security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/OsAuthenticationProvider.java

   1 /*
   2  * Copyright (C) 2007-2012 Mathieu Baudier
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.security.core;
  17
  18 import java.util.ArrayList;
  19 import java.util.List;
  20
  21 import org.argeo.security.OsAuthenticationToken;
  22 import org.springframework.security.Authentication;
  23 import org.springframework.security.AuthenticationException;
  24 import org.springframework.security.GrantedAuthority;
  25 import org.springframework.security.GrantedAuthorityImpl;
  26 import org.springframework.security.providers.AuthenticationProvider;
  27
  28 /**
  29  * Validates an OS authentication. The id is that it will always be
  30  * authenticated since we are always runnign within an OS, but the fact that the
  31  * {@link Authentication} works properly depends on the proper OS login module
  32  * having been called as well.
  33  */
  34 public class OsAuthenticationProvider implements AuthenticationProvider {
  35         private String osUserRole = "ROLE_OS_USER";
  36         private String userRole = "ROLE_USER";
  37         private String adminRole = "ROLE_ADMIN";
  38
  39         private Boolean isAdmin = true;
  40
  41         public Authentication authenticate(Authentication authentication)
  42                         throws AuthenticationException {
  43                 return new OsAuthenticationToken(getBaseAuthorities());
  44         }
  45
  46         protected GrantedAuthority[] getBaseAuthorities() {
  47                 List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
  48                 auths.add(new GrantedAuthorityImpl(osUserRole));
  49                 auths.add(new GrantedAuthorityImpl(userRole));
  50                 if (isAdmin)
  51                         auths.add(new GrantedAuthorityImpl(adminRole));
  52                 return auths.toArray(new GrantedAuthority[auths.size()]);
  53         }
  54
  55         @SuppressWarnings("rawtypes")
  56         public boolean supports(Class authentication) {
  57                 return OsAuthenticationToken.class.isAssignableFrom(authentication);
  58         }
  59
  60         public void setOsUserRole(String osUserRole) {
  61                 this.osUserRole = osUserRole;
  62         }
  63
  64         public void setUserRole(String userRole) {
  65                 this.userRole = userRole;
  66         }
  67
  68         public void setAdminRole(String adminRole) {
  69                 this.adminRole = adminRole;
  70         }
  71
  72         public void setIsAdmin(Boolean isAdmin) {
  73                 this.isAdmin = isAdmin;
  74         }
  75
  76 }