diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/DummyAuthenticationService.java b/authentication/source/java/ch/systemsx/cisd/authentication/DummyAuthenticationService.java
index c9506f2fd5beb7ff03d38c27ac11e6e1271876c0..f4b172508ec333bdff973bb7e69f5ce9c494db3a 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/DummyAuthenticationService.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/DummyAuthenticationService.java
@@ -28,15 +28,26 @@ public final class DummyAuthenticationService implements IAuthenticationService
// IAuthenticationService
//
+ public String authenticateApplication()
+ {
+ // We do not care about the returned application token.
+ return null;
+ }
+
/**
- * Returns always a non-<code>null</code> token, meaning that the login was successfull.
+ * Always returns <code>true</code>, meaning that the login was successfull.
*/
- public final Principal authenticate(String user, String password)
+ public final boolean authenticateUser(String applicationToken, String user, String password)
{
- return new Principal(user, "John", "Doe", "jdoe@somewhere.org");
+ return true;
}
- public final void checkAvailability()
+ public final Principal getPrincipal(String applicationToken, String user)
+ {
+ return new Principal(user, "John", "Doe", "jdoe@somewhere.org");
+ }
+
+ public final void check()
{
// Always available.
}
diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/IAuthenticationService.java b/authentication/source/java/ch/systemsx/cisd/authentication/IAuthenticationService.java
index 21999cdd572e0472c6927bbcab2873eb8a03f416..0449f54e12857efc2d3b99e5710c66bf2bd8ae29 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/IAuthenticationService.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/IAuthenticationService.java
@@ -16,27 +16,50 @@
package ch.systemsx.cisd.authentication;
-import ch.systemsx.cisd.common.exceptions.EnvironmentFailureException;
+import ch.systemsx.cisd.common.utilities.ISelfTestable;
/**
* Interface for authentication.
*
* @author Franz-Josef Elmer
*/
-public interface IAuthenticationService
+public interface IAuthenticationService extends ISelfTestable
{
+
/**
- * Checks whether the service is available or not.
+ * Attempts authentication of the application with credentials passed in the constructor and retuns the application
+ * token.
+ * <p>
+ * The returned application token can then be used to authenticate an user (via
+ * {@link #authenticateUser(String, String, String)}) or to retrieve additional details about an user (via
+ * {@link #getPrincipal(String, String)})
+ * </p>
*
- * @throws EnvironmentFailureException if the service is not available.
+ * @return the application token if the application has been successfully authenticated, <code>null</code>
+ * otherwise.
*/
- public void checkAvailability();
+ public String authenticateApplication();
/**
* Attempts authentication for the given user credentials.
+ * <p>
+ * Note that the application must be authenticated (meaning that <var>applicationToken</var> is not
+ * <code>null</code>) to perform this lookup.
+ * </p>
+ *
+ * @return <code>true</code> if the <var>user</var> has been successfully authenticated.
+ */
+ public boolean authenticateUser(String applicationToken, String user, String password);
+
+ /**
+ * For a given user name returns additional details encapsulated in returned <code>Principal</code>.
+ * <p>
+ * Note that the application must be authenticated (meaning that <var>applicationToken</var> is not
+ * <code>null</code>) to perform this lookup.
+ * </p>
*
- * @return a <code>Principal</code> object if the <var>user</var> has been successfully authenticated,
- * <code>null</code> otherwise.
+ * @return a <code>Principal</code> object if given <var>user</var> could be found, <code>null</code>
+ * otherwise.
*/
- public Principal authenticate(String user, String password);
+ public Principal getPrincipal(String applicationToken, String user);
}
\ No newline at end of file
diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/crowd/CrowdAuthenticationService.java b/authentication/source/java/ch/systemsx/cisd/authentication/crowd/CrowdAuthenticationService.java
index 2a37db2b2f10d91a4b9c81a427be2f7d8fd5fe74..51550a3b8d955c9783ad4e769c4dd454adab8bf8 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/crowd/CrowdAuthenticationService.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/crowd/CrowdAuthenticationService.java
@@ -37,6 +37,7 @@ import ch.systemsx.cisd.authentication.IAuthenticationService;
import ch.systemsx.cisd.authentication.Principal;
import ch.systemsx.cisd.authentication.crowd.CrowdSoapElements.SOAPAttribute;
import ch.systemsx.cisd.common.exceptions.CheckedExceptionTunnel;
+import ch.systemsx.cisd.common.exceptions.ConfigurationFailureException;
import ch.systemsx.cisd.common.exceptions.EnvironmentFailureException;
import ch.systemsx.cisd.common.logging.LogCategory;
import ch.systemsx.cisd.common.logging.LogFactory;
@@ -44,6 +45,10 @@ import ch.systemsx.cisd.common.logging.LogFactory;
/**
* This <code>IAuthenticationService</code> implementation first registers the application on the <i>Crowd</i>
* server, then authenticates the user.
+ * <p>
+ * The modus operandi is based on information found at <a
+ * href="http://confluence.atlassian.com/display/CROWD/SOAP+API">http://confluence.atlassian.com/display/CROWD/SOAP+API</a>
+ * </p>
*
* @author Franz-Josef Elmer
*/
@@ -126,7 +131,11 @@ public class CrowdAuthenticationService implements IAuthenticationService
}
}
- public final void checkAvailability()
+ //
+ // IAuthenticationService
+ //
+
+ public final void check() throws EnvironmentFailureException, ConfigurationFailureException
{
try
{
@@ -148,17 +157,14 @@ public class CrowdAuthenticationService implements IAuthenticationService
}
}
- public final Principal authenticate(String user, String password)
+ public final String authenticateApplication()
{
- assert user != null;
- // Application login
final String applicationToken =
StringEscapeUtils.unescapeXml(execute(CrowdSoapElements.TOKEN, AUTHENTICATE_APPL, application,
applicationPassword));
if (applicationToken == null)
{
operationLog.error("CROWD: application '" + application + "' failed to authenticate.");
- return null;
} else
{
if (operationLog.isDebugEnabled())
@@ -166,6 +172,14 @@ public class CrowdAuthenticationService implements IAuthenticationService
operationLog.debug("CROWD: application '" + application + "' successfully authenticated.");
}
}
+ return applicationToken;
+ }
+
+ public final boolean authenticateUser(String applicationToken, String user, String password)
+ {
+ assert applicationToken != null;
+ assert user != null;
+
final String userToken =
StringEscapeUtils.unescapeXml(execute("out", AUTHENTICATE_USER, application, applicationToken, user,
password));
@@ -180,12 +194,11 @@ public class CrowdAuthenticationService implements IAuthenticationService
operationLog.info(msg + "SUCCESS.");
}
}
- if (userToken == null)
- {
- return null;
- }
- // Find principal by name. Obviously we do not need to make an user authentication to get
- // these informations.
+ return userToken != null;
+ }
+
+ public final Principal getPrincipal(String applicationToken, String user)
+ {
String xmlResponse = null;
try
{