From: Mathieu Baudier Date: Mon, 8 Nov 2010 15:22:11 +0000 (+0000) Subject: Update logged in user. X-Git-Tag: argeo-commons-2.1.30~1568 X-Git-Url: http://git.argeo.org/?a=commitdiff_plain;h=5bfc0d2e2e34f86b454a1ec209617a9fc0f306b1;p=lgpl%2Fargeo-commons.git Update logged in user. Add PosixAccount nature git-svn-id: https://svn.argeo.org/commons/trunk@3858 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/natures-osgi.xml b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/natures-osgi.xml index 9a3cc743d..6f7c1e5cb 100644 --- a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/natures-osgi.xml +++ b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/natures-osgi.xml @@ -7,11 +7,11 @@ http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> - + - + \ No newline at end of file diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java index d8412da8e..7156a93ea 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java @@ -19,7 +19,7 @@ package org.argeo.security; import java.util.List; public interface ArgeoSecurityDao { - public ArgeoUser getCurrentUser(); +// public ArgeoUser getCurrentUser(); public List listUsers(); @@ -40,4 +40,6 @@ public interface ArgeoSecurityDao { public ArgeoUser getUser(String username); public ArgeoUser getUserWithPassword(String username); + + public String getDefaultRole(); } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java index 75f849704..046c689fe 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java @@ -17,6 +17,8 @@ package org.argeo.security; public interface ArgeoSecurityService { + public ArgeoUser getCurrentUser(); + public void newUser(ArgeoUser argeoUser); public void updateUser(ArgeoUser user); diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java index 1948d1252..df16008e0 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java @@ -69,7 +69,7 @@ public class ArgeoUserDetails extends User implements ArgeoUser { } /** The provided list, for chaining using {@link Collections} */ - protected static List addAuthoritiesToRoles( + public static List addAuthoritiesToRoles( GrantedAuthority[] authorities, List roles) { for (GrantedAuthority authority : authorities) { roles.add(authority.getAuthority()); @@ -77,7 +77,7 @@ public class ArgeoUserDetails extends User implements ArgeoUser { return roles; } - protected static GrantedAuthority[] rolesToAuthorities(List roles) { + public static GrantedAuthority[] rolesToAuthorities(List roles) { GrantedAuthority[] arr = new GrantedAuthority[roles.size()]; for (int i = 0; i < roles.size(); i++) { String role = roles.get(i); diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java index 28f399f5a..23e2372c8 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java @@ -36,6 +36,15 @@ public class DefaultSecurityService implements ArgeoSecurityService { private String systemAuthenticationKey; + public ArgeoUser getCurrentUser() { + ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser(); + if (argeoUser == null) + return null; + if (argeoUser.getRoles().contains(securityDao.getDefaultRole())) + argeoUser.getRoles().remove(securityDao.getDefaultRole()); + return argeoUser; + } + public ArgeoSecurityDao getSecurityDao() { return securityDao; } @@ -45,14 +54,14 @@ public class DefaultSecurityService implements ArgeoSecurityService { } public void updateUserPassword(String username, String password) { - SimpleArgeoUser user = new SimpleArgeoUser(securityDao - .getUser(username)); + SimpleArgeoUser user = new SimpleArgeoUser( + securityDao.getUser(username)); user.setPassword(password); securityDao.update(user); } public void updateCurrentUserPassword(String oldPassword, String newPassword) { - SimpleArgeoUser user = new SimpleArgeoUser(securityDao.getCurrentUser()); + SimpleArgeoUser user = new SimpleArgeoUser(getCurrentUser()); if (!user.getPassword().equals(oldPassword)) throw new ArgeoException("Old password is not correct."); user.setPassword(newPassword); @@ -122,5 +131,4 @@ public class DefaultSecurityService implements ArgeoSecurityService { public void setSystemAuthenticationKey(String systemAuthenticationKey) { this.systemAuthenticationKey = systemAuthenticationKey; } - } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java index f9628c3b2..3d6d8ff99 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java @@ -36,7 +36,6 @@ import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DistinguishedName; import org.springframework.ldap.core.LdapTemplate; import org.springframework.ldap.core.support.BaseLdapPathContextSource; -import org.springframework.security.Authentication; import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper; import org.springframework.security.ldap.LdapAuthoritiesPopulator; @@ -44,6 +43,7 @@ import org.springframework.security.ldap.LdapUsernameToDnMapper; import org.springframework.security.ldap.LdapUtils; import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator; import org.springframework.security.ldap.search.FilterBasedLdapUserSearch; +import