NIHVIVO-1207 Add authenticationSource field to LoginStatusBean, so we can tell whether the user logged in via internal or external credentials.

webapp/src/edu/cornell/mannlib/vedit/beans/LoginStatusBean.java

@@ -35,7 +35,7 @@ public class LoginStatusBean {
 
 	/** A bean to return when the user has not logged in. */
 	private static final LoginStatusBean DUMMY_BEAN = new LoginStatusBean("",
-			"", ANYBODY);
+			"", ANYBODY, AuthenticationSource.UNKNOWN);
 
 	/** The bean is attached to the session by this name. */
 	private static final String ATTRIBUTE_NAME = "loginStatus";
@@ -95,14 +95,21 @@ public class LoginStatusBean {
 	// the bean
 	// ----------------------------------------------------------------------
 
+	public enum AuthenticationSource {
+		UNKNOWN, INTERNAL, EXTERNAL
+	}
+
 	private final String userURI;
 	private final String username;
 	private final int securityLevel;
+	private final AuthenticationSource authenticationSource;
 
-	public LoginStatusBean(String userURI, String username, int securityLevel) {
+	public LoginStatusBean(String userURI, String username, int securityLevel,
+			AuthenticationSource authenticationSource) {
 		this.userURI = userURI;
 		this.username = username;
 		this.securityLevel = securityLevel;
+		this.authenticationSource = authenticationSource;
 	}
 
 	public String getUserURI() {
@@ -117,6 +124,10 @@ public class LoginStatusBean {
 		return securityLevel;
 	}
 
+	public AuthenticationSource getAuthenticationSource() {
+		return authenticationSource;
+	}
+
 	public boolean isLoggedIn() {
 		return securityLevel > ANYBODY;
 	}
@@ -129,10 +140,15 @@ public class LoginStatusBean {
 		return securityLevel >= minimumLevel;
 	}
 
+	public boolean hasExternalAuthentication() {
+		return authenticationSource == AuthenticationSource.EXTERNAL;
+	}
+
 	@Override
 	public String toString() {
 		return "LoginStatusBean[userURI=" + userURI + ", username=" + username
-				+ ", securityLevel=" + securityLevel + "]";
+				+ ", securityLevel=" + securityLevel
+				+ ", authenticationSource=" + authenticationSource + "]";
 	}
 
 }

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java

@@ -6,6 +6,7 @@ import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
 
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
 import edu.cornell.mannlib.vitro.webapp.beans.User;
 
 /**
@@ -86,7 +87,8 @@ public abstract class Authenticator {
 	 * - notify other users of the model
 	 * </pre>
 	 */
-	public abstract void recordLoginAgainstUserAccount(String username);
+	public abstract void recordLoginAgainstUserAccount(String username,
+			AuthenticationSource authSource);
 
 	/**
 	 * <pre>
@@ -96,7 +98,7 @@ public abstract class Authenticator {
 	 * </pre>
 	 */
 	public abstract void recordLoginWithoutUserAccount(String username,
-			String individualUri);
+			String individualUri, AuthenticationSource authSource);
 
 	/**
 	 * <pre>

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java

@@ -16,6 +16,7 @@ import org.apache.commons.logging.LogFactory;
 
 import edu.cornell.mannlib.vedit.beans.LoginFormBean;
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
 import edu.cornell.mannlib.vitro.webapp.beans.User;
 import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
@@ -81,7 +82,8 @@ public class BasicAuthenticator extends Authenticator {
 	}
 
 	@Override
-	public void recordLoginAgainstUserAccount(String username) {
+	public void recordLoginAgainstUserAccount(String username,
+			AuthenticationSource authSource) {
 		User user = getUserByUsername(username);
 		if (user == null) {
 			log.error("Trying to record the login of a non-existent user: "
@@ -95,24 +97,26 @@ public class BasicAuthenticator extends Authenticator {
 		String roleUri = user.getRoleURI();
 		int securityLevel = parseUserSecurityLevel(user);
 		recordLoginWithOrWithoutUserAccount(username, userUri, roleUri,
-				securityLevel);
+				securityLevel, authSource);
 	}
 
 	@Override
 	public void recordLoginWithoutUserAccount(String username,
-			String individualUri) {
+			String individualUri, AuthenticationSource authSource) {
 		String roleUri = AuthRole.USER.roleUri();
 		int securityLevel = LoginStatusBean.NON_EDITOR;
 		recordLoginWithOrWithoutUserAccount(username, individualUri, roleUri,
-				securityLevel);
+				securityLevel, authSource);
 	}
 
 	/** This much is in common on login, whether or not you have a user account. */
 	private void recordLoginWithOrWithoutUserAccount(String username,
-			String userUri, String roleUri, int securityLevel) {
+			String userUri, String roleUri, int securityLevel,
+			AuthenticationSource authSource) {
 		HttpSession session = request.getSession();
 		createLoginFormBean(username, userUri, roleUri, session);
-		createLoginStatusBean(username, userUri, securityLevel, session);
+		createLoginStatusBean(username, userUri, securityLevel, authSource,
+				session);
 		setSessionTimeoutLimit(session);
 		recordInUserSessionMap(userUri, session);
 		notifyOtherUsers(userUri, session);
@@ -152,9 +156,10 @@ public class BasicAuthenticator extends Authenticator {
 	 * TODO this should eventually replace the LoginFormBean.
 	 */
 	private void createLoginStatusBean(String username, String userUri,
-			int securityLevel, HttpSession session) {
+			int securityLevel, AuthenticationSource authSource,
+			HttpSession session) {
 		LoginStatusBean lsb = new LoginStatusBean(userUri, username,
-				securityLevel);
+				securityLevel, authSource);
 		LoginStatusBean.setBean(session, lsb);
 		log.info("Adding status bean: " + lsb);
 	}

