2 * Copyright (C) 2010 Mathieu Baudier <mbaudier@argeo.org>
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package org
.argeo
.security
.core
;
19 import java
.util
.HashSet
;
20 import java
.util
.Iterator
;
23 import org
.argeo
.security
.ArgeoSecurity
;
24 import org
.argeo
.security
.ArgeoSecurityDao
;
25 import org
.argeo
.security
.ArgeoSecurityService
;
26 import org
.argeo
.security
.ArgeoUser
;
27 import org
.argeo
.security
.SimpleArgeoUser
;
28 import org
.argeo
.security
.UserAdminService
;
29 import org
.springframework
.core
.task
.SimpleAsyncTaskExecutor
;
30 import org
.springframework
.core
.task
.TaskExecutor
;
31 import org
.springframework
.security
.Authentication
;
32 import org
.springframework
.security
.AuthenticationManager
;
33 import org
.springframework
.security
.context
.SecurityContext
;
34 import org
.springframework
.security
.context
.SecurityContextHolder
;
36 public class DefaultSecurityService
extends DefaultCurrentUserService
implements
37 UserAdminService
, ArgeoSecurityService
{
38 private ArgeoSecurity argeoSecurity
= new DefaultArgeoSecurity();
39 private ArgeoSecurityDao securityDao
;
40 private AuthenticationManager authenticationManager
;
42 private String systemAuthenticationKey
;
44 public ArgeoSecurityDao
getSecurityDao() {
48 public void newRole(String role
) {
49 securityDao
.createRole(role
, argeoSecurity
.getSuperUsername());
52 public void updateUserPassword(String username
, String password
) {
53 SimpleArgeoUser user
= new SimpleArgeoUser(
54 securityDao
.getUser(username
));
55 user
.setPassword(encodePassword(password
));
56 securityDao
.updateUser(user
);
59 public void newUser(ArgeoUser user
) {
60 argeoSecurity
.beforeCreate(user
);
62 if (user
instanceof SimpleArgeoUser
) {
63 if (user
.getPassword() == null || user
.getPassword().equals(""))
64 ((SimpleArgeoUser
) user
).setPassword(encodePassword(user
66 else if (!user
.getPassword().startsWith("{"))
67 ((SimpleArgeoUser
) user
).setPassword(encodePassword(user
70 securityDao
.createUser(user
);
73 public ArgeoUser
getUser(String username
) {
74 return securityDao
.getUser(username
);
77 public Boolean
userExists(String username
) {
78 return securityDao
.userExists(username
);
81 public void updateUser(ArgeoUser user
) {
82 String password
= user
.getPassword();
84 password
= securityDao
.getUserWithPassword(user
.getUsername())
86 if (!password
.startsWith("{"))
87 password
= encodePassword(user
.getPassword());
88 SimpleArgeoUser simpleArgeoUser
= new SimpleArgeoUser(user
);
89 simpleArgeoUser
.setPassword(password
);
90 securityDao
.updateUser(simpleArgeoUser
);
93 public void deleteUser(String username
) {
94 securityDao
.deleteUser(username
);
98 public void deleteRole(String role
) {
99 securityDao
.deleteRole(role
);
103 public TaskExecutor
createSystemAuthenticatedTaskExecutor() {
104 return new SimpleAsyncTaskExecutor() {
105 private static final long serialVersionUID
= -8126773862193265020L;
108 public Thread
createThread(Runnable runnable
) {
110 .createThread(wrapWithSystemAuthentication(runnable
));
117 * Wraps another runnable, adding security context <br/>
118 * TODO: secure the call to this method with Java Security
121 public Runnable
wrapWithSystemAuthentication(final Runnable runnable
) {
122 return new Runnable() {
125 SecurityContext securityContext
= SecurityContextHolder
127 Authentication auth
= authenticationManager
128 .authenticate(new InternalAuthentication(
129 systemAuthenticationKey
));
130 securityContext
.setAuthentication(auth
);
137 public Set
<ArgeoUser
> listUsersInRole(String role
) {
138 Set
<ArgeoUser
> lst
= new HashSet
<ArgeoUser
>(
139 securityDao
.listUsersInRole(role
));
140 Iterator
<ArgeoUser
> it
= lst
.iterator();
141 while (it
.hasNext()) {
142 if (it
.next().getUsername()
143 .equals(argeoSecurity
.getSuperUsername())) {
151 public Set
<ArgeoUser
> listUsers() {
152 return securityDao
.listUsers();
155 public Set
<String
> listEditableRoles() {
156 // TODO Auto-generated method stub
157 return securityDao
.listEditableRoles();
160 public void setArgeoSecurity(ArgeoSecurity argeoSecurity
) {
161 this.argeoSecurity
= argeoSecurity
;
164 public void setSecurityDao(ArgeoSecurityDao dao
) {
165 this.securityDao
= dao
;
166 setCurrentUserDao(dao
);
169 public void setAuthenticationManager(
170 AuthenticationManager authenticationManager
) {
171 this.authenticationManager
= authenticationManager
;
174 public void setSystemAuthenticationKey(String systemAuthenticationKey
) {
175 this.systemAuthenticationKey
= systemAuthenticationKey
;