org.springframework.security.providers.UsernamePasswordAuthenticationToken; import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.UserDetailsManager; import org.springframework.security.userdetails.UserDetailsService; @@ -118,31 +118,31 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean ldapTemplate = new LdapTemplate(this.contextSource); } - public void create(ArgeoUser user) { + public synchronized void create(ArgeoUser user) { userDetailsManager.createUser(new ArgeoUserDetails(user)); } - public ArgeoUser getUser(String uname) { + public synchronized ArgeoUser getUser(String uname) { SimpleArgeoUser user = createSimpleArgeoUser(getDetails(uname)); user.setPassword(null); return user; } - public ArgeoUser getUserWithPassword(String uname) { + public synchronized ArgeoUser getUserWithPassword(String uname) { return createSimpleArgeoUser(getDetails(uname)); } - public ArgeoUser getCurrentUser() { - ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser(); - if (argeoUser == null) - return null; - if (argeoUser.getRoles().contains(defaultRole)) - argeoUser.getRoles().remove(defaultRole); - return argeoUser; - } +// public ArgeoUser getCurrentUser() { +// ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser(); +// if (argeoUser == null) +// return null; +// if (argeoUser.getRoles().contains(defaultRole)) +// argeoUser.getRoles().remove(defaultRole); +// return argeoUser; +// } @SuppressWarnings("unchecked") - public List listUsers() { + public synchronized List listUsers() { List usernames = (List) ldapTemplate.listBindings( new DistinguishedName(userBase), new ContextMapper() { public Object mapFromContext(Object ctxArg) { @@ -171,15 +171,23 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean }); } - public void update(ArgeoUser user) { + public synchronized void update(ArgeoUser user) { + ArgeoUserDetails argeoUserDetails = new ArgeoUserDetails(user); userDetailsManager.updateUser(new ArgeoUserDetails(user)); + // refresh logged in user + if (ArgeoUserDetails.securityContextUser().getUsername() + .equals(argeoUserDetails.getUsername())) { + SecurityContextHolder.getContext().setAuthentication( + new UsernamePasswordAuthenticationToken(argeoUserDetails, + null, argeoUserDetails.getAuthorities())); + } } - public void delete(String username) { + public synchronized void delete(String username) { userDetailsManager.deleteUser(username); } - public Boolean userExists(String username) { + public synchronized Boolean userExists(String username) { return userDetailsManager.userExists(username); } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java index 60ccafbb9..56da47005 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java @@ -24,7 +24,7 @@ import org.springframework.ldap.core.DirContextOperations; public class SimpleUserNatureMapper implements UserNatureMapper { public String getName() { - return "simple"; + return "simpleUser"; } public UserNature mapUserInfoFromContext(DirContextOperations ctx) { diff --git a/security/runtime/org.argeo.security.mvc/pom.xml b/security/runtime/org.argeo.security.mvc/pom.xml index e2a9bcd28..e38aac5cb 100644 --- a/security/runtime/org.argeo.security.mvc/pom.xml +++ b/security/runtime/org.argeo.security.mvc/pom.xml @@ -1,4 +1,5 @@ - + 4.0.0 org.argeo.commons.security @@ -31,6 +32,7 @@ org.argeo.security.mvc.* + *,javax.servlet @@ -43,14 +45,14 @@ org.argeo.server.core 0.2.1-SNAPSHOT - + org.argeo.commons.security org.argeo.security.core 0.2.1-SNAPSHOT - + org.springframework diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/ArgeoUserInterceptor.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/ArgeoUserInterceptor.java index 74e97a53a..d79a70360 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/ArgeoUserInterceptor.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/ArgeoUserInterceptor.java @@ -13,8 +13,7 @@ public class ArgeoUserInterceptor extends HandlerInterceptorAdapter { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { - request.setAttribute("argeoUser", securityService.getSecurityDao() - .getCurrentUser()); + request.setAttribute("argeoUser", securityService.getCurrentUser()); return super.preHandle(request, response, handler); } diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index 4d59fc500..cd954644a 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -50,7 +50,7 @@ public class UsersRolesController implements MvcConstants { @RequestMapping("/getCredentials.*") @ModelAttribute("user") public ArgeoUser getCredentials() { - ArgeoUser argeoUser = securityService.getSecurityDao().getCurrentUser(); + ArgeoUser argeoUser = securityService.getCurrentUser(); if (argeoUser == null) return new SimpleArgeoUser(); else @@ -92,7 +92,7 @@ public class UsersRolesController implements MvcConstants { @ModelAttribute("user") /** Will only update the user natures.*/ public ArgeoUser updateUserSelf(Reader reader) { - ArgeoUser user = securityService.getSecurityDao().getCurrentUser(); + ArgeoUser user = securityService.getCurrentUser(); ArgeoUser userForNatures = userDeserializer.deserialize(reader, SimpleArgeoUser.class); user.updateUserNatures(userForNatures.getUserNatures());