]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.cms/src/org/argeo/cms/internal/useradmin/ldap/JcrUserDetailsContextMapper.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove JcrSecurityModel from supported APIs
[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / useradmin / ldap / JcrUserDetailsContextMapper.java
1 /*
2 * Copyright (C) 2007-2012 Argeo GmbH
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 package org.argeo.cms.internal.useradmin.ldap;
17
18 import java.util.Collection;
19 import java.util.UUID;
20
21 import javax.jcr.Node;
22 import javax.jcr.Repository;
23 import javax.jcr.RepositoryException;
24 import javax.jcr.Session;
25
26 import org.argeo.ArgeoException;
27 import org.argeo.jcr.ArgeoNames;
28 import org.argeo.jcr.JcrUtils;
29 import org.argeo.jcr.UserJcrUtils;
30 import org.argeo.security.jcr.JcrUserDetails;
31 import org.springframework.ldap.core.DirContextAdapter;
32 import org.springframework.ldap.core.DirContextOperations;
33 import org.springframework.security.core.GrantedAuthority;
34 import org.springframework.security.core.userdetails.UserDetails;
35 import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;
36
37 /** @deprecated Read only mapping from LDAP to user details */
38 @Deprecated
39 public class JcrUserDetailsContextMapper implements UserDetailsContextMapper,
40 ArgeoNames {
41 /** Admin session on the security workspace */
42 private Session securitySession;
43 private Repository repository;
44 private String securityWorkspace = "security";
45
46 public void init() {
47 try {
48 securitySession = repository.login(securityWorkspace);
49 } catch (RepositoryException e) {
50 JcrUtils.logoutQuietly(securitySession);
51 throw new ArgeoException(
52 "Cannot initialize LDAP/JCR user details context mapper", e);
53 }
54 }
55
56 public void destroy() {
57 JcrUtils.logoutQuietly(securitySession);
58 }
59
60 /** Called during authentication in order to retrieve user details */
61 public UserDetails mapUserFromContext(final DirContextOperations ctx,
62 final String username,
63 Collection<? extends GrantedAuthority> authorities) {
64 if (ctx == null)
65 throw new ArgeoException("No LDAP information for user " + username);
66 Node userHome = UserJcrUtils.getUserHome(securitySession, username);
67 if (userHome == null)
68 throw new ArgeoException("No JCR information for user " + username);
69
70 // password
71 // SortedSet<?> passwordAttributes = ctx
72 // .getAttributeSortedStringSet(passwordAttribute);
73 // String password;
74 // if (passwordAttributes == null || passwordAttributes.size() == 0) {
75 // throw new ArgeoException("No password found for user " + username);
76 // } else {
77 // byte[] arr = (byte[]) passwordAttributes.first();
78 // password = new String(arr);
79 // // erase password
80 // Arrays.fill(arr, (byte) 0);
81 // }
82
83 try {
84 // we don't have access to password, so let's not pretend
85 String password = UUID.randomUUID().toString();
86 return new JcrUserDetails(userHome.getNode(ARGEO_PROFILE),
87 password, authorities);
88 } catch (RepositoryException e) {
89 throw new ArgeoException("Cannot retrieve user details for "
90 + username, e);
91 }
92 }
93
94 public void mapUserToContext(UserDetails user, final DirContextAdapter ctx) {
95 throw new UnsupportedOperationException("LDAP access is read-only");
96 }
97
98 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi