001/* 002 * (C) Copyright 2006-2007 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Thierry Delprat 018 * 019 * $Id: AnonymousAuthenticator.java 30865 2008-03-11 09:00:53Z arussel $ 020 */ 021 022package org.nuxeo.ecm.platform.ui.web.auth.plugins; 023 024import java.security.Principal; 025import java.util.List; 026import java.util.Map; 027 028import javax.servlet.http.HttpServletRequest; 029import javax.servlet.http.HttpServletResponse; 030import javax.servlet.http.HttpSession; 031 032import org.apache.commons.logging.Log; 033import org.apache.commons.logging.LogFactory; 034import org.nuxeo.ecm.core.api.NuxeoPrincipal; 035import org.nuxeo.ecm.platform.api.login.UserIdentificationInfo; 036import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin; 037import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPluginLogoutExtension; 038import org.nuxeo.ecm.platform.usermanager.UserManager; 039import org.nuxeo.runtime.api.Framework; 040 041/** 042 * @author Thierry Delprat 043 */ 044public class AnonymousAuthenticator implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension { 045 046 public static final String BLOCK_ANONYMOUS_LOGIN_KEY = "org.nuxeo.ecm.platform.ui.web.auth.anonymous.block"; 047 048 private static final Log log = LogFactory.getLog(AnonymousAuthenticator.class); 049 050 protected boolean initialized; 051 052 protected String anonymousLogin; 053 054 // Called by JSP page 055 public static boolean isAnonymousRequest(HttpServletRequest httpRequest) { 056 Principal user = httpRequest.getUserPrincipal(); 057 if (user != null && user instanceof NuxeoPrincipal) { 058 return ((NuxeoPrincipal) user).isAnonymous(); 059 } 060 return false; 061 } 062 063 public UserIdentificationInfo handleRetrieveIdentity(HttpServletRequest httpRequest, 064 HttpServletResponse httpResponse) { 065 if (!initialized) { 066 UserManager userManager = Framework.getService(UserManager.class); 067 if (userManager != null) { 068 anonymousLogin = userManager.getAnonymousUserId(); 069 } 070 initialized = true; 071 } 072 if (anonymousLogin == null) { 073 return null; 074 } 075 076 if (isAnonymousLoginBlocked(httpRequest)) { 077 return null; 078 } 079 080 return new UserIdentificationInfo(anonymousLogin, anonymousLogin); 081 } 082 083 protected boolean isAnonymousLoginBlocked(HttpServletRequest httpRequest) { 084 if (Boolean.TRUE.equals(httpRequest.getAttribute(BLOCK_ANONYMOUS_LOGIN_KEY))) { 085 httpRequest.removeAttribute(BLOCK_ANONYMOUS_LOGIN_KEY); 086 return true; 087 } 088 089 HttpSession session = httpRequest.getSession(false); 090 if (session != null && Boolean.TRUE.equals(session.getAttribute(BLOCK_ANONYMOUS_LOGIN_KEY))) { 091 // next logout will clear the session anyway !! 092 // session.setAttribute(BLOCK_ANONYMOUS_LOGIN_KEY, false); 093 return true; 094 } 095 return false; 096 } 097 098 public void initPlugin(Map<String, String> parameters) { 099 // NOP 100 } 101 102 public Boolean needLoginPrompt(HttpServletRequest httpRequest) { 103 return Boolean.FALSE; 104 } 105 106 public List<String> getUnAuthenticatedURLPrefix() { 107 return null; 108 } 109 110 public Boolean handleLoginPrompt(HttpServletRequest httpRequest, HttpServletResponse httpResponse, String baseURL) { 111 return null; 112 } 113 114 public Boolean handleLogout(HttpServletRequest httpRequest, HttpServletResponse httpResponse) { 115 return Boolean.FALSE; 116 } 117 118}