Add dep folder

[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / core / OsAuthenticationProvider.java

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java
index 524e73f8f7cdf4d440d7eb7b5e0fc89aab492868..0e29ecd59a75e6fbfe0f422acce415508da73f4b 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright (C) 2007-2012 Argeo GmbH
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.argeo.security.core;
 
 import java.util.ArrayList;
@@ -10,26 +25,32 @@ import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 import org.springframework.security.providers.AuthenticationProvider;
 
-/** Validates an OS authentication. */
+/**
+ * Validates an OS authentication. The id is that it will always be
+ * authenticated since we are always runnign within an OS, but the fact that the
+ * {@link Authentication} works properly depends on the proper OS login module
+ * having been called as well. TODO make it more configurable (base roles, is
+ * admin)
+ */
 public class OsAuthenticationProvider implements AuthenticationProvider {
-       private String osUserRole = "ROLE_OS_USER";
-       private String userRole = "ROLE_USER";
-       private String adminRole = "ROLE_ADMIN";
+       final static String osUserRole = "ROLE_OS_USER";
+       final static String userRole = "ROLE_USER";
+       final static String adminRole = "ROLE_ADMIN";
 
-       private Boolean isAdmin = true;
+       final static Boolean isAdmin = true;
 
        public Authentication authenticate(Authentication authentication)
                        throws AuthenticationException {
-               if (!(authentication instanceof OsAuthenticationToken))
-                       return null;
+               return new OsAuthenticationToken(getBaseAuthorities());
+       }
 
+       public static GrantedAuthority[] getBaseAuthorities() {
                List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
                auths.add(new GrantedAuthorityImpl(osUserRole));
                auths.add(new GrantedAuthorityImpl(userRole));
                if (isAdmin)
                        auths.add(new GrantedAuthorityImpl(adminRole));
-               return new OsAuthenticationToken(
-                               auths.toArray(new GrantedAuthority[auths.size()]));
+               return auths.toArray(new GrantedAuthority[auths.size()]);
        }
 
        @SuppressWarnings("rawtypes")
@@ -37,20 +58,4 @@ public class OsAuthenticationProvider implements AuthenticationProvider {
                return OsAuthenticationToken.class.isAssignableFrom(authentication);
        }
 
-       public void setOsUserRole(String osUserRole) {
-               this.osUserRole = osUserRole;
-       }
-
-       public void setUserRole(String userRole) {
-               this.userRole = userRole;
-       }
-
-       public void setAdminRole(String adminRole) {
-               this.adminRole = adminRole;
-       }
-
-       public void setIsAdmin(Boolean isAdmin) {
-               this.isAdmin = isAdmin;
-       }
-
 }