src/authentication/AbstractAuthenticator.java

   1 package authentication;
   2
   3 import util.SQLHelper;
   4
   5 /** Generic base class for the session authentication webservice.
   6  *
   7  * This is an abstract class with the generic code for the session
   8  * authentication web service. To integrate authentication for a user
   9  * account system, this class should be inherited. The abstract methods
  10  * should be implemented with the business logic applicable to the user
  11  * account system.
  12  *
  13  * @author Esben Zeuthen
  14  */
  15 public abstract class AbstractAuthenticator {
  16
  17         /** Get an empty array of credential fields.
  18          *
  19          * This function should be implemented to return an array of
  20          * empty credential fields applicable for the user account
  21          * system used.
  22          *
  23          * @return Array of credential objects defining the credentials
  24          *         needed for authentication.
  25          * @throws Exception
  26          */
  27         abstract public Credential[] getEmptyCredentials() throws Exception;
  28
  29         /** Authenticate session using with given credentials.
  30          *
  31          * Authenticate an already open session with set of credential
  32          * provided by the client.
  33          *
  34          * @param session_id    ID of the session to authenticate.
  35          * @param credentials   Client supplied credentials.
  36          *
  37          * @return Whether session could be authenticated.
  38          * @throws Exception
  39          */
  40         public boolean authenticate(String session_id, Credential[] credentials) throws Exception
  41         {
  42                 if (!checkCredentials(session_id, credentials))
  43                         return false;
  44
  45                 SQLHelper sql = null;
  46
  47                 try {
  48                         String auth = "update session set auth=1 where id=" + session_id;
  49
  50                         sql = new SQLHelper();
  51                         sql.openDB();
  52                         return sql.update(auth) == 1;
  53
  54                 } finally {
  55                         sql.closeDB();
  56                 }
  57         }
  58
  59         /** Check the credentials used for client authentication.
  60          *
  61          * This method should be implemented to check the credentials
  62          * used for client authentication.
  63          *
  64          * This is the integration point for custom user account
  65          * systems. It is also one of the places to perform integration
  66          * between the user account system and the mote reservation
  67          * system.
  68          *
  69          * @param session_id    ID of the session object; for use with
  70          *                      custom session attributes
  71          * @param credentials   The credentials supplied by the client
  72          *
  73          * @return authentication success or failure.
  74          * @throws Exception
  75          */
  76         abstract protected boolean checkCredentials(String session_id, Credential[] credentials) throws Exception;
  77 }