Skip to main content

Hi,

Is there any tutorial about How to properly login user with IFS in java?

Because I am facing really stranges problems and I wonder if it because I use IFS connection badly. The doc is really poor and I can’t find any example…

Login function (POST /login) that returns a JWT token

UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
		loginVM.getUsername(), loginVM.getPassword());

try {
	Authentication authentication = this.authenticationManager.authenticate(authenticationToken);
	SecurityContextHolder.getContext().setAuthentication(authentication);
	long tokenValidityInMilliseconds = 0;

	tokenValidityInMilliseconds = 1000 * ifsProperties.getSecurity().getJwt().getTokenValidityInSeconds();
	System.out.println("Token validity: " + tokenValidityInMilliseconds);

	// Remove the token from the pool after expiration
	serverPool.removeServerAfter(authentication.getName(), tokenValidityInMilliseconds);

	String jwt = tokenProvider.createToken(authentication, false);

	response.setStatus(200); 
	redirectAttributes.addAttribute("token", jwt);
	try {
		response.getOutputStream().write(jwt.getBytes());
	} catch (IOException e) {
		e.printStackTrace();
	} finally {
		try {
			response.getOutputStream().close();
		} catch (IOException e) {
			e.printStackTrace();
		}
	}
} catch (AuthenticationException ae) {
	log.trace("Authentication exception trace: {}", ae);
	// Omitted
}

 

The autenticate function :

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {

	private final UserService userService;

	public CustomAuthenticationProvider(UserService userService) {
		this.userService = userService;
	}

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException 
    {

		String name = authentication.getName();
		String password = authentication.getCredentials().toString();

		try {
			userService.isValidUser(authentication);
			final List<GrantedAuthority> grantedAuths = new ArrayList<>();
			grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
			return new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
		}
		catch(APException e){
				throw new AuthenticationServiceException(e.getErrorType().toString());
		}	
	}
}

 

Finally the isValidUser and getUser function :

public boolean isValidUser(Authentication authentication) throws APException
{
	Server server = new Server();
	server.setConnectionString(ifsProperties.getConnectionString());
	String username = (String) authentication.getPrincipal();
	String password = (String) authentication.getCredentials();
	server.setLocale("fr-FR");

	server.setCredentials(username, password);

	User user = getUser(server, (String) authentication.getPrincipal());

	if (user != null) {
		user.setUsername(username);
		users.put(username, user);
		serverPool.addServer(username, server);
		return true;
	}

	return false;
}

private User getUser(Server server, String identity) throws APException {
	PlsqlSelectCommand cmd = new PlsqlSelectCommand(server,"SELECT * FROM &AO.FND_USER WHERE WEB_USER = :WEB_USER");
	Record params = cmd.getBindVariables();
	params.add("WEB_USER").setValue(identity.toUpperCase());

	RecordCollection result = cmd.executeQuery();
	if (result.size() == 0) {
		return null;
	}

	String sessionId = getSessionId(server);

	User user = new User();
	user.setIdentity((String) result.get(0).findValue("IDENTITY"));
	user.setDescription((String) result.get(0).findValue("DESCRIPTION"));
	user.setSessionId(sessionId);
	user.setCompany(getCompany(server));

	user.setSubcontractor(testUserSubctr(server, user));

	return user;
}

 

So it set a server in  a pool. For each next request it checks if a server is available, if it is I continue, if not it throw a 401 error.

Is it the good way of handling IFS Connection?
Thanks A LOT for your help :)

Antoine

There is a Java AccessProvider, not sure about the availability of it though.

Okay, and do we need to redefine Server in each controller or we can store it?

Up ! Sometime Ihave an error that shows up :  `The Timman Job Trans object is locked by another user.` Do you know what can cause that?

When I am in local I don’t have any error but when I deploy my backend in java and my front it shows this error ramdomly...

Terms & ConditionsCookie settingsAccessibility statement