debug("user " + userInfo.getUsername() + " is authenticated");
060      }
061      
062      result = true;
063    }
064    else {
065      if (log.isDebugEnabled()) {
066        log.debug("no user for ip "+c.getIpAddr());
067      }
068      
069      result = false;
070    }
071
072    return result;
073  }
074
075  @Override
076  public boolean supports(final Credentials credentials) {
077    return credentials != null && KShieldCredentials.class.equals(credentials.getClass());
078  }
079}