2 * Copyright (C) 2007-2012 Argeo GmbH
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.security
.core
;
18 import java
.util
.ArrayList
;
19 import java
.util
.List
;
21 import org
.argeo
.security
.OsAuthenticationToken
;
22 import org
.springframework
.security
.Authentication
;
23 import org
.springframework
.security
.AuthenticationException
;
24 import org
.springframework
.security
.GrantedAuthority
;
25 import org
.springframework
.security
.GrantedAuthorityImpl
;
26 import org
.springframework
.security
.providers
.AuthenticationProvider
;
29 * Validates an OS authentication. The id is that it will always be
30 * authenticated since we are always runnign within an OS, but the fact that the
31 * {@link Authentication} works properly depends on the proper OS login module
32 * having been called as well. TODO make it more configurable (base roles, is
35 public class OsAuthenticationProvider
implements AuthenticationProvider
{
36 final static String osUserRole
= "ROLE_OS_USER";
37 final static String userRole
= "ROLE_USER";
38 final static String adminRole
= "ROLE_ADMIN";
40 final static Boolean isAdmin
= true;
42 public Authentication
authenticate(Authentication authentication
)
43 throws AuthenticationException
{
44 return new OsAuthenticationToken(getBaseAuthorities());
47 public static GrantedAuthority
[] getBaseAuthorities() {
48 List
<GrantedAuthority
> auths
= new ArrayList
<GrantedAuthority
>();
49 auths
.add(new GrantedAuthorityImpl(osUserRole
));
50 auths
.add(new GrantedAuthorityImpl(userRole
));
52 auths
.add(new GrantedAuthorityImpl(adminRole
));
53 return auths
.toArray(new GrantedAuthority
[auths
.size()]);
56 @SuppressWarnings("rawtypes")
57 public boolean supports(Class authentication
) {
58 return OsAuthenticationToken
.class.isAssignableFrom(authentication
);