security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/providers/JackrabbitAuthenticationProvider.java

   1 package org.argeo.security.jackrabbit.providers;
   2
   3 import java.util.ArrayList;
   4 import java.util.Iterator;
   5 import java.util.List;
   6
   7 import javax.jcr.Node;
   8 import javax.jcr.RepositoryException;
   9 import javax.jcr.Session;
  10
  11 import org.apache.jackrabbit.api.JackrabbitSession;
  12 import org.apache.jackrabbit.api.security.user.Group;
  13 import org.apache.jackrabbit.api.security.user.User;
  14 import org.apache.jackrabbit.api.security.user.UserManager;
  15 import org.argeo.ArgeoException;
  16 import org.argeo.security.jcr.JcrAuthenticationProvider;
  17 import org.springframework.security.GrantedAuthority;
  18 import org.springframework.security.GrantedAuthorityImpl;
  19
  20 public class JackrabbitAuthenticationProvider extends JcrAuthenticationProvider {
  21
  22         @Override
  23         protected GrantedAuthority[] getGrantedAuthorities(Session session) {
  24                 try {
  25                         JackrabbitSession jackrabbitSession = (JackrabbitSession) session;
  26                         UserManager userManager = jackrabbitSession.getUserManager();
  27                         User user = (User) userManager.getAuthorizable(session.getUserID());
  28                         List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
  29                         for (Iterator<Group> it = user.memberOf(); it.hasNext();)
  30                                 authorities.add(new GrantedAuthorityImpl(it.next().getID()));
  31                         return authorities
  32                                         .toArray(new GrantedAuthority[authorities.size()]);
  33                 } catch (RepositoryException e) {
  34                         throw new ArgeoException("Cannot retrieve authorities for "
  35                                         + session.getUserID(), e);
  36                 }
  37         }
  38
  39         @Override
  40         protected Boolean isEnabled(Node userHome) {
  41                 try {
  42                         UserManager userManager = ((JackrabbitSession) userHome
  43                                         .getSession()).getUserManager();
  44                         User user = (User) userManager.getAuthorizable(userHome
  45                                         .getSession().getUserID());
  46                         return !user.isDisabled();
  47                 } catch (RepositoryException e) {
  48                         throw new ArgeoException("Cannot check whether " + userHome
  49                                         + " is enabled", e);
  50                 }
  51         }
  52
  53 }