1
2
3
4
5
6 package pt.digitalis.dif.controller;
7
8 import java.util.Map;
9 import java.util.Map.Entry;
10
11 import pt.digitalis.dif.controller.interfaces.IAuthenticationPlugin;
12 import pt.digitalis.dif.controller.interfaces.IControllerCleanupTask;
13 import pt.digitalis.dif.controller.interfaces.IDIFContext;
14 import pt.digitalis.dif.controller.interfaces.IDIFDispatcher;
15 import pt.digitalis.dif.controller.interfaces.IDIFRequest;
16 import pt.digitalis.dif.controller.interfaces.IDIFSession;
17 import pt.digitalis.dif.controller.interfaces.IPrivateDIFSession;
18 import pt.digitalis.dif.controller.objects.Constants;
19 import pt.digitalis.dif.controller.objects.ControllerExecutionStep;
20 import pt.digitalis.dif.controller.objects.DIFContext;
21 import pt.digitalis.dif.controller.objects.DIFResponse;
22 import pt.digitalis.dif.controller.objects.DIFSession;
23 import pt.digitalis.dif.controller.objects.DispatcherAuthenticationResult;
24 import pt.digitalis.dif.controller.objects.SSOInfo;
25 import pt.digitalis.dif.controller.security.managers.IAuthenticationManager;
26 import pt.digitalis.dif.controller.security.managers.IAuthorizationManager;
27 import pt.digitalis.dif.controller.security.managers.IIdentityManager;
28 import pt.digitalis.dif.controller.security.managers.ISessionManager;
29 import pt.digitalis.dif.controller.security.objects.IDIFUser;
30 import pt.digitalis.dif.dem.DEMRegistryImpl;
31 import pt.digitalis.dif.dem.annotations.controller.Channel;
32 import pt.digitalis.dif.dem.interfaces.IStage;
33 import pt.digitalis.dif.dem.interfaces.IStageInstance;
34 import pt.digitalis.dif.dem.managers.IMessageManager;
35 import pt.digitalis.dif.dem.objects.ViewObject;
36 import pt.digitalis.dif.dem.objects.messages.MessageList;
37 import pt.digitalis.dif.exception.controller.BusinessFlowException;
38 import pt.digitalis.dif.exception.controller.ControllerException;
39 import pt.digitalis.dif.exception.controller.LicenseViolationException;
40 import pt.digitalis.dif.exception.controller.SessionTimeoutException;
41 import pt.digitalis.dif.exception.controller.UserHasNoAccessToStage;
42 import pt.digitalis.dif.exception.security.AuthenticationManagerException;
43 import pt.digitalis.dif.exception.security.IdentityManagerException;
44 import pt.digitalis.dif.ioc.DIFIoCRegistry;
45 import pt.digitalis.dif.startup.DIFInitializer;
46 import pt.digitalis.dif.startup.DIFStartupConfiguration;
47 import pt.digitalis.dif.utils.logging.DIFLogger;
48 import pt.digitalis.utils.common.StringUtils;
49 import pt.digitalis.utils.config.IConfigurations;
50
51 import com.newrelic.api.agent.NewRelic;
52 import com.newrelic.api.agent.Trace;
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68 abstract public class AbstractDIFDispatcher implements IDIFDispatcher {
69
70
71 final public static String INVALID_STAGE_ERROR_MESSAGE = "The stage is not registered in the DEM. Check the stage id.";
72
73
74 static IMessageManager messageManager;
75
76
77 static private MessageList messages;
78
79
80
81
82
83
84 static private IMessageManager getMessageManager()
85 {
86 if (messageManager == null)
87 messageManager = DIFIoCRegistry.getRegistry().getImplementation(IMessageManager.class);
88
89 return messageManager;
90 }
91
92
93
94
95
96
97
98
99
100
101 static public final void performCleanup(IDIFContext context, boolean success) throws ControllerException
102 {
103 ControllerException controllerException = null;
104
105 for (IControllerCleanupTask task: DIFIoCRegistry.getRegistry().getImplementations(IControllerCleanupTask.class))
106 try
107 {
108 task.doTask(context, success);
109 }
110 catch (Exception e)
111 {
112 if (controllerException == null)
