I have removed some code for clarity. also this will change further as I use other Identity events.
MyAuthenticator.java
--------------------
package au.edu.tisc.session;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Observer;
import org.jboss.seam.log.Log;
import org.jboss.seam.security.Identity;
import au.edu.tisc.exception.ActivityLoggerException;
@Name("authenticator")
public class Authenticator {
@Logger
Log log;
@In
Identity identity;
@In(value = "orgUserAuthenticate", required = false, create = true)
private OrgUserAuthenticate orgUserAuthenticate;
@In(value = "orgUserAuthenticated", required = false)
private OrgUserAuthenticated orgUserAuthenticated;
@In(value = "activityLogger", required = false, create = true)
private ActivityLogger activityLog;
public boolean authenticate() {
log.info("INFO: authenticating #0", identity.getUsername());
return orgUserAuthenticate.authenticate();
}
@Observer(Identity.EVENT_LOGGED_OUT)
public void logout() {
try {
activityLog.logOrgUser(orgUserAuthenticated.getUser(), ActivityLogger.Code.LOGOUT, null);
} catch (ActivityLoggerException e) {
//do nothing
}
}
}
------------------------------------------------------------------------------------------------
package au.edu.tisc.session;
import java.util.Calendar;
import java.util.List;
import javax.faces.application.FacesMessage;
import org.jboss.seam.Component;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Observer;
import org.jboss.seam.annotations.Out;
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.log.Log;
import org.jboss.seam.security.Identity;
import au.edu.tisc.entity.OrganisationUser;
import au.edu.tisc.exception.ActivityLoggerException;
import au.edu.tisc.home.OrganisationUserHome;
import au.edu.tisc.util.JCrypt;
import au.edu.tisc.util.Strings;
@Name("orgUserAuthenticate")
public class OrgUserAuthenticate {
//TODO auto unlock check, change to configuration parameter
boolean autoUnlock = true;
@Logger
Log log;
@In
Identity identity;
@In(value = "activityLogger", required = false, create = true)
private ActivityLogger activityLog;
@In(value="orgUserService", required=false, create=true)
private OrgUserService orgUserService;
@In(value = "orgUserAuthenticated", required = false, create = true)
@Out(value = "orgUserAuthenticated", required = false, scope = ScopeType.SESSION)
private OrgUserAuthenticated orgUserAuthenticated;
OrganisationUser organisationUser = null;
private boolean isAutoLocked = false;
private boolean isAccountLocked = false;
private boolean isAccountSuspended = false;
private boolean isSystemError = false;
public boolean authenticate() {
boolean isAuthenticated = false;
try {
isAuthenticated = _authenticate();
} catch (ActivityLoggerException e) {
this.isSystemError = true;
FacesMessages.instance().getCurrentMessages().clear();
FacesMessages.instance().addFromResourceBundle(FacesMessage.SEVERITY_ERROR, "au.edu.tisc.SystemErrorWhileLoggingIn", e.getMessage());
} finally {
...
}
return isAuthenticated;
}
private boolean _authenticate() {
if (Strings.isNull(identity.getUsername()) || Strings.isNull(identity.getPassword())) {
FacesMessages.instance().add(FacesMessage.SEVERITY_ERROR, "Please enter username and password.");
return false;
}
//validate username
if (organisationUser == null) {
activityLog.logOrgUser(organisationUser, ActivityLogger.Code.LOGIN_FAILED, String.format(
ActivityLogger.Code.Desc.INVALID_USERNAME, identity.getUsername()));
FacesMessages.instance().addFromResourceBundle(FacesMessage.SEVERITY_ERROR, "au.edu.tisc.InvalidUsername", identity.getUsername());
return false;
} else {
this.isAccountLocked = (Constant.User.AccountStatus.LOCKED.equalsIgnoreCase(organisationUser.getStatus()));
this.isAccountSuspended = (Constant.User.AccountStatus.SUSPENDED.equalsIgnoreCase(organisationUser.getStatus()));
}
//validate password
if (!JCrypt.match(identity.getPassword(), organisationUser.getPassword())) {
...
return false;
}
...
...
orgUserService.loadSecurityRolesForUser(organisationUser);
return true;
}
public boolean isAccountLocked() {
return this.isAccountLocked;
}
public boolean isAccountSuspended() {
return this.isAccountSuspended;
}
public boolean isSystemError() {
return this.isSystemError;
}
public void setIsAutoLocked(boolean value) {
this.isAutoLocked = value;
}
public void setIsSystemError(boolean value) {
this.isSystemError = value;
}
@Observer(Identity.EVENT_LOGIN_SUCCESSFUL)
public void loginSuccessful() {
log.info("************ loginSuccessful");
if (orgUserService.setLoginSuccessParams(organisationUser)) {
orgUserAuthenticated.setUser(organisationUser);
try {
activityLog.logOrgUser(organisationUser, ActivityLogger.Code.LOGIN_SUCCESSFUL);
} catch (ActivityLoggerException e) {
identity.logout();
this.isSystemError = true;
FacesMessages.instance().getCurrentMessages().clear();
FacesMessages.instance().addFromResourceBundle(FacesMessage.SEVERITY_ERROR, "au.edu.tisc.SystemErrorWhileLoggingIn", e.getMessage());
}
} else {
identity.logout();
this.isSystemError = true;
FacesMessages.instance().addFromResourceBundleOrDefault(FacesMessage.SEVERITY_ERROR,"au.edu.tisc.SystemErrorWhileLoggingIn", "Unable to set user login success parameters.", "default msgs");
List<FacesMessage> msgs = FacesMessages.instance().getCurrentMessages();
log.info(msgs.size());
}
}
}