[seam-commits] Seam SVN: r9079 - trunk/src/main/org/jboss/seam/security.

seam-commits at lists.jboss.org seam-commits at lists.jboss.org
Sun Sep 21 22:04:52 EDT 2008 

Author: shane.bryzak at jboss.com
Date: 2008-09-21 22:04:52 -0400 (Sun, 21 Sep 2008)
New Revision: 9079

Modified:
   trunk/src/main/org/jboss/seam/security/Identity.java
Log:
JBSEAM-3422

Modified: trunk/src/main/org/jboss/seam/security/Identity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/Identity.java	2008-09-22 01:46:37 UTC (rev 9078)
+++ trunk/src/main/org/jboss/seam/security/Identity.java	2008-09-22 02:04:52 UTC (rev 9079)
@@ -141,23 +141,41 @@
       return instance;
    }
    
+   /**
+    * Simple check that returns true if the user is logged in, without attempting to authenticate
+    * 
+    * @return true if the user is logged in
+    */
    public boolean isLoggedIn()
    {           
-      return isLoggedIn(true);
+      // If there is a principal set, then the user is logged in.
+      return getPrincipal() != null;
    }
    
+   /**
+    * Will attempt to authenticate quietly if the user's credentials are set and they haven't
+    * authenticated already.  A quiet authentication doesn't throw any exceptions if authentication
+    * fails.
+    * 
+    * @return true if the user is logged in, false otherwise
+    */
+   public boolean tryLogin()
+   {
+      if (!authenticating && getPrincipal() == null && credentials.isSet() &&
+            Contexts.isEventContextActive() &&
+            !Contexts.getEventContext().isSet(LOGIN_TRIED))
+        {
+           Contexts.getEventContext().set(LOGIN_TRIED, true);
+           quietLogin();
+        }     
+        
+        return isLoggedIn();      
+   }
+   
+   @Deprecated
    public boolean isLoggedIn(boolean attemptLogin)
    {
-      if (!authenticating && attemptLogin && getPrincipal() == null && credentials.isSet() &&
-          Contexts.isEventContextActive() &&
-          !Contexts.getEventContext().isSet(LOGIN_TRIED))
-      {
-         Contexts.getEventContext().set(LOGIN_TRIED, true);
-         quietLogin();
-      }     
-      
-      // If there is a principal set, then the user is logged in.
-      return getPrincipal() != null;
+      return attemptLogin ? tryLogin() : isLoggedIn();
    }
 
    public Principal getPrincipal()
@@ -217,7 +235,7 @@
    {
       try
       {            
-         if (isLoggedIn(false))
+         if (isLoggedIn())
          {
             // If authentication has already occurred during this request via a silent login,
             // and login() is explicitly called then we still want to raise the LOGIN_SUCCESSFUL event,
@@ -234,14 +252,14 @@
          
          authenticate();
          
-         if (!isLoggedIn(false))
+         if (!isLoggedIn())
          {
             throw new LoginException();
          }
          
          if ( log.isDebugEnabled() )
          {
-            log.debug("Login successful for: " + getUsername());
+            log.debug("Login successful for: " + getCredentials().getUsername());
          }
 
          if (Events.exists()) Events.instance().raiseEvent(EVENT_LOGIN_SUCCESSFUL);
@@ -253,7 +271,7 @@
          
          if ( log.isDebugEnabled() )
          {
-             log.debug("Login failed for: " + getUsername(), ex);
+             log.debug("Login failed for: " + getCredentials().getUsername(), ex);
          }
          if (Events.exists()) Events.instance().raiseEvent(EVENT_LOGIN_FAILED, ex);
       }
@@ -273,12 +291,12 @@
          if (Events.exists()) Events.instance().raiseEvent(EVENT_QUIET_LOGIN);         
           
          // Ensure that we haven't been authenticated as a result of the EVENT_QUIET_LOGIN event
-         if (!isLoggedIn(false))
+         if (!isLoggedIn())
          {
             if (credentials.isSet()) 
             {
                authenticate();
-               if (isLoggedIn(false) && Contexts.isEventContextActive())
+               if (isLoggedIn() && Contexts.isEventContextActive())
                {
                   Contexts.getEventContext().set(SILENT_LOGIN, true);
                }
@@ -299,7 +317,7 @@
       throws LoginException
    {
       // If we're already authenticated, then don't authenticate again
-      if (!isLoggedIn(false) && !credentials.isInvalid())
+      if (!isLoggedIn() && !credentials.isInvalid())
       {
          principal = null;
          subject = new Subject();
@@ -395,7 +413,7 @@
    
    public void logout()
    {
-      if (isLoggedIn(false))
+      if (isLoggedIn())
       {
          unAuthenticate();
          Session.instance().invalidate();
@@ -414,7 +432,7 @@
       if (!securityEnabled) return true;
       if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return true;
       
-      isLoggedIn(true);
+      tryLogin();
       
       for ( Group sg : getSubject().getPrincipals(Group.class) )      
       {
@@ -495,7 +513,7 @@
     */
    public void checkRole(String role)
    {
-      isLoggedIn(true);
+      tryLogin();
       
       if ( !hasRole(role) )
       {
@@ -526,7 +544,7 @@
    {
       if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return; 
       
-      isLoggedIn(true);
+      tryLogin();
       
       if ( !hasPermission(name, action, arg) )
       {
@@ -548,7 +566,7 @@
    {
       if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return;
       
-      isLoggedIn(true);
+      tryLogin();
       
       if ( !hasPermission(target, action) )
       {

More information about the seam-commits mailing list