X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fjcr%2FRemoteJcrAuthenticationProvider.java;h=b32ba8ea9ab25d5cd49f5469e3971a2a1b9c9f2c;hb=b7133bb90dcade71c106f8a09ee1e37d33a93ddf;hp=09e723930579f9e36d31cff0f4f3ddec98d9608d;hpb=3baeb167c9a92d1f915904bb956632c0aff65b2b;p=lgpl%2Fargeo-commons.git

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/RemoteJcrAuthenticationProvider.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/RemoteJcrAuthenticationProvider.java
index 09e723930..b32ba8ea9 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/RemoteJcrAuthenticationProvider.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/RemoteJcrAuthenticationProvider.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2007-2012 Mathieu Baudier
+ * Copyright (C) 2007-2012 Argeo GmbH
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -46,6 +46,8 @@ public class RemoteJcrAuthenticationProvider implements AuthenticationProvider,
 	private RepositoryFactory repositoryFactory;
 	private BundleContext bundleContext;
 
+	public final static String ROLE_REMOTE = "ROLE_REMOTE";
+
 	public Authentication authenticate(Authentication authentication)
 			throws AuthenticationException {
 		NodeAuthenticationToken siteAuth = (NodeAuthenticationToken) authentication;
@@ -95,17 +97,18 @@ public class RemoteJcrAuthenticationProvider implements AuthenticationProvider,
 		}
 
 		try {
-			Node userHome = UserJcrUtils.getUserHome(session);
+			// Node userHome = UserJcrUtils.getUserHome(session);
 			// retrieve remote roles
 			List<GrantedAuthority> authoritiesList = new ArrayList<GrantedAuthority>();
-			if (userHome != null
-					&& userHome.hasProperty(ArgeoNames.ARGEO_REMOTE_ROLES)) {
-				Value[] roles = userHome.getProperty(
+			if (userProfile != null
+					&& userProfile.hasProperty(ArgeoNames.ARGEO_REMOTE_ROLES)) {
+				Value[] roles = userProfile.getProperty(
 						ArgeoNames.ARGEO_REMOTE_ROLES).getValues();
 				for (int i = 0; i < roles.length; i++)
 					authoritiesList.add(new GrantedAuthorityImpl(roles[i]
 							.getString()));
 			}
+			authoritiesList.add(new GrantedAuthorityImpl(ROLE_REMOTE));
 
 			// create authenticated objects
 			GrantedAuthority[] authorities = authoritiesList