Skip to main content

Hi,

Is there any tutorial about How to properly login user with IFS in java?

Because I am facing really stranges problems and I wonder if it because I use IFS connection badly. The doc is really poor and I can’t find any example…

Login function (POST /login) that returns a JWT token

UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
loginVM.getUsername(), loginVM.getPassword());

try {
Authentication authentication = this.authenticationManager.authenticate(authenticationToken);
SecurityContextHolder.getContext().setAuthentication(authentication);
long tokenValidityInMilliseconds = 0;

tokenValidityInMilliseconds = 1000 * ifsProperties.getSecurity().getJwt().getTokenValidityInSeconds();
System.out.println("Token validity: " + tokenValidityInMilliseconds);

// Remove the token from the pool after expiration
serverPool.removeServerAfter(authentication.getName(), tokenValidityInMilliseconds);

String jwt = tokenProvider.createToken(authentication, false);

response.setStatus(200);
redirectAttributes.addAttribute("token", jwt);
try {
response.getOutputStream().write(jwt.getBytes());
} catch (IOException e) {
e.printStackTrace();
} finally {
try {
response.getOutputStream().close();
} catch (IOException e) {
e.printStackTrace();
}
}
} catch (AuthenticationException ae) {
log.trace("Authentication exception trace: {}", ae);
// Omitted
}

 

The autenticate function :

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {

private final UserService userService;

public CustomAuthenticationProvider(UserService userService) {
this.userService = userService;
}

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException
{

String name = authentication.getName();
String password = authentication.getCredentials().toString();

try {
userService.isValidUser(authentication);
final List<GrantedAuthority> grantedAuths = new ArrayList<>();
grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
return new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
}
catch(APException e){
throw new AuthenticationServiceException(e.getErrorType().toString());
}
}
}

 

Finally the isValidUser and getUser function :

public boolean isValidUser(Authentication authentication) throws APException
{
Server server = new Server();
server.setConnectionString(ifsProperties.getConnectionString());
String username = (String) authentication.getPrincipal();
String password = (String) authentication.getCredentials();
server.setLocale("fr-FR");

server.setCredentials(username, password);

User user = getUser(server, (String) authentication.getPrincipal());

if (user != null) {
user.setUsername(username);
users.put(username, user);
serverPool.addServer(username, server);
return true;
}

return false;
}

private User getUser(Server server, String identity) throws APException {
PlsqlSelectCommand cmd = new PlsqlSelectCommand(server,"SELECT * FROM &AO.FND_USER WHERE WEB_USER = :WEB_USER");
Record params = cmd.getBindVariables();
params.add("WEB_USER").setValue(identity.toUpperCase());

RecordCollection result = cmd.executeQuery();
if (result.size() == 0) {
return null;
}

String sessionId = getSessionId(server);

User user = new User();
user.setIdentity((String) result.get(0).findValue("IDENTITY"));
user.setDescription((String) result.get(0).findValue("DESCRIPTION"));
user.setSessionId(sessionId);
user.setCompany(getCompany(server));

user.setSubcontractor(testUserSubctr(server, user));

return user;
}

 

So it set a server in  a pool. For each next request it checks if a server is available, if it is I continue, if not it throw a 401 error.

Is it the good way of handling IFS Connection?
Thanks A LOT for your help :)

Antoine

There is a Java AccessProvider, not sure about the availability of it though.


Okay, and do we need to redefine Server in each controller or we can store it?


Up ! Sometime Ihave an error that shows up :  `The Timman Job Trans object is locked by another user.` Do you know what can cause that?

When I am in local I don’t have any error but when I deploy my backend in java and my front it shows this error ramdomly...