Start finalizing security

[lgpl/argeo-commons.git] / org.argeo.enterprise / src / org / argeo / osgi / useradmin / LdapUserAdmin.java

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index f78da0af0d29aed943c3cda8831bb9d97bffef47..000cfab0c623e26aae86f5ffd81cc2bb6ae50e7c 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -26,6 +26,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.argeo.naming.LdapAttrs;
 import org.osgi.framework.Filter;
+import org.osgi.service.useradmin.User;
 
 /**
  * A user admin based on a LDAP server. Requires a {@link TransactionManager}
@@ -75,6 +76,21 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                        log.error("Cannot destroy LDAP user admin", e);
                }
        }
+       
+       
+
+       @SuppressWarnings("unchecked")
+       @Override
+       protected AbstractUserDirectory scope(User user) {
+               Dictionary<String, Object> credentials = user.getCredentials();
+               // FIXME use arrays
+               Object usernameObj =    credentials.get(SHARED_STATE_USERNAME);
+               Object passwordObj =    credentials.get(SHARED_STATE_PASSWORD);
+               Dictionary<String, Object> properties = cloneProperties();
+               properties.put(Context.SECURITY_PRINCIPAL, usernameObj.toString());
+               properties.put(Context.SECURITY_CREDENTIALS, passwordObj.toString());
+               return new LdapUserAdmin(properties);
+       }
 
        protected InitialLdapContext getLdapContext() {
                return initialLdapContext;