2 * Copyright (C) 2010 Mathieu Baudier <mbaudier@argeo.org>
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package org
.argeo
.security
.core
;
19 import org
.argeo
.ArgeoException
;
20 import org
.argeo
.security
.ArgeoSecurity
;
21 import org
.argeo
.security
.ArgeoSecurityDao
;
22 import org
.argeo
.security
.ArgeoSecurityService
;
23 import org
.argeo
.security
.ArgeoUser
;
24 import org
.argeo
.security
.SimpleArgeoUser
;
25 import org
.springframework
.core
.task
.SimpleAsyncTaskExecutor
;
26 import org
.springframework
.core
.task
.TaskExecutor
;
27 import org
.springframework
.security
.Authentication
;
28 import org
.springframework
.security
.AuthenticationManager
;
29 import org
.springframework
.security
.context
.SecurityContext
;
30 import org
.springframework
.security
.context
.SecurityContextHolder
;
32 public class DefaultSecurityService
implements ArgeoSecurityService
{
33 private ArgeoSecurity argeoSecurity
= new DefaultArgeoSecurity();
34 private ArgeoSecurityDao securityDao
;
35 private AuthenticationManager authenticationManager
;
37 private String systemAuthenticationKey
;
39 public ArgeoSecurityDao
getSecurityDao() {
43 public void newRole(String role
) {
44 securityDao
.createRole(role
, argeoSecurity
.getSuperUsername());
47 public void updateUserPassword(String username
, String password
) {
48 SimpleArgeoUser user
= new SimpleArgeoUser(securityDao
50 user
.setPassword(password
);
51 securityDao
.update(user
);
54 public void updateCurrentUserPassword(String oldPassword
, String newPassword
) {
55 SimpleArgeoUser user
= new SimpleArgeoUser(securityDao
.getCurrentUser());
56 if (!user
.getPassword().equals(oldPassword
))
57 throw new ArgeoException("Old password is not correct.");
58 user
.setPassword(newPassword
);
59 securityDao
.update(user
);
62 public void newUser(ArgeoUser user
) {
63 user
.getUserNatures().clear();
64 argeoSecurity
.beforeCreate(user
);
65 securityDao
.create(user
);
68 public void updateUser(ArgeoUser user
) {
69 String password
= securityDao
.getUserWithPassword(user
.getUsername())
71 SimpleArgeoUser simpleArgeoUser
= new SimpleArgeoUser(user
);
72 simpleArgeoUser
.setPassword(password
);
73 securityDao
.update(simpleArgeoUser
);
76 public TaskExecutor
createSystemAuthenticatedTaskExecutor() {
77 return new SimpleAsyncTaskExecutor() {
78 private static final long serialVersionUID
= -8126773862193265020L;
81 public Thread
createThread(Runnable runnable
) {
83 .createThread(wrapWithSystemAuthentication(runnable
));
90 * Wraps another runnable, adding security context <br/>
91 * TODO: secure the call to this method with Java Security
93 public Runnable
wrapWithSystemAuthentication(final Runnable runnable
) {
94 return new Runnable() {
97 SecurityContext securityContext
= SecurityContextHolder
99 Authentication auth
= authenticationManager
100 .authenticate(new InternalAuthentication(
101 systemAuthenticationKey
));
102 securityContext
.setAuthentication(auth
);
109 public void setArgeoSecurity(ArgeoSecurity argeoSecurity
) {
110 this.argeoSecurity
= argeoSecurity
;
113 public void setSecurityDao(ArgeoSecurityDao dao
) {
114 this.securityDao
= dao
;
117 public void setAuthenticationManager(
118 AuthenticationManager authenticationManager
) {
119 this.authenticationManager
= authenticationManager
;
122 public void setSystemAuthenticationKey(String systemAuthenticationKey
) {
123 this.systemAuthenticationKey
= systemAuthenticationKey
;