- @Override
- public boolean validate(String user, Type type, byte[] pass, Object state) {
- try {
- AuthzTrans trans;
- if(state !=null) {
- if(state instanceof AuthzTrans) {
- trans = (AuthzTrans)state;
- } else {
- trans = env.newTransNoAvg();
- if(state instanceof HttpServletRequest) {
- trans.set((HttpServletRequest)state);
- }
- }
- } else {
- trans = env.newTransNoAvg();
- }
- Result<Date> result = question.doesUserCredMatch(trans, user, pass);
- trans.logAuditTrail(env.info());
- switch(result.status) {
- case OK:
- return true;
- default:
- String ip = trans.ip()==null?"":(", ip="+trans.ip());
- env.warn().log(user, "failed password validation" + ip + ':',result.errorString());
- }
- } catch (DAOException e) {
- env.error().log(e,"Cannot validate user/pass from cassandra");
- }
- return false;
- }
+ try {
+ AuthzTrans trans;
+ boolean transfer = false;
+ if (state !=null) {
+ if (state instanceof AuthzTrans) {
+ trans = (AuthzTrans)state;
+ } else {
+ trans = env.newTransNoAvg();
+ if (state instanceof HttpServletRequest) {
+ trans.set((HttpServletRequest)state,null);
+ transfer=true;
+ }
+ }
+ } else {
+ trans = env.newTransNoAvg();
+ }
+ Result<Date> result = question.doesUserCredMatch(trans, user, pass);
+ if(transfer) {
+ ((HttpServletRequest)state).setAttribute("CRED_TAG", trans.getTag());
+ }
+ trans.logAuditTrail(env.debug());
+ switch(result.status) {
+ case OK:
+ return true;
+ default:
+ String ip = trans.ip()==null?"":trans.ip();
+ env.audit().printf("user=%s,tag=%s,ip=%s,msg=\"failed password validation: %s\"",user,trans.getTag(),ip,result.errorString());
+ }
+ } catch (DAOException e) {
+ env.error().log(e,"Cannot validate user/pass from cassandra");
+ }
+ return false;
+ }