X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fcore%2FOsAuthenticationProvider.java;h=fa70489fc4397b2f64e60358f9c185ea042cb62e;hb=da55282938aaebf9fa148454dbc8add9c558501f;hp=e9c83839f2e35c6d3ca836aa578a1913da517e89;hpb=149023e5969377045847bbecf24b0898b18a67a9;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java index e9c83839f..fa70489fc 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java @@ -1,14 +1,18 @@ package org.argeo.security.core; +import java.security.AccessController; import java.util.ArrayList; import java.util.List; +import javax.security.auth.Subject; + import org.argeo.security.OsAuthenticationToken; import org.springframework.security.Authentication; import org.springframework.security.AuthenticationException; import org.springframework.security.GrantedAuthority; import org.springframework.security.GrantedAuthorityImpl; import org.springframework.security.providers.AuthenticationProvider; +import org.springframework.security.providers.UsernamePasswordAuthenticationToken; /** Validates an OS authentication. */ public class OsAuthenticationProvider implements AuthenticationProvider { @@ -20,16 +24,30 @@ public class OsAuthenticationProvider implements AuthenticationProvider { public Authentication authenticate(Authentication authentication) throws AuthenticationException { + final OsAuthenticationToken oat; + // if (authentication instanceof UsernamePasswordAuthenticationToken) { + // Subject subject = Subject.getSubject(AccessController.getContext()); + // if (subject == null) + // return null; + // oat = new OsAuthenticationToken(); + // } else if (authentication instanceof OsAuthenticationToken) { - List auths = new ArrayList(); - auths.add(new GrantedAuthorityImpl(osUserRole)); - auths.add(new GrantedAuthorityImpl(userRole)); - if (isAdmin) - auths.add(new GrantedAuthorityImpl(adminRole)); - return new OsAuthenticationToken( - auths.toArray(new GrantedAuthority[auths.size()])); + oat = (OsAuthenticationToken) authentication; + } else { + return null; } - return null; + + // not OS authenticated +// if (oat.getUser() == null) +// return null; + + List auths = new ArrayList(); + auths.add(new GrantedAuthorityImpl(osUserRole)); + auths.add(new GrantedAuthorityImpl(userRole)); + if (isAdmin) + auths.add(new GrantedAuthorityImpl(adminRole)); + return new OsAuthenticationToken( + auths.toArray(new GrantedAuthority[auths.size()])); } @SuppressWarnings("rawtypes")