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java

@@ -13,6 +13,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
 import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
@@ -43,7 +44,8 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
 	@Override
 	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
 			throws ServletException, IOException {
-		String username = ExternalAuthHelper.getHelper(req).getExternalUsername(req);
+		String username = ExternalAuthHelper.getHelper(req)
+				.getExternalUsername(req);
 		String uri = getAssociatedIndividualUri(username, req);
 
 		if (username == null) {
@@ -52,12 +54,14 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
 					MESSAGE_LOGIN_FAILED);
 		} else if (getAuthenticator(req).isExistingUser(username)) {
 			log.debug("Logging in as " + username);
-			getAuthenticator(req).recordLoginAgainstUserAccount(username);
+			getAuthenticator(req).recordLoginAgainstUserAccount(username,
+					AuthenticationSource.EXTERNAL);
 			removeLoginProcessArtifacts(req);
 			loginRedirector.redirectLoggedInUser(req, resp);
 		} else if (uri != null) {
 			log.debug("Recognize '' as self-editor for " + uri);
-			getAuthenticator(req).recordLoginWithoutUserAccount(username, uri);
+			getAuthenticator(req).recordLoginWithoutUserAccount(username, uri,
+					AuthenticationSource.EXTERNAL);
 			removeLoginProcessArtifacts(req);
 			loginRedirector.redirectSelfEditingUser(req, resp, uri);
 		} else {

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java

@@ -26,6 +26,7 @@ import org.apache.commons.logging.LogFactory;
 import com.hp.hpl.jena.ontology.OntModel;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
 import edu.cornell.mannlib.vitro.webapp.beans.User;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
@@ -287,7 +288,8 @@ public class Authenticate extends VitroHttpServlet {
 	private void transitionToLoggedIn(HttpServletRequest request,
 			String username) {
 		log.debug("Completed login: " + username);
-		getAuthenticator(request).recordLoginAgainstUserAccount(username);
+		getAuthenticator(request).recordLoginAgainstUserAccount(username,
+				AuthenticationSource.INTERNAL);
 		LoginProcessBean.removeBean(request);
 	}
 
@@ -299,7 +301,8 @@ public class Authenticate extends VitroHttpServlet {
 			String username, String newPassword) {
 		log.debug("Completed login: " + username + ", password changed.");
 		getAuthenticator(request).recordNewPassword(username, newPassword);
-		getAuthenticator(request).recordLoginAgainstUserAccount(username);
+		getAuthenticator(request).recordLoginAgainstUserAccount(username,
+				AuthenticationSource.INTERNAL);
 		LoginProcessBean.removeBean(request);
 	}
 

webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java

@@ -12,6 +12,7 @@ import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
 import edu.cornell.mannlib.vitro.webapp.beans.User;
 import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
 
@@ -138,12 +139,13 @@ public class AuthenticatorStub extends Authenticator {
 	}
 
 	@Override
-	public void recordLoginAgainstUserAccount(String username) {
+	public void recordLoginAgainstUserAccount(String username,
+			AuthenticationSource authSource) {
 		recordedLogins.add(username);
 
 		User user = getUserByUsername(username);
 		LoginStatusBean lsb = new LoginStatusBean(user.getURI(), username,
-				parseUserSecurityLevel(user.getRoleURI()));
+				parseUserSecurityLevel(user.getRoleURI()), authSource);
 		LoginStatusBean.setBean(request.getSession(), lsb);
 	}
 
@@ -177,7 +179,7 @@ public class AuthenticatorStub extends Authenticator {
 
 	@Override
 	public void recordLoginWithoutUserAccount(String username,
-			String individualUri) {
+			String individualUri, AuthenticationSource authSource) {
 		throw new RuntimeException(
 				"AuthenticatorStub.recordLoginWithoutUserAccount() not implemented.");
 	}

webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java

@@ -24,11 +24,11 @@ import stubs.javax.servlet.http.HttpServletRequestStub;
 import stubs.javax.servlet.http.HttpServletResponseStub;
 import stubs.javax.servlet.http.HttpSessionStub;
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
 import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
 import edu.cornell.mannlib.vitro.webapp.beans.User;
 import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
 import edu.cornell.mannlib.vitro.webapp.controller.authenticate.AuthenticatorStub;
-import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
 import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
 import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State;
 
@@ -56,7 +56,8 @@ public class AuthenticateTest extends AbstractTestClass {
 	private static final String URL_SELF_EDITOR_PAGE = "/individual?uri=selfEditorURI";
 
 	private static final LoginStatusBean LOGIN_STATUS_DBA = new LoginStatusBean(
-			USER_DBA_URI, USER_DBA_NAME, LoginStatusBean.DBA);
+			USER_DBA_URI, USER_DBA_NAME, LoginStatusBean.DBA,
+			AuthenticationSource.INTERNAL);
 
 	private AuthenticatorStub authenticator;
 	private ServletContextStub servletContext;
@@ -91,7 +92,7 @@ public class AuthenticateTest extends AbstractTestClass {
 
 		auth = new Authenticate();
 		auth.init(servletConfig);
-		
+
 	}
 
 	private User createNewDbaUser() {