com.khs.sherpa.spring.SpringAuthentication.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.khs.sherpa.spring.SpringAuthentication.java

Introduction

Here is the source code for com.khs.sherpa.spring.SpringAuthentication.java

Source

package com.khs.sherpa.spring;

/*
 * Copyright 2012 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;

import com.khs.sherpa.exception.SherpaInvalidUsernamePassword;
import com.khs.sherpa.json.service.UserService;

public class SpringAuthentication implements UserService {

    private AuthenticationManager authenticationManager;

    public String[] authenticate(String username, String password, HttpServletRequest request,
            HttpServletResponse response) {
        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);

        Authentication authentication = null;

        try {
            authentication = authenticationManager.authenticate(token);
        } catch (AuthenticationException e) {
            throw new SherpaInvalidUsernamePassword("username and/or password is incorrect");
        }

        if (authentication.isAuthenticated() == false) {
            throw new SherpaInvalidUsernamePassword("username and/or password is incorrect");
        }

        List<String> roles = new ArrayList<String>();
        for (GrantedAuthority auth : authentication.getAuthorities()) {
            roles.add(auth.getAuthority());
        }

        SecurityContextImpl context = new SecurityContextImpl();
        context.setAuthentication(authentication);

        SecurityContextHolder.setContext(context);

        request.getSession().setAttribute("SPRING_SECURITY_CONTEXT_KEY", context);

        return roles.toArray(new String[roles.size()]);

    }

    public AuthenticationManager getAuthenticationManager() {
        return authenticationManager;
    }

    @Autowired
    @Qualifier("authManager")
    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

}