]> git.argeo.org Git - lgpl/argeo-commons.git/blob - JcrUserDetailsContextMapper.java
projects / lgpl / argeo-commons.git / blob


03260bfb7d02f855b7d6ca0e2013e26e658da46a
[lgpl/argeo-commons.git] / JcrUserDetailsContextMapper.java
1 /*
2 * Copyright (C) 2007-2012 Mathieu Baudier
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 package org.argeo.security.ldap.jcr;
17
18 import java.util.UUID;
19
20 import javax.jcr.Node;
21 import javax.jcr.Repository;
22 import javax.jcr.RepositoryException;
23 import javax.jcr.Session;
24
25 import org.argeo.ArgeoException;
26 import org.argeo.jcr.ArgeoNames;
27 import org.argeo.jcr.JcrUtils;
28 import org.argeo.jcr.UserJcrUtils;
29 import org.argeo.security.jcr.JcrUserDetails;
30 import org.springframework.ldap.core.DirContextAdapter;
31 import org.springframework.ldap.core.DirContextOperations;
32 import org.springframework.security.GrantedAuthority;
33 import org.springframework.security.userdetails.UserDetails;
34 import org.springframework.security.userdetails.ldap.UserDetailsContextMapper;
35
36 /** @deprecated Read only mapping from LDAP to user details */
37 @Deprecated
38 public class JcrUserDetailsContextMapper implements UserDetailsContextMapper,
39 ArgeoNames {
40 /** Admin session on the security workspace */
41 private Session securitySession;
42 private Repository repository;
43 private String securityWorkspace = "security";
44
45 public void init() {
46 try {
47 securitySession = repository.login(securityWorkspace);
48 } catch (RepositoryException e) {
49 JcrUtils.logoutQuietly(securitySession);
50 throw new ArgeoException(
51 "Cannot initialize LDAP/JCR user details context mapper", e);
52 }
53 }
54
55 public void destroy() {
56 JcrUtils.logoutQuietly(securitySession);
57 }
58
59 /** Called during authentication in order to retrieve user details */
60 public UserDetails mapUserFromContext(final DirContextOperations ctx,
61 final String username, GrantedAuthority[] authorities) {
62 if (ctx == null)
63 throw new ArgeoException("No LDAP information for user " + username);
64 Node userHome = UserJcrUtils.getUserHome(securitySession, username);
65 if (userHome == null)
66 throw new ArgeoException("No JCR information for user " + username);
67
68 // password
69 // SortedSet<?> passwordAttributes = ctx
70 // .getAttributeSortedStringSet(passwordAttribute);
71 // String password;
72 // if (passwordAttributes == null || passwordAttributes.size() == 0) {
73 // throw new ArgeoException("No password found for user " + username);
74 // } else {
75 // byte[] arr = (byte[]) passwordAttributes.first();
76 // password = new String(arr);
77 // // erase password
78 // Arrays.fill(arr, (byte) 0);
79 // }
80
81 try {
82 // we don't have access to password, so let's not pretend
83 String password = UUID.randomUUID().toString();
84 return new JcrUserDetails(userHome.getNode(ARGEO_PROFILE),
85 password, authorities);
86 } catch (RepositoryException e) {
87 throw new ArgeoException("Cannot retrieve user details for "
88 + username, e);
89 }
90 }
91
92 public void mapUserToContext(UserDetails user, final DirContextAdapter ctx) {
93 throw new UnsupportedOperationException("LDAP access is read-only");
94 }
95
96 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi