import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.AuthenticationProvider;
-/** Validates an OS authentication. */
+/**
+ * Validates an OS authentication. The id is that it will always be
+ * authenticated since we are always runnign within an OS, but the fact that the
+ * {@link Authentication} works properly depends on the proper OS login module
+ * