src/authentication/AbstractAuthenticator.java

   1 package authentication;
   2
   3 import util.SQLHelper;
   4
   5 /**
   6  * @author Esben Zeuthen
   7  * This is an abstract class with the generic code for the session authentication
   8  * web service. To integrate authentication for a user account system, this class should be
   9  * inherited. The abstract methods should be implemented with the business logic
  10  * applicable to the user account system.
  11  */
  12 public abstract class AbstractAuthenticator {
  13
  14         /** This function should be implemented to return an array of empty
  15          * credential fields applicable for the user account system used.
  16          * @return Array of credential objects defining the credentials needed for authentication.
  17          */
  18         abstract public Credential[] getEmptyCredentials() throws Exception;
  19
  20         public boolean authenticate(String session_id, Credential[] credentials) throws Exception
  21         {
  22                 boolean success = false;
  23                 if (!checkCredentials(session_id,credentials)) return success;
  24                 SQLHelper sql = null;
  25                 Exception ex = null;
  26                 try {
  27                         String auth = "update session set auth=1 where id="+session_id;
  28                         sql = new SQLHelper();
  29                         sql.openDB();
  30                         success = (sql.update(auth) == 1);
  31                 } catch (Exception e) {
  32                         ex = e;
  33                 } finally {
  34                         sql.closeDB();
  35                         if (ex != null)
  36                                 throw ex;
  37                 }
  38                 return success;
  39         }
  40
  41         /**
  42          * This method should be implemented to check the credentials used for client authentication.
  43          * This is the integration point for custom user account systems. It is also one of the places
  44          * to perform integration between the user account system and the mote reservation system.
  45          * @param session_id ID of the session object - for use with custom session attributes
  46          * @param credentials The credentials supplied by the client
  47          * @return authentication success or failure.
  48          */
  49         abstract protected boolean checkCredentials(String session_id,Credential[] credentials) throws Exception;
  50 }