import org.argeo.ArgeoException;
import org.argeo.jcr.JcrUtils;
import org.argeo.jcr.UserJcrUtils;
+import org.argeo.security.NodeAuthenticationToken;
import org.argeo.security.UserAdminService;
import org.argeo.security.jcr.JcrSecurityModel;
import org.argeo.security.jcr.JcrUserDetails;
+import org.argeo.security.login.GrantedAuthorityPrincipal;
import org.springframework.dao.DataAccessException;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
if (username == null)
username = session.getUserID();
User user = (User) getUserManager().getAuthorizable(username);
- ArrayList<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+ ArrayList<GrantedAuthorityPrincipal> authorities = new ArrayList<GrantedAuthorityPrincipal>();
// FIXME make it more generic
- authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
+ authorities.add(new GrantedAuthorityPrincipal("ROLE_USER"));
Iterator<Group> groups = user.declaredMemberOf();
while (groups.hasNext()) {
Group group = groups.next();
// String role = "ROLE_"
// + group.getPrincipal().getName().toUpperCase();
String role = group.getPrincipal().getName();
- authorities.add(new SimpleGrantedAuthority(role));
+ authorities.add(new GrantedAuthorityPrincipal(role));
}
Node userProfile = UserJcrUtils.getUserProfile(session, username);
// AUTHENTICATION PROVIDER
public synchronized Authentication authenticate(
Authentication authentication) throws AuthenticationException {
- UsernamePasswordAuthenticationToken siteAuth = (UsernamePasswordAuthenticationToken) authentication;
+ NodeAuthenticationToken siteAuth = (NodeAuthenticationToken) authentication;
String username = siteAuth.getName();
+ if (!(siteAuth.getCredentials() instanceof char[]))
+ throw new ArgeoException("Only char array passwords are supported");
char[] password = (char[]) siteAuth.getCredentials();
try {
SimpleCredentials sp = new SimpleCredentials(siteAuth.getName(),
try {
JcrUserDetails userDetails = loadJcrUserDetails(adminSession,
username);
- UsernamePasswordAuthenticationToken authenticated = new UsernamePasswordAuthenticationToken(
- siteAuth, "", userDetails.getAuthorities());
+ NodeAuthenticationToken authenticated = new NodeAuthenticationToken(
+ siteAuth, userDetails.getAuthorities());
authenticated.setDetails(userDetails);
return authenticated;
} catch (RepositoryException e) {