diff --git a/webapp/src/edu/cornell/mannlib/vedit/beans/LoginStatusBean.java b/webapp/src/edu/cornell/mannlib/vedit/beans/LoginStatusBean.java
index 7c8089486..7f1fd9eee 100644
--- a/webapp/src/edu/cornell/mannlib/vedit/beans/LoginStatusBean.java
+++ b/webapp/src/edu/cornell/mannlib/vedit/beans/LoginStatusBean.java
@@ -35,7 +35,7 @@ public class LoginStatusBean {
/** A bean to return when the user has not logged in. */
private static final LoginStatusBean DUMMY_BEAN = new LoginStatusBean("",
- "", ANYBODY);
+ "", ANYBODY, AuthenticationSource.UNKNOWN);
/** The bean is attached to the session by this name. */
private static final String ATTRIBUTE_NAME = "loginStatus";
@@ -95,14 +95,21 @@ public class LoginStatusBean {
// the bean
// ----------------------------------------------------------------------
+ public enum AuthenticationSource {
+ UNKNOWN, INTERNAL, EXTERNAL
+ }
+
private final String userURI;
private final String username;
private final int securityLevel;
+ private final AuthenticationSource authenticationSource;
- public LoginStatusBean(String userURI, String username, int securityLevel) {
+ public LoginStatusBean(String userURI, String username, int securityLevel,
+ AuthenticationSource authenticationSource) {
this.userURI = userURI;
this.username = username;
this.securityLevel = securityLevel;
+ this.authenticationSource = authenticationSource;
}
public String getUserURI() {
@@ -117,6 +124,10 @@ public class LoginStatusBean {
return securityLevel;
}
+ public AuthenticationSource getAuthenticationSource() {
+ return authenticationSource;
+ }
+
public boolean isLoggedIn() {
return securityLevel > ANYBODY;
}
@@ -129,10 +140,15 @@ public class LoginStatusBean {
return securityLevel >= minimumLevel;
}
+ public boolean hasExternalAuthentication() {
+ return authenticationSource == AuthenticationSource.EXTERNAL;
+ }
+
@Override
public String toString() {
return "LoginStatusBean[userURI=" + userURI + ", username=" + username
- + ", securityLevel=" + securityLevel + "]";
+ + ", securityLevel=" + securityLevel
+ + ", authenticationSource=" + authenticationSource + "]";
}
}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java
index bc4c676f4..f26347708 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java
@@ -6,6 +6,7 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.beans.User;
/**
@@ -86,7 +87,8 @@ public abstract class Authenticator {
* - notify other users of the model
*
*/
- public abstract void recordLoginAgainstUserAccount(String username);
+ public abstract void recordLoginAgainstUserAccount(String username,
+ AuthenticationSource authSource);
/**
*
@@ -96,7 +98,7 @@ public abstract class Authenticator {
*
*/
public abstract void recordLoginWithoutUserAccount(String username,
- String individualUri);
+ String individualUri, AuthenticationSource authSource);
/**
*
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
index 76291592d..3d2fd6712 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
@@ -16,6 +16,7 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginFormBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
@@ -81,7 +82,8 @@ public class BasicAuthenticator extends Authenticator {
}
@Override
- public void recordLoginAgainstUserAccount(String username) {
+ public void recordLoginAgainstUserAccount(String username,
+ AuthenticationSource authSource) {
User user = getUserByUsername(username);
if (user == null) {
log.error("Trying to record the login of a non-existent user: "
@@ -95,24 +97,26 @@ public class BasicAuthenticator extends Authenticator {
String roleUri = user.getRoleURI();
int securityLevel = parseUserSecurityLevel(user);
recordLoginWithOrWithoutUserAccount(username, userUri, roleUri,
- securityLevel);
+ securityLevel, authSource);
}
@Override
public void recordLoginWithoutUserAccount(String username,
- String individualUri) {
+ String individualUri, AuthenticationSource authSource) {
String roleUri = AuthRole.USER.roleUri();
int securityLevel = LoginStatusBean.NON_EDITOR;
recordLoginWithOrWithoutUserAccount(username, individualUri, roleUri,
- securityLevel);
+ securityLevel, authSource);
}
/** This much is in common on login, whether or not you have a user account. */
private void recordLoginWithOrWithoutUserAccount(String username,
- String userUri, String roleUri, int securityLevel) {
+ String userUri, String roleUri, int securityLevel,
+ AuthenticationSource authSource) {
HttpSession session = request.getSession();
createLoginFormBean(username, userUri, roleUri, session);
- createLoginStatusBean(username, userUri, securityLevel, session);
+ createLoginStatusBean(username, userUri, securityLevel, authSource,
+ session);
setSessionTimeoutLimit(session);
recordInUserSessionMap(userUri, session);
notifyOtherUsers(userUri, session);
@@ -152,9 +156,10 @@ public class BasicAuthenticator extends Authenticator {
* TODO this should eventually replace the LoginFormBean.
