summaryrefslogtreecommitdiffstats
path: root/src/main/java/org/openslx/imagemaster/session/Authenticator.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/openslx/imagemaster/session/Authenticator.java')
-rw-r--r--src/main/java/org/openslx/imagemaster/session/Authenticator.java22
1 files changed, 9 insertions, 13 deletions
diff --git a/src/main/java/org/openslx/imagemaster/session/Authenticator.java b/src/main/java/org/openslx/imagemaster/session/Authenticator.java
index 5f59a85..5d1b728 100644
--- a/src/main/java/org/openslx/imagemaster/session/Authenticator.java
+++ b/src/main/java/org/openslx/imagemaster/session/Authenticator.java
@@ -7,8 +7,12 @@ import org.openslx.imagemaster.db.LdapUser;
import org.openslx.imagemaster.thrift.iface.AuthenticationError;
import org.openslx.imagemaster.thrift.iface.AuthenticationException;
+/**
+ * Authenticates a user against a backend (ldap here)
+ */
public class Authenticator
{
+
private static Logger log = Logger.getLogger( Authenticator.class );
/**
@@ -21,29 +25,21 @@ public class Authenticator
*/
public static User authenticate( String username, String password ) throws AuthenticationException
{
- // DbUser user = DbUser.forLogin( username );
- // if ( user == null || !Sha512Crypt.verifyPassword( password, user.password ) ) {
- // log.debug( "Login failed: " + username );
- // throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Invalid username or password!" );
- // }
- // log.debug( "Login successful: " + username );
-
String login = username;
- if (username.split( "@" ).length == 2) {
+ if ( username.split( "@" ).length == 2 ) {
log.info( "username is in username@organization format" );
// we are in username@organization format
- // --> get prefix
DbSatellite satellite = DbSatellite.fromOrganization( username.split( "@" )[1] );
- if (satellite == null)
+ if ( satellite == null )
throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Unkown Organization." );
login = satellite.getPrefix() + "_" + username.split( "@" )[0];
- } else if (username.split( "_" ).length != 2) {
+ } else if ( username.split( "_" ).length != 2 ) {
log.info( "username is not in a valid format." );
- throw new AuthenticationException(AuthenticationError.INVALID_CREDENTIALS, "Credentials must be in (username@organization) or (prefix@username)");
+ throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Credentials must be in (username@organization) or (prefix@username)" );
}
log.info( "Logging in with: " + login );
-
+
LdapUser user = LdapUser.forLogin( login, password ); // throws exception if credentials are invalid
if ( user == null ) {
log.debug( "Login failed: " + username );
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-19 04:00:57 +0200