113 controllerException = new ControllerException(ControllerExecutionStep.DISPATCHER_CONCLUDE, e);
114 }
115
116 if (controllerException != null)
117 throw controllerException;
118 }
119
120
121 protected ControllerException authenticationException = null;
122
123
124 private String channelID = null;
125
126
127 protected IDIFContext difContext;
128
129
130 protected IAuthenticationManager theAuthenticationManager;
131
132
133 protected IAuthorizationManager theAuthorizationManager;
134
135
136 protected IConfigurations theConfigurations;
137
138
139 protected IIdentityManager theIdentityManager;
140
141
142 protected ISessionManager theSessionManager;
143
144
145 protected IStage theStage;
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162 public AbstractDIFDispatcher(IIdentityManager theIdentityManager, IAuthenticationManager theAuthenticationManager,
163 IAuthorizationManager theAuthorizationManager, ISessionManager theSessionManager,
164 IConfigurations theConfigurationManager)
165 {
166 this.theIdentityManager = theIdentityManager;
167 this.theAuthorizationManager = theAuthorizationManager;
168 this.theSessionManager = theSessionManager;
169 this.theConfigurations = theConfigurationManager;
170 this.theAuthenticationManager = theAuthenticationManager;
171 }
172
173
174
175
176
177
178
179
180 @Trace(metricName = "DIF:Dispatcher:Authenticate", dispatcher = true)
181 protected void authenticate() throws ControllerException
182 {
183
184 this.preAuthentication();
185
186 DispatcherAuthenticationResult authenticationResult = this.performAuthentication();
187
188 this.postAuthentication(authenticationResult);
189 }
190
191
192
193
194
195
196
197
198 @Trace(metricName = "DIF:Dispatcher:Authorize", dispatcher = true)
199 protected void authorize() throws ControllerException
200 {
201 IDIFSession session = null;
202 IDIFUser user = null;
203 boolean authorized = false;
204 String reason = "";
205 Exception exception = null;
206
207 try
208 {
209 session = this.getContext().getSession();
210
211 if (session != null)
212 {
213 user = session.getUser();
214
215 if (user != null)
216 {
217 if (user.canAccess(this.getStage()))
218 {
219 authorized = true;
220 }
221 else
222 {
223 authorized = false;
224 reason = getMessages().get("noAccess").replace("${user}", "\"" + user.getID() + "\"")
225 .replace("${name}", this.getStage().getName());
226 }
227 }
228 else
229 {
230 if (!theAuthorizationManager.hasAccessPublic(this.getStage()))
231 {
232 authorized = false;
233 reason = getMessages().get("noAccess").replace("${user}", "")
234 .replace("${name}", this.getStage().getName());
235 }
236 else
237 authorized = true;
238 }
239 }
240 else
241 {
242
243
244 authorized = false;
245 reason = getMessages().get("noSession").replace("${name}", this.getStage().getName());
246 }
247
248 }
249 catch (RuntimeException runtimeException)
250 {
251 authorized = false;
252 exception = runtimeException;
253 }
254
255 if (!authorized)
256 {
257 UserHasNoAccessToStage controllerException = new UserHasNoAccessToStage(
258 ControllerExecutionStep.DISPATCHER_AUTHORIZATION, reason, exception);
259
260 controllerException.addToExceptionContext("Context", this.getContext());
261
262 throw controllerException;
263 }
264 }
265
266
267
268
269
270
271 protected boolean checkLicense()
272 {
273 return this.getStage().isRegistered();
274 }
275
276
277
278
279
280
281
282
283
284
285 protected void conclude() throws ControllerException
286 {
287 try
288 {
289 ((IPrivateDIFSession) this.getContext().getRequest().getSession()).forceKeepAlive();
290
291 theSessionManager.update(this.getContext().getSession());
292 }
293 catch (RuntimeException runtimeException)
294 {
