org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler.java

Introduction

Here is the source code for org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler.java

Source

/*
 * Licensed to Jasig under one or more contributor license
 * agreements. See the NOTICE file distributed with this work
 * for additional information regarding copyright ownership.
 * Jasig licenses this file to you under the Apache License,
 * Version 2.0 (the "License"); you may not use this file
 * except in compliance with the License.  You may obtain a
 * copy of the License at the following location:
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.jasig.cas.adaptors.jdbc;

import javax.validation.constraints.NotNull;

import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.jdbc.core.BeanPropertyRowMapper;

/**
 * Class that if provided a query that returns a password (parameter of query
 * must be username) will compare that password to a translated version of the
 * password provided by the user. If they match, then authentication succeeds.
 * Default password translator is plaintext translator.
 * 
 * @author Scott Battaglia
 * @author Dmitriy Kopylenko
 * @version $Revision$ $Date$
 * @since 3.0
 */
public class QueryDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {

    @NotNull
    private String sql;

    protected final boolean authenticateUsernamePasswordInternal(final UsernamePasswordCredentials credentials)
            throws AuthenticationException {
        final String username = getPrincipalNameTransformer().transform(credentials.getUsername());
        final String password = credentials.getPassword();
        try {
            @SuppressWarnings("deprecation")
            final LoginPassword loginPassword = (LoginPassword) getJdbcTemplate().queryForObject(this.sql,
                    new BeanPropertyRowMapper<LoginPassword>(LoginPassword.class),
                    new Object[] { username, username });
            final String encryptedPassword = this.getPasswordEncoder()
                    .encode(this.getPasswordEncoder().encode(password).concat(loginPassword.getSalt()));
            return loginPassword.getPassword().equals(encryptedPassword);
        } catch (final IncorrectResultSizeDataAccessException e) {
            e.printStackTrace();
            return false;
        }
    }

    /**
     * @param sql The sql to set.
     */
    public void setSql(final String sql) {
        this.sql = sql;
    }
}