001 /* 002 Copyright (C) 2002-2003 Renaud Pawlak <renaud@aopsys.com> 003 004 This program is free software; you can redistribute it and/or modify 005 it under the terms of the GNU Lesser General Public License as 006 published by the Free Software Foundation; either version 2 of the 007 License, or (at your option) any later version. 008 009 This program is distributed in the hope that it will be useful, 010 but WITHOUT ANY WARRANTY; without even the implied warranty of 011 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 012 GNU Lesser General Public License for more details. 013 014 You should have received a copy of the GNU Lesser General Public License 015 along with this program; if not, write to the Free Software 016 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ 017 018 package org.objectweb.jac.aspects.authentication; 019 020 import org.objectweb.jac.aspects.user.UserAC; 021 import org.objectweb.jac.core.ACManager; 022 import org.objectweb.jac.util.Log; 023 024 /** 025 * This Authenticator asks for a username and password and checks them 026 * by using the user aspect. 027 * 028 * @see org.objectweb.jac.aspects.user.UserAC */ 029 030 public class UserPasswordAuthenticator extends PasswordAuthenticator { 031 032 UserAC userAC; 033 String userAspectName; 034 035 /** 036 * Constructor. 037 * 038 * @param userAspectName the name of the user aspect for the 039 * configured application (note that we should implement a means to 040 * resolve an aspect). It has the form 041 * <application_name>.<aspect_name> 042 */ 043 public UserPasswordAuthenticator(String userAspectName) { 044 this.userAspectName=userAspectName; 045 } 046 047 /** 048 * Implements the password checking. 049 * 050 * <p>This method asks to the user aspect which is the currently 051 * user's instance of the current session and checks if the 052 * username and password values corresponds to the values of the 053 * corresponding fields as declared in the user aspect. 054 * 055 * @param username the username to check 056 * @param password the password to check 057 * @return true if matching, false otherwise 058 * 059 * @see org.objectweb.jac.aspects.user.UserAC 060 * @see org.objectweb.jac.aspects.user.UserAC#setUserClass(ClassItem,String,String) 061 * @see org.objectweb.jac.aspects.user.UserAC#getUserFromLogin(String) 062 * @see org.objectweb.jac.aspects.user.UserAC#getUserLogin(Object) 063 * @see org.objectweb.jac.aspects.user.UserAC#getUserPassword(Object) 064 */ 065 boolean checkPassword(String username, String password) { 066 if (userAC==null) { 067 userAC=(UserAC)ACManager.get().getObject(userAspectName); 068 } 069 if (userAC==null) { 070 Log.error("UserPasswordAuthenticator: cannot perform "+ 071 "password authentication, no user aspect found."); 072 return false; 073 } else { 074 Object user=userAC.getUserFromLogin(username); 075 Log.trace("authentication","checking "+username+"=="+ 076 userAC.getUserLogin(user)+" && "+password+"=="+ 077 userAC.getUserPassword(user)+" (user="+user+")"); 078 return username.equals(userAC.getUserLogin(user)) && 079 password.equals(userAC.getUserPassword(user)); 080 } 081 } 082 083 }