christiancorsano/yacos
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ajout des fonctions de rafraichissement de l'authentification (y compris nouveau mot de passe)

Browse Source
This commit is contained in:
conceptoire.com
2008-02-06 10:04:13 +00:00
parent a561016add
commit 6d7fd2548f
1 changed files with 29 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
YACOSWeb/src/org/yacos/web/system/session/SessionService.java
View File

@@ -9,9 +9,9 @@ import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.providers.dao.DaoAuthenticationProvider;
import org.acegisecurity.providers.encoding.ShaPasswordEncoder;
import org.acegisecurity.providers.dao.UserCache;
import org.springframework.web.servlet.support.RequestContextUtils;
import org.springframework.web.util.WebUtils;
import org.yacos.auth.UserDetailsService;
import org.yacos.core.conferences.Conference;
import org.yacos.core.conferences.IConferenceManager;
import org.yacos.core.users.IUserManager;
@@ -108,13 +108,7 @@ public class SessionService {
currentConference = conferenceManager.getConference(currentConferenceId);
request.setAttribute("currentConference", currentConference);
// Refreshing user credentials
Authentication currentAuthentication = SecurityContextHolder.getContext().getAuthentication();
if(currentAuthentication instanceof UsernamePasswordAuthenticationToken){
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setPasswordEncoder(new ShaPasswordEncoder(256));
authProvider.setUserDetailsService(new UserDetailsService());
SecurityContextHolder.getContext().setAuthentication(authProvider.authenticate(currentAuthentication));
}
refreshAuthentication();
}
/**
@@ -232,4 +226,30 @@ public class SessionService {
public Object getSessionAttribute(String name){
return WebUtils.getSessionAttribute(request, name);
}
public void refreshAuthentication(){
refreshAuthentication(null);
}
public void refreshAuthentication(String newPassword) {
// First step : remove user from the cache
DaoAuthenticationProvider authProvider = (DaoAuthenticationProvider) RequestContextUtils.getWebApplicationContext(request).getBean("daoAuthenticationProvider");
UserCache userCache = authProvider.getUserCache();
if(userCache != null){
userCache.removeUserFromCache(getCurrentUserLogin());
}
// Second step : Refreshing user credentials
Authentication currentAuthentication = SecurityContextHolder.getContext().getAuthentication();
if(currentAuthentication instanceof UsernamePasswordAuthenticationToken){
if(newPassword != null){
// Setting the new password in the authentication token
currentAuthentication = new UsernamePasswordAuthenticationToken(currentAuthentication.getPrincipal(),newPassword);
}
SecurityContextHolder.getContext().setAuthentication(authProvider.authenticate(currentAuthentication));
}
}
}