From c5c204b42ef294ecaf5ff7b048d26e117ddb8c57 Mon Sep 17 00:00:00 2001
From: Nils Schwabe
Date: Tue, 8 Apr 2014 12:23:58 +0200
Subject: LDAP functionallity - added apache ldap client api to pom.xml - added
 the LDAP user which authenticates to the LDAP server - added
 testAuthentication to AppTest - users get inserted into db after
 authenticating - added log4j properties to filter unuseful debug messages

---
 .../openslx/imagemaster/session/Authenticator.java | 24 ++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

(limited to 'src/main/java/org/openslx/imagemaster/session/Authenticator.java')

diff --git a/src/main/java/org/openslx/imagemaster/session/Authenticator.java b/src/main/java/org/openslx/imagemaster/session/Authenticator.java
index f730c72..d1cca94 100644
--- a/src/main/java/org/openslx/imagemaster/session/Authenticator.java
+++ b/src/main/java/org/openslx/imagemaster/session/Authenticator.java
@@ -2,16 +2,17 @@ package org.openslx.imagemaster.session;
 
 import org.apache.log4j.Logger;
 import org.openslx.imagemaster.db.DbUser;
+import org.openslx.imagemaster.db.LDAPUser;
 import org.openslx.imagemaster.thrift.iface.AuthenticationError;
 import org.openslx.imagemaster.thrift.iface.AuthenticationException;
-import org.openslx.imagemaster.util.Sha512Crypt;
+
 
 public class Authenticator
 {
 	private static Logger log = Logger.getLogger( Authenticator.class );
 
 	/**
-	 * Authenticate the user against whatever backend... currently MySQL only
+	 * Authenticate the user against whatever backend
 	 * @param username
 	 * @param password
 	 * @return
@@ -19,12 +20,23 @@ public class Authenticator
 	 */
 	public static User authenticate( String username, String password ) throws AuthenticationException
 	{
-		DbUser user = DbUser.forLogin( username );
-		if ( user == null || !Sha512Crypt.verifyPassword( password, user.password ) ) {
-			log.debug( "Login failed: " + username );
+//		DbUser user = DbUser.forLogin( username );
+//		if ( user == null || !Sha512Crypt.verifyPassword( password, user.password ) ) {
+//			log.debug( "Login failed: " + username );
+//			throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Invalid username or password!" );
+//		}
+//		log.debug( "Login successful: " + username );
+		
+		LDAPUser user = LDAPUser.forLogin( username, password ); // throws exception if credentials are invalid
+		if (user == null) {
+			log.debug( "Login failed: " + username);
 			throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Invalid username or password!" );
 		}
-		log.debug( "Login successful: " + username );
+		log.debug( "Login succesful: " + username );
+		
+		// if successfull: update/insert into db
+		DbUser.insertOrUpdate(user);
+		
 		return user;
 	}
 	//
-- 
cgit v1.2.3-55-g7522