001/*
002 * Copyright (c) 2013 - 2016 TDP Ltd All Rights Reserved.
003 * TDP Ltd grants permission, free of charge, to any person obtaining copies
004 * of this software and its associated documentation files (the "Software"),
005 * to deal in the Software without restriction, including to use, copy, adapt,
006 * publish, distribute, display, perform, sublicense, and sell copies of the
007 * Software, subject to the following condition: You must include the above
008 * copyright notice and this permission notice in all full or partial copies
009 * of the Software.
010 * 
011 * TDP LTD PROVIDES THE SOFTWARE "AS IS," WITHOUT ANY EXPRESS OR IMPLIED WARRANTY,
012 * INCLUDING WITHOUT THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
013 * PARTICULAR PURPOSE, AND NON-INFRINGMENT. TDP LTD, THE AUTHORS OF THE SOFTWARE,
014 * AND THE OWNERS OF COPYRIGHT IN THE SOFTWARE ARE NOT LIABLE FOR ANY CLAIM, DAMAGES,
015 * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT, OR OTHERWISE, ARISING
016 * FROM, OUT OF, OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
017 * THE SOFTWARE.
018 */
019package cz.tdp.kshield.example;
020
021import cz.tdp.kshield.client.UserInfo;
022import cz.tdp.kshield.integration.SimpleAuthenticationServiceImpl;
023import cz.tdp.kshield.integration.UserInfoValidator;
024
025//SONAR-IGNORE-FILE
026
027/**
028 * Basic usage of AuthenticationService.<br/>
029 * In real world scenarios is AuthenticationService used indirectly in Servlet Filter<br/>
030 * AuthenticationService provides more precise control over authentication and client-server communication<br/>
031 * <br/>
032 * @see cz.tdp.kshield.integration.web.DefaultAuthenticationServiceImpl
033 * @see cz.tdp.kshield.integration.web.KShieldAuthenticationFilter
034 * @see cz.tdp.kshield.springsecurity2.KShieldPreAuthenticationFilter
035 * @see cz.tdp.kshield.springsecurity3.KShieldPreAuthenticationFilter
036 */
037public class AuthServiceDemo
038{
039  public static void main(String[] args) {
040    /*  first create authService  */
041    
042    // URL of KeyShield SSO server
043    final String serverURL = "http://192.168.0.42:8485";
044    
045    // create authentication service
046    final SimpleAuthenticationServiceImpl authService = new SimpleAuthenticationServiceImpl(serverURL);
047    
048    // set various attributes
049    authService.setUsernameAttribute("cn");
050    authService.setApiKey("ABCDEFGHIJKLMN");
051    
052    // userInfo validator is called after successfull userInfo creation, use it for custom validations (e.g. LDAP group check, hw token, etc.)
053    authService.setUserInfoValidator(new UserInfoValidator() {
054      @Override
055      public boolean validate(UserInfo userInfo) {
056        return userInfo.isHwTokenPresent();
057      }
058    });
059    
060    // initialize service - init method is automatically called in Spring Framework environment
061    authService.init();
062    
063    
064    /*  check user with given IP  */
065    
066    // IP address of user
067    String ipAddress = "192.168.100.42";
068
069    // get UserInfo for given IP address
070    final UserInfo user = authService.createUserInfo(ipAddress);
071
072    if(user != null) {
073      System.out.print("authenticated user: " + user.getUserID());
074    }
075    else {
076      System.out.print("No user authenticated at: "+ipAddress);
077    }
078    
079    // freing resources - destroy method is automatically called in Spring Framework environment
080    authService.destroy();
081  }
082}