2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.security
.core
;
18 import java
.util
.ArrayList
;
19 import java
.util
.Collection
;
20 import java
.util
.List
;
22 import org
.argeo
.security
.OsAuthenticationToken
;
23 import org
.springframework
.security
.authentication
.AuthenticationProvider
;
24 import org
.springframework
.security
.core
.Authentication
;
25 import org
.springframework
.security
.core
.AuthenticationException
;
26 import org
.springframework
.security
.core
.GrantedAuthority
;
27 import org
.springframework
.security
.core
.authority
.SimpleGrantedAuthority
;
30 * Validates an OS authentication. The id is that it will always be
31 * authenticated since we are always runnign within an OS, but the fact that the
32 * {@link Authentication} works properly depends on the proper OS login module
33 * having been called as well. TODO make it more configurable (base roles, is
36 public class OsAuthenticationProvider
implements AuthenticationProvider
{
37 final static String osUserRole
= "ROLE_OS_USER";
38 final static String userRole
= "ROLE_USER";
39 final static String adminRole
= "ROLE_ADMIN";
41 final static Boolean isAdmin
= true;
43 public Authentication
authenticate(Authentication authentication
)
44 throws AuthenticationException
{
45 return new OsAuthenticationToken(getBaseAuthorities());
48 public static Collection
<?
extends GrantedAuthority
> getBaseAuthorities() {
49 List
<GrantedAuthority
> auths
= new ArrayList
<GrantedAuthority
>();
50 auths
.add(new SimpleGrantedAuthority(osUserRole
));
51 auths
.add(new SimpleGrantedAuthority(userRole
));
53 auths
.add(new SimpleGrantedAuthority(adminRole
));
57 @SuppressWarnings("rawtypes")
58 public boolean supports(Class authentication
) {
59 return OsAuthenticationToken
.class.isAssignableFrom(authentication
);