295 ControllerException controllerException = new ControllerException(
296 ControllerExecutionStep.DISPATCHER_CONCLUDE, runtimeException);
297
298 controllerException.addToExceptionContext("Context", this.getContext());
299
300 throw controllerException;
301 }
302 }
303
304
305
306
307
308
309
310
311
312
313 final private DIFContext createContext(IDIFRequest difRequest) throws ControllerException
314 {
315 DIFContext theContext = null;
316
317 try
318 {
319 theContext = new DIFContext();
320
321 theContext.setStage(difRequest.getStage());
322 theContext.setRequest(difRequest);
323
324 return theContext;
325
326 }
327 catch (RuntimeException runtimeException)
328 {
329 ControllerException controllerException = new ControllerException(
330 ControllerExecutionStep.DISPATCHER_CREATE_CONTEXT, runtimeException);
331
332 controllerException.addToExceptionContext("Context", theContext);
333
334 throw controllerException;
335 }
336
337 }
338
339
340
341
342
343
344
345
346
347
348 protected DIFResponse createResponse(IStageInstance stageInstance) throws ControllerException
349 {
350 try
351 {
352 DIFResponse difResponse = new DIFResponse();
353
354 difResponse.setView(this.getContext().getView());
355 difResponse.setResultMessage(this.getContext().getResultMessage());
356 difResponse.setStageResults(this.getContext().getStageResults());
357 difResponse.setRequest(this.getContext().getRequest());
358 difResponse.setStageInstance(stageInstance);
359
360 return difResponse;
361 }
362 catch (RuntimeException runtimeException)
363 {
364 ControllerException controllerException = new ControllerException(
365 ControllerExecutionStep.DISPATCHER_CREATE_RESPONSE, runtimeException);
366
367 controllerException.addToExceptionContext("Context", this.getContext());
368 controllerException.addToExceptionContext("Stage Instance", stageInstance);
369
370 throw controllerException;
371 }
372 }
373
374
375
376
377 final public DIFResponse dispatch(IDIFRequest difRequest) throws BusinessFlowException, ControllerException
378 {
379
380 DIFInitializer.initialize(true, true);
381
382
383 this.setContext(createContext(difRequest));
384
385
386 DIFResponse difResponse = null;
387 IStageInstance stageInstance = null;
388 boolean firstTime = true;
389
390 while (firstTime || this.getContext().hasRedirection())
391 {
392 if (!firstTime)
393 {
394 try
395 {
396 this.getContext().handleRedirection();
397
398 if (stageInstance != null)
399 stageInstance.setContext(this.getContext());
400
401 }
402 catch (RuntimeException runtimeException)
403 {
404 ControllerException controllerException = new ControllerException(
405 ControllerExecutionStep.DISPATCHER_REDIRECTION, runtimeException);
406
407 controllerException.addToExceptionContext("Context", this.getContext());
408
409 throw controllerException;
410 }
411 }
412 try
413 {
414
415 stageInstance = runDispatchingSteps(!firstTime);
416
417 }
418 catch (ControllerException exception)
419 {
420
421 if (ControllerExecutionStep.DISPATCHER_AUTHORIZATION.equals(exception.getStep()))
422 {
423
424
425 handleNonAuthorizedAccess(stageInstance, exception);
426 }
427 else
428 throw exception;
429 }
430 firstTime = false;
431 }
432
433
434 difResponse = createResponse(stageInstance);
435
436 return difResponse;
437 }
438
439
440
441
442
443
444
445 protected void doAfterLogin(SSOInfo ssoInfo)
446 {
447
448 }
449
450
451
452
453
454
455
456 protected void doAfterLogout(SSOInfo ssoInfo)
457 {
458
459 }
460
461
462
463
464
465
466
467
468
469
470 @Trace(metricName = "DIF:Dispatcher:Execute", dispatcher = true)
471 protected IStageInstance execute() throws BusinessFlowException, ControllerException
472 {
473 IStageInstance stage = null;
474 ViewObject theView = null;
