org.argeo.security.core/src/org/argeo/security/core/OsAuthenticationProvider.java

   1 /*
   2  * Copyright (C) 2007-2012 Argeo GmbH
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.security.core;
  17
  18 import java.util.ArrayList;
  19 import java.util.Collection;
  20 import java.util.List;
  21
  22 import org.argeo.security.OsAuthenticationToken;
  23 import org.springframework.security.authentication.AuthenticationProvider;
  24 import org.springframework.security.core.Authentication;
  25 import org.springframework.security.core.AuthenticationException;
  26 import org.springframework.security.core.GrantedAuthority;
  27 import org.springframework.security.core.authority.SimpleGrantedAuthority;
  28
  29 /**
  30  * Validates an OS authentication. The id is that it will always be
  31  * authenticated since we are always runnign within an OS, but the fact that the
  32  * {@link Authentication} works properly depends on the proper OS login module
  33  * having been called as well. TODO make it more configurable (base roles, is
  34  * admin)
  35  */
  36 public class OsAuthenticationProvider implements AuthenticationProvider {
  37         final static String osUserRole = "ROLE_OS_USER";
  38         final static String userRole = "ROLE_USER";
  39         final static String adminRole = "ROLE_ADMIN";
  40
  41         final static Boolean isAdmin = true;
  42
  43         public Authentication authenticate(Authentication authentication)
  44                         throws AuthenticationException {
  45                 return new OsAuthenticationToken(getBaseAuthorities());
  46         }
  47
  48         public static Collection<? extends GrantedAuthority> getBaseAuthorities() {
  49                 List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
  50                 auths.add(new SimpleGrantedAuthority(osUserRole));
  51                 auths.add(new SimpleGrantedAuthority(userRole));
  52                 if (isAdmin)
  53                         auths.add(new SimpleGrantedAuthority(adminRole));
  54                 return auths;
  55         }
  56
  57         @SuppressWarnings("rawtypes")
  58         public boolean supports(Class authentication) {
  59                 return OsAuthenticationToken.class.isAssignableFrom(authentication);
  60         }
  61
  62 }