trustAuthentication

b3083adf · MaxKey单点登录官方 · 5175a63a · b3083adf · b3083adf
2 changed file
--- a/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
@@ -133,5 +133,44 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
        }
    }

+    /**
+     * trustAuthentication.
+     * @param username String
+     * @param type String
+     * @param provider String
+     * @param code String
+     * @param message String
+     * @return boolean
+     */
+    public  Authentication trustAuthentication(String username, 
+                                            String type, 
+                                            String provider, 
+                                            String code,
+                                            String message) {
+        UserInfo loadeduserInfo = loadUserInfo(username, "");
+        if (loadeduserInfo != null) {
+            WebContext.setUserInfo(loadeduserInfo);
+            BasicAuthentication authentication = new BasicAuthentication();
+            authentication.setUsername(loadeduserInfo.getUsername());
+            UsernamePasswordAuthenticationToken authenticationToken =
+                    new UsernamePasswordAuthenticationToken(
+                            authentication, 
+                            "PASSWORD", 
+                            authenticationRealm.grantAuthority(loadeduserInfo)
+                    );
+
+            authentication.setAuthenticated(true);
+            WebContext.setAuthentication(authenticationToken);
+            WebContext.setUserInfo(loadeduserInfo);
+
+            authenticationRealm.insertLoginHistory(loadeduserInfo, type, provider, code, message);
+            
+            return authenticationToken;
+        }else {
+            String i18nMessage = WebContext.getI18nValue("login.error.username");
+            _logger.debug("login user  " + username + " not in this System ." + i18nMessage);
+            throw new BadCredentialsException(WebContext.getI18nValue("login.error.username"));
+        }
+    }
  
 }
--- a/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
@@ -28,8 +28,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import org.apache.commons.logging.LogFactory;
-import org.maxkey.authn.BasicAuthentication;
-import org.maxkey.authn.realm.AbstractAuthenticationRealm;
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.domain.UserInfo;
 import org.maxkey.util.DateUtils;
@@ -38,7 +37,6 @@ import org.maxkey.web.message.Message;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.context.ApplicationContext;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
@@ -121,27 +119,12 @@ public final class WebContext {
                                            String provider, 
                                            String code,
                                            String message) {
-        AbstractAuthenticationRealm authenticationRealm = 
-                (AbstractAuthenticationRealm) getBean("authenticationRealm");
-        UserInfo loadeduserInfo = authenticationRealm.loadUserInfo(username, "");
-        if (loadeduserInfo != null) {
-            setUserInfo(loadeduserInfo);
-            BasicAuthentication authentication = new BasicAuthentication();
-            authentication.setUsername(loadeduserInfo.getUsername());
-            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
-                    new UsernamePasswordAuthenticationToken(
-                            authentication, 
-                            "PASSWORD", 
-                            authenticationRealm.grantAuthority(loadeduserInfo)
-                    );
-
-            authentication.setAuthenticated(true);
-            WebContext.setAuthentication(usernamePasswordAuthenticationToken);
-            WebContext.setUserInfo(loadeduserInfo);
-
-            authenticationRealm.insertLoginHistory(loadeduserInfo, type, provider, code, message);
-        }
-        return true;
+        
+        RealmAuthenticationProvider authenticationProvider = 
+                (RealmAuthenticationProvider) getBean("authenticationProvider");
+        authenticationProvider.trustAuthentication(username, type, provider, code, message);
+        
+        return isAuthenticated();
    }

    public static void setAuthentication(Authentication authentication) {