475
476 try
477 {
478 stage = this.getStage().getInstance();
479
480
481 if (stage.hasAuthenticationErrorInjection())
482 stage.setAuthenticationError(getAuthenticationException());
483
484
485 stage._CG_init(this.getContext());
486
487 if (!stage.hasParameterErrorInjection() && stage.getParameterErrors().hasErrors())
488 DIFLogger.getLogger().warn(
489 "There were errors in the parameter validation witch will be ignored since"
490 + " there is no @InjectParameterErrors anotated attribute on the stage "
491 + stage.getID());
492
493
494 theView = stage._CG_execute(this.getContext());
495
496
497 stage._CG_finalize(this.getContext());
498
499
500 this.getContext().setView(theView);
501
502
503 this.getContext().getSession().getNavigationHistory().addStage(stage);
504
505 return stage;
506 }
507 catch (RuntimeException runtimeException)
508 {
509 ControllerException controllerException = new ControllerException(
510 ControllerExecutionStep.DISPATCHER_EXECUTE, runtimeException);
511
512 controllerException.addToExceptionContext("Context", this.getContext());
513 controllerException.addToExceptionContext("Stage", stage);
514 controllerException.addToExceptionContext("View object to Render", theView);
515
516 throw controllerException;
517 }
518 }
519
520
521
522
523 public ControllerException getAuthenticationException()
524 {
525 return authenticationException;
526 }
527
528
529
530
531 public String getChannelID()
532 {
533 if (channelID == null)
534 channelID = this.getClass().getAnnotation(Channel.class).value();
535
536 return channelID;
537 }
538
539
540
541
542
543
544 protected IDIFContext getContext()
545 {
546 return this.difContext;
547 }
548
549
550
551
552
553
554 protected IIdentityManager getIdentityManager()
555 {
556 return this.theIdentityManager;
557 }
558
559
560
561
562
563
564 protected Map<String, String> getMessages()
565 {
566
567 if (messages == null)
568 {
569 messages = getMessageManager().collectEntityMessagesFromRepository(AbstractDIFDispatcher.class);
570 }
571
572 return messages.getMessages(getContext().getLanguage());
573 }
574
575
576
577
578
579
580 protected SSOInfo getSSOInfo()
581 {
582
583 return null;
584 }
585
586
587
588
589
590
591 private IStage getStage()
592 {
593 return this.theStage;
594 }
595
596
597
598
599
600
601
602
603
604
605 protected boolean handleException(Exception exception) throws BusinessFlowException, ControllerException
606 {
607
608 performCleanup(this.getContext(), false);
609
610 if (ExceptionHandlers.hasHandler(exception))
611 {
612 ExceptionHandlers.handleException(this.getContext(), exception);
613
614 return true;
615 }
616 else
617 return false;
618 }
619
620
621
622
623
624
625
626
627
628
629
630 abstract protected void handleNonAuthorizedAccess(IStageInstance stageInstance, ControllerException exception)
631 throws ControllerException;
632
633
634
635
636
637
638
639 protected DispatcherAuthenticationResult performAuthentication() throws ControllerException
640 {
641 DispatcherAuthenticationResult dispatcherResult = DispatcherAuthenticationResult.NO_ACTION;
642
643 if (this.getContext().getSession().isLogged())
644 {
645
646
647
648 if ("true".equals(this.getContext().getRequest().getParameter(IDIFRequest.LOGOUT_PARAMETER_ID)))
649 {
650
651 String providerId = (String) this.getContext().getSession()
652 .getAttribute(DIFSession.REMOTE_AUTHENTICATION_PROVIDER_LOGOUT);
653 if (providerId != null)
654 {
655 String title = getMessages().get("remoteAuthenticationLogoutTitle").replace("${providerid}",
656 providerId);
657 String text = getMessages().get("remoteAuthenticationLogoutText").replace("${providerid}",
658 providerId);
659
660 this.getContext().addResultMessage("warn", title, text, true);
