]> git.argeo.org Git - lgpl/argeo-commons.git/blobdiff - security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java
projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Big cleanup of the security layers
[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / core / OsAuthenticationProvider.java
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java
index 524e73f8f7cdf4d440d7eb7b5e0fc89aab492868..3360b1eeae2c2cf5b1fd7bfb908448cc2fc67fe2 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java
@@ -10,7 +10,12 @@ import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 import org.springframework.security.providers.AuthenticationProvider;
 
-/** Validates an OS authentication. */
+/**
+ * Validates an OS authentication. The id is that it will always be
+ * authenticated since we are always runnign within an OS, but the fact that the
+ * {@link Authentication} works properly depends on the proper OS login module
+ * having been called as well.
+ */
 public class OsAuthenticationProvider implements AuthenticationProvider {
        private String osUserRole = "ROLE_OS_USER";
        private String userRole = "ROLE_USER";
@@ -20,16 +25,16 @@ public class OsAuthenticationProvider implements AuthenticationProvider {
 
        public Authentication authenticate(Authentication authentication)
                        throws AuthenticationException {
-               if (!(authentication instanceof OsAuthenticationToken))
-                       return null;
+               return new OsAuthenticationToken(getBaseAuthorities());
+       }
 
+       protected GrantedAuthority[] getBaseAuthorities() {
                List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
                auths.add(new GrantedAuthorityImpl(osUserRole));
                auths.add(new GrantedAuthorityImpl(userRole));
                if (isAdmin)
                        auths.add(new GrantedAuthorityImpl(adminRole));
-               return new OsAuthenticationToken(
-                               auths.toArray(new GrantedAuthority[auths.size()]));
+               return auths.toArray(new GrantedAuthority[auths.size()]);
        }
 
        @SuppressWarnings("rawtypes")
Argeo Commons - Lightweight integration framework in pure Java/OSGi