Changeset 5822


Ignore:
Timestamp:
Oct 24, 2011, 1:44:02 PM (10 years ago)
Author:
Nicklas Nordborg
Message:

References #1575: Add support for authenticator plug-in in external JAR files

Also added LoginException which can be used instead of UnknownLoginException or InvalidPasswordException in case the authentication implementation need to display a custom message.

Location:
trunk
Files:
2 added
9 edited

Legend:

Unmodified
Added
Removed
  • trunk/config/dist/base.config

    r5680 r5822  
    6666# ----------------
    6767#auth.driver         = net.sf.basedb.core.authentication.POP3Authenticator
     68#auth.jarpath        =
    6869#auth.init           = mail.example.com
    6970#auth.synchronize    = 0
  • trunk/doc/src/docbook/appendix/base.config.xml

    r5820 r5822  
    289289   
    290290    <varlistentry>
     291      <term><property>auth.jarpath</property></term>
     292      <listitem>
     293        <para>
     294        The path to the JAR file containing the class specified by the
     295        <property>auth.driver</property> setting. If empty, it is assumed that
     296        class is on the class-path. Eg. in the <filename>WEB-INF/lib</filename>
     297        directory.
     298          </para>
     299      </listitem>
     300    </varlistentry>
     301   
     302    <varlistentry>
    291303      <term><property>auth.init</property></term>
    292304      <listitem>
  • trunk/doc/src/docbook/developer/plugins.xml

    r5816 r5822  
    35593559              and be added to the all roles and groups which has been
    35603560              marked as <emphasis>default</emphasis>.
    3561              
    3562               <note>
    3563               <para>
    3564                 Prior to BASE 2.4 it was hardcoded to add the new user to the
    3565                 <emphasis>Users</emphasis> role only.
    3566               </para>
    3567               </note>
    35683561            </para>
    35693562          </listitem>
     
    36213614          setting in <filename>base.config</filename> and
    36223615          its initialisation parameters in the <property>auth.init</property> setting.
     3616          The class can either be installed on Tomcat's class path (eg. <filename>WEB-INF/lib</filename>)
     3617          or on an external path. In the latter case the <property>auth.jarpath</property>
     3618          must be set in <filename>base.config</filename>.
    36233619        </para>
    36243620       
     
    36903686              <exceptionname>UnknownLoginException</exceptionname>
    36913687              <exceptionname>InvalidPasswordException</exceptionname>
     3688              <exceptionname>LoginException</exceptionname>
    36923689              <exceptionname>AuthenticationException</exceptionname>
    36933690            </methodsynopsis>
     
    37163713              password is invalid. In case it is considered a security issue
    37173714              to reveal that a login exists, the plugin may throw an
    3718               <exceptionname>UnknowLoginException</exceptionname> instead.
     3715              <exceptionname>UnknowLoginException</exceptionname> or
     3716              <exceptionname>LoginException</exceptionname> instead.
     3717              </para>
     3718            </listitem>
     3719
     3720            <listitem>
     3721              <para>
     3722              <exceptionname>LoginException</exceptionname>:
     3723              This exception should be thrown if the login failed but it
     3724              is not known if the cause is an incorrect login or password.
     3725              The authenticator implementation must specify an error message
     3726              that is displayed to the user.
    37193727              </para>
    37203728            </listitem>
     
    37513759            <para>
    37523760            The class name of the authentication plug-in.
     3761            </para>
     3762          </listitem>
     3763        </varlistentry>
     3764
     3765        <varlistentry>
     3766          <term><property>auth.jarpath</property></term>
     3767          <listitem>
     3768            <para>
     3769            The path to the JAR file containing the authentication plug-in.
     3770            This should be left empty if the plug-in is installed in the
     3771            <filename>WEB-INF/lib</filename> directory.
    37533772            </para>
    37543773          </listitem>
  • trunk/src/core/net/sf/basedb/core/Application.java

    r5630 r5822  
    3232import net.sf.basedb.util.EmailUtil;
    3333import net.sf.basedb.util.FileUtil;
     34import net.sf.basedb.util.JarClassLoader;
    3435import net.sf.basedb.util.RegexpFileFilter;
    3536import net.sf.basedb.util.StaticCache;
     