661 this.getContext().getSession().addAttribute(DIFSession.REMOTE_AUTHENTICATION_PROVIDER_LOGOUT, null);
662 }
663
664 theSessionManager.logOut(this.getContext().getSession().getSessionID());
665 dispatcherResult = DispatcherAuthenticationResult.LOGOUT;
666 }
667 }
668
669
670
671
672 else if (this.getStage().hasAuthentication())
673 {
674 Object userID = null;
675 Object suppliedPassword = null;
676 String reason = "";
677 Exception exception = null;
678
679 try
680 {
681
682 userID = this.getContext().getRequest().getParameter(IDIFRequest.USER_PARAMETER_ID);
683 suppliedPassword = this.getContext().getRequest().getParameter(IDIFRequest.PASSWORD_PARAMETER_ID);
684
685
686 if (this.getContext().getSession().isLogged()
687 && this.getContext().getSession().getUser().getID().equals(userID))
688 {
689
690
691 userID = null;
692 suppliedPassword = null;
693 }
694
695 if ((userID == null || suppliedPassword == null)
696 && dispatcherResult == DispatcherAuthenticationResult.NO_ACTION)
697
698
699 return dispatcherResult;
700 else
701 {
702
703
704 if (userID != null && suppliedPassword != null
705 && this.validateUserCredentials(userID.toString(), suppliedPassword.toString()))
706 {
707
708 IDIFSession session = theSessionManager.logIn(getContext().getSession().getSessionID(),
709 userID.toString(), suppliedPassword.toString());
710 this.difContext.setSession(session);
711
712 if (session.isLogged())
713 {
714 dispatcherResult = DispatcherAuthenticationResult.LOGIN;
715 }
716 else
717 {
718 dispatcherResult = DispatcherAuthenticationResult.FAILED;
719
720 reason = getMessages().get("failedWithGoodUser");
721 }
722 }
723 else
724 {
725
726
727 dispatcherResult = DispatcherAuthenticationResult.FAILED;
728
729 if (userID != null && this.getIdentityManager().userExists(userID.toString()))
730 reason = getMessages().get("wrongPass");
731 else
732 reason = getMessages().get("noUser");
733 }
734 }
735 }
736 catch (IdentityManagerException identityManagerException)
737 {
738
739 dispatcherResult = DispatcherAuthenticationResult.FAILED;
740 reason = "Could not access identity manager to validate the user's credentials! ";
741 exception = identityManagerException;
742 }
743 catch (AuthenticationManagerException authenticationManagerException)
744 {
745
746 dispatcherResult = DispatcherAuthenticationResult.FAILED;
747 reason = "Could not access authentication manager to validate the user's credentials! ";
748 exception = authenticationManagerException;
749 }
750 catch (RuntimeException runtimeException)
751 {
752
753 dispatcherResult = DispatcherAuthenticationResult.FAILED;
754 reason = null;
755 exception = runtimeException;
756 }
757 catch (ControllerException controllerException)
758 {
759 dispatcherResult = DispatcherAuthenticationResult.FAILED;
760 reason = controllerException.getMessage();
761 exception = controllerException;
762 }
763
764 if (dispatcherResult != DispatcherAuthenticationResult.FAILED)
765 {
766 return dispatcherResult;
767 }
768 else
769 {
770 ControllerException controllerException;
771 if (exception instanceof ControllerException)
772 {
773 controllerException = (ControllerException) exception;
774 }
775 else
776 {
777
778 controllerException = new ControllerException(ControllerExecutionStep.DISPATCHER_AUTHENTICATION,
779 reason, exception);
780
781 controllerException.addToExceptionContext("Context", this.getContext());
782 controllerException.addToExceptionContext("Supplied User ID", userID);
783
784 if (suppliedPassword != null)
785 controllerException.addToExceptionContext("Supplied User Password",
786 StringUtils.getRepeatedString("*", suppliedPassword.toString().length()));
787 }
788 if (reason != null)