*/
private void createLoginStatusBean(String username, String userUri,
- int securityLevel, HttpSession session) {
+ int securityLevel, AuthenticationSource authSource,
+ HttpSession session) {
LoginStatusBean lsb = new LoginStatusBean(userUri, username,
- securityLevel);
+ securityLevel, authSource);
LoginStatusBean.setBean(session, lsb);
log.info("Adding status bean: " + lsb);
}
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java
index 33decec7d..9be375c59 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java
@@ -13,6 +13,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
@@ -43,7 +44,8 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
- String username = ExternalAuthHelper.getHelper(req).getExternalUsername(req);
+ String username = ExternalAuthHelper.getHelper(req)
+ .getExternalUsername(req);
String uri = getAssociatedIndividualUri(username, req);
if (username == null) {
@@ -52,12 +54,14 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
MESSAGE_LOGIN_FAILED);
} else if (getAuthenticator(req).isExistingUser(username)) {
log.debug("Logging in as " + username);
- getAuthenticator(req).recordLoginAgainstUserAccount(username);
+ getAuthenticator(req).recordLoginAgainstUserAccount(username,
+ AuthenticationSource.EXTERNAL);
removeLoginProcessArtifacts(req);
loginRedirector.redirectLoggedInUser(req, resp);
} else if (uri != null) {
log.debug("Recognize '' as self-editor for " + uri);
- getAuthenticator(req).recordLoginWithoutUserAccount(username, uri);
+ getAuthenticator(req).recordLoginWithoutUserAccount(username, uri,
+ AuthenticationSource.EXTERNAL);
removeLoginProcessArtifacts(req);
loginRedirector.redirectSelfEditingUser(req, resp, uri);
} else {
diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
index d60a22343..d2b8e64c6 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
@@ -26,6 +26,7 @@ import org.apache.commons.logging.LogFactory;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
@@ -287,7 +288,8 @@ public class Authenticate extends VitroHttpServlet {
private void transitionToLoggedIn(HttpServletRequest request,
String username) {
log.debug("Completed login: " + username);
- getAuthenticator(request).recordLoginAgainstUserAccount(username);
+ getAuthenticator(request).recordLoginAgainstUserAccount(username,
+ AuthenticationSource.INTERNAL);
LoginProcessBean.removeBean(request);
}
@@ -299,7 +301,8 @@ public class Authenticate extends VitroHttpServlet {
String username, String newPassword) {
log.debug("Completed login: " + username + ", password changed.");
getAuthenticator(request).recordNewPassword(username, newPassword);
- getAuthenticator(request).recordLoginAgainstUserAccount(username);
+ getAuthenticator(request).recordLoginAgainstUserAccount(username,
+ AuthenticationSource.INTERNAL);
LoginProcessBean.removeBean(request);
}
diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java
index 367cbebd7..b65623995 100644
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java
@@ -12,6 +12,7 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
@@ -138,12 +139,13 @@ public class AuthenticatorStub extends Authenticator {
}
@Override
- public void recordLoginAgainstUserAccount(String username) {
+ public void recordLoginAgainstUserAccount(String username,
+ AuthenticationSource authSource) {
recordedLogins.add(username);
User user = getUserByUsername(username);
LoginStatusBean lsb = new LoginStatusBean(user.getURI(), username,
- parseUserSecurityLevel(user.getRoleURI()));
+ parseUserSecurityLevel(user.getRoleURI()), authSource);
LoginStatusBean.setBean(request.getSession(), lsb);
}
@@ -177,7 +179,7 @@ public class AuthenticatorStub extends Authenticator {
@Override
public void recordLoginWithoutUserAccount(String username,
- String individualUri) {
+ String individualUri, AuthenticationSource authSource) {
throw new RuntimeException(
"AuthenticatorStub.recordLoginWithoutUserAccount() not implemented.");
}
diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java
index eb5c2065f..f0ab2968b 100644
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java
@@ -24,11 +24,11 @@ import stubs.javax.servlet.http.HttpServletRequestStub;
import stubs.javax.servlet.http.HttpServletResponseStub;
import stubs.javax.servlet.http.HttpSessionStub;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.AuthenticatorStub;
-import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State;
@@ -56,7 +56,8 @@ public class AuthenticateTest extends AbstractTestClass {
private static final String URL_SELF_EDITOR_PAGE = "/individual?uri=selfEditorURI";
private static final LoginStatusBean LOGIN_STATUS_DBA = new LoginStatusBean(
- USER_DBA_URI, USER_DBA_NAME, LoginStatusBean.DBA);
+ USER_DBA_URI, USER_DBA_NAME, LoginStatusBean.DBA,
+ AuthenticationSource.INTERNAL);
private AuthenticatorStub authenticator;
private ServletContextStub servletContext;
@@ -91,7 +92,7 @@ public class AuthenticateTest extends AbstractTestClass {
auth = new Authenticate();
auth.init(servletConfig);
-
+
}
private User createNewDbaUser() {