    747748    try
    748749    {
    749       a = (Authenticator)Class.forName(authenticationDriver).newInstance();
     750      String jarPath = net.sf.basedb.util.Values.getStringOrNull(Config.getString("auth.jarpath"));
     751      ClassLoader loader = jarPath == null ? null : JarClassLoader.getInstance(jarPath);
     752      a = (Authenticator)ClassUtil.checkAndLoadClass(loader,
     753        authenticationDriver, true, Authenticator.class).newInstance();
    750754      a.init(Config.getString("auth.init"));
    751755    }
  • trunk/src/core/net/sf/basedb/core/InvalidPasswordException.java

    r4889 r5822  
    5151  }
    5252
     53  /**
     54    Create a new <code>InvalidPasswordException</code> object with
     55    the specified <code>message</code>
     56 
     57    @param message The message to throw with the exception
     58    @param cause The cause of the exception
     59    @since 3.0
     60  */
     61  public InvalidPasswordException(String message, Throwable cause)
     62  {
     63    super("Invalid password. "+message, cause);
     64  }
     65 
     66 
    5367}
    5468
  • trunk/src/core/net/sf/basedb/core/ItemNotFoundException.java

    r4889 r5822  
    5151  }
    5252
     53  /**
     54    Creates a new <code>ItemNotFoundException</code>. The error
     55    message produced will look like:
     56    <code>Item not found: User[ID=1]</code>
     57 
     58    @param what A description of what was not found, for
     59      example: User[ID=1]
     60    @param cause The cause of the exception
     61    @since 3.0
     62  */
     63  public ItemNotFoundException(String what, Throwable cause)
     64  {
     65    super("Item not found: "+what, cause);
     66  }
     67
     68 
    5369}
    5470
  • trunk/src/core/net/sf/basedb/core/SessionControl.java

    r5689 r5822  
    509509      info = authenticator.authenticate(login, password);
    510510    }
     511    catch (net.sf.basedb.core.authentication.LoginException ex)
     512    {
     513      throw new LoginException(ex.getMessage(), ex);
     514    }
    511515    catch (net.sf.basedb.core.authentication.UnknownLoginException ex)
    512516    {
    513       throw new ItemNotFoundException("User[login="+login+"]");
     517      throw new ItemNotFoundException("User[login="+login+"]", ex);
    514518    }
    515519    catch (net.sf.basedb.core.authentication.InvalidPasswordException ex)
    516520    {
    517       throw new InvalidPasswordException("User[login="+login+"]");
     521      throw new InvalidPasswordException("User[login="+login+"]", ex);
    518522    }
    519523    catch (net.sf.basedb.core.authentication.AuthenticationException ex)
  • trunk/src/core/net/sf/basedb/core/authentication/AuthenticationException.java

    r4889 r5822  
    5757    super("Authentication failed. " + cause.getMessage(), cause);
    5858  }
     59 
     60  /**
     61    Create a new <code>AuthenticationException</code> object
     62    @param msg The error message
     63    @since 3.0
     64  */
     65  public AuthenticationException(String msg, Throwable cause)
     66  {
     67    super("Authentication failed. " + msg, cause);
     68  }
    5969
    6070}
  • trunk/www/login.jsp

    r5426 r5822  
    6161      if (sc.isLoggedIn()) sc.logout();
    6262      sc.login(login, password, null, encrypted);
     63    }
     64    catch (LoginException ex)
     65    {
     66      errorTitle = "Login failed";
     67      errorMessage = ex.getMessage();
    6368    }
    6469    catch (ItemNotFoundException ex)
Note: See TracChangeset for help on using the changeset viewer.