789 {
790
791
792 if (this.getStage().hasAuthenticationErrorInjection())
793 {
794
795
796
797 setAuthenticationException(controllerException);
798
799 return dispatcherResult;
800
801 }
802 else
803
804 throw controllerException;
805
806 }
807 else
808 {
809 throw controllerException;
810 }
811 }
812 }
813
814 return dispatcherResult;
815 }
816
817
818
819
820
821
822
823 protected void postAuthentication(DispatcherAuthenticationResult result)
824 {
825 if (result != DispatcherAuthenticationResult.NO_ACTION)
826 {
827
828 for (Entry<String, IAuthenticationPlugin> entry: DIFIoCRegistry.getRegistry()
829 .getImplementationsMap(IAuthenticationPlugin.class).entrySet())
830 {
831
832 if (result == DispatcherAuthenticationResult.LOGIN)
833 entry.getValue().doAfterLogin(this.getContext());
834
835 else if (result == DispatcherAuthenticationResult.LOGOUT)
836 entry.getValue().doAfterLogout(this.getContext());
837 }
838 }
839
840 String providerId = (String) this.getContext().getSession()
841 .getAttribute(DIFSession.REMOTE_AUTHENTICATION_PROVIDER_LOGIN);
842
843
844 if (providerId != null)
845 {
846 String title = getMessages().get("remoteAuthenticationLoginTitle").replace("${providerid}", providerId);
847 String text = getMessages().get("remoteAuthenticationLoginText").replace("${providerid}", providerId);
848
849 this.getContext().addResultMessage("warn", title, text, true);
850 this.getContext().getSession().addAttribute(DIFSession.REMOTE_AUTHENTICATION_PROVIDER_LOGIN, null);
851 this.getContext().getSession().addAttribute(DIFSession.REMOTE_AUTHENTICATION_PROVIDER_LOGOUT, providerId);
852 }
853
854 }
855
856
857
858
859 protected void preAuthentication()
860 {
861
862 for (Entry<String, IAuthenticationPlugin> entry: DIFIoCRegistry.getRegistry()
863 .getImplementationsMap(IAuthenticationPlugin.class).entrySet())
864 {
865
866 entry.getValue().doBeforeLogin(this.getContext());
867
868 entry.getValue().doBeforeLogout(this.getContext());
869 }
870 }
871
872
873
874
875
876
877
878
879
880
881
882
883
884 @Trace(metricName = "DIF:Dispatcher", dispatcher = true)
885 final private IStageInstance runDispatchingSteps(Boolean isRedirection) throws BusinessFlowException,
886 ControllerException
887 {
888 IStageInstance stageInstance = null;
889
890 try
891 {
892
893 this.setStage(DEMRegistryImpl.getRegistry().getStage(this.getContext().getStage()));
894
895
896
897
898
899
900 validate(isRedirection);
901
902
903 authenticate();
904
905
906 if (DIFStartupConfiguration.getTestingMode() || DIFStartupConfiguration.getDeveloperMode())
907 {
908 IDIFUser user = this.getContext().getSession().getUser();
909
910 if (user != null)
911 NewRelic.addCustomParameter("User", user.getID() + " [" + user.getName() + "]");
912 }
913
914
915 if (this.getStage().hasAuthorization())
916 authorize();
917
918
919 stageInstance = execute();
920
921
922 conclude();
923
924 performCleanup(this.getContext(), true);
925
926 }
927 catch (BusinessFlowException e)
928 {
929 if (!handleException(e))
930 throw e;
931 }
932 catch (ControllerException e)
933 {
934 if (!handleException(e))
935 throw e;
936 }
937 catch (Exception e)
938 {
939 if (!handleException(e))
940 throw new ControllerException(ControllerExecutionStep.DISPATCHER_EXECUTE, e);
941 }
942 finally
943 {
944
945
946
947 if (this.getContext().getSession().isMarkedForRemoval())
948 {
949 this.getContext().setSession(
950 theSessionManager.createSession(this.getContext().getSession().getSessionID()));
951 theSessionManager.logOut(this.getContext().getSession().getSessionID());
952 postAuthentication(DispatcherAuthenticationResult.LOGOUT);
953 }
954
955 }
956
957 return stageInstance;
958 }
959
960
961
962
963
964 public void setAuthenticationException(ControllerException authenticationException)
965 {
966 this.authenticationException = authenticationException;
967 }
968
969
970
971
972
973
974
975 private void setContext(DIFContext newContext)
976 {
977 this.difContext = newContext;
978 }
979
980
981
982
983
984
985
986 private void setStage(IStage newStage)
987 {
988 this.theStage = newStage;
989 }
990
991
992
993
994
995
996
997
998
999
1000 @Trace(metricName = "DIF:Dispatcher:Validate", dispatcher = true)
1001 final protected void validate(Boolean isRedirection) throws ControllerException
1002 {
1003 try
1004 {
1005 if (this.getStage() == null)
1006 {
1007
1008 ControllerException exception = new ControllerException(
1009 ControllerExecutionStep.DISPATCHER_VALIDATE_REQUEST, INVALID_STAGE_ERROR_MESSAGE);
1010 exception.addToExceptionContext("Stage", getContext().getStage());
1011
1012 throw exception;
1013 }
1014
1015 if (!isRedirection && this.getContext().getSession().hasTimedOut()
1016 && this.getContext().getSession().isLogged()
1017 && !"true".equals(this.getContext().getRequest().getParameter(IDIFRequest.LOGOUT_PARAMETER_ID))
1018 && !this.getContext().getRequest().isAjaxMode() && !this.getContext().getRequest().isTemplateMode())
1019 {
1020 SessionTimeoutException exception = new SessionTimeoutException(
1021 ControllerExecutionStep.DISPATCHER_VALIDATE_REQUEST);
1022 exception.addToExceptionContext("Stage", getContext().getStage());
1023
1024 ((IPrivateDIFSession) (this.getContext().getSession())).setMarkedForRemoval(true);
1025
1026 throw exception;
1027 }
1028
1029 Object invalidBrowserFlagAccepted = this.getContext().getSession()
1030 .getAttribute(Constants.INVALID_BROWSER_ACCEPTED);
1031 Object clientValidations = this.getContext().getRequest()
1032 .getAttribute(IDIFRequest.CLIENT_VALIDATIONS_ATTRIBUTE_ID);
1033 Boolean allowClientValidations = true;
1034 if (clientValidations != null)
1035 {
1036 allowClientValidations = (Boolean) clientValidations;
1037 }
1038
1039 if (!this.getContext().getRequest().isComponentMode() && !this.getContext().getRequest().isTemplateMode()
1040 && invalidBrowserFlagAccepted == null
1041 && !this.getContext().getRequest().getClient().getSupportedBrowser()
1042 && this.getContext().getStage() != "BrowserValidator" && allowClientValidations)
1043 this.getContext().redirectTo("BrowserValidator");
1044
1045 if (!checkLicense())
1046 {
1047 LicenseViolationException exception = new LicenseViolationException(
1048 ControllerExecutionStep.DISPATCHER_VALIDATE_REQUEST);
1049 exception.addToExceptionContext("Stage", getContext().getStage());
1050
1051 throw exception;
1052 }
1053 }
1054 catch (RuntimeException runtimeException)
1055 {
1056 ControllerException controllerException = new ControllerException(
1057 ControllerExecutionStep.DISPATCHER_VALIDATE_REQUEST, runtimeException);
1058
1059 controllerException.addToExceptionContext("Context", this.getContext());
1060 controllerException.addToExceptionContext("Stage", this.getContext());
1061
1062 throw controllerException;
1063 }
1064 }
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078 protected boolean validateUserCredentials(String userId, String password) throws IdentityManagerException,
1079 ControllerException
1080 {
1081 boolean result = this.getIdentityManager().isIdentityValid(userId, password);
1082
1083 if (result)
1084 {
1085
1086 for (Entry<String, IAuthenticationPlugin> entry: DIFIoCRegistry.getRegistry()
1087 .getImplementationsMap(IAuthenticationPlugin.class).entrySet())
1088 {
1089
1090 result = entry.getValue().validateUser(this.getContext(), userId, password);
1091 if (!result)
1092 {
1093 break;
1094 }
1095 }
1096 }
1097
1098 return result;
1099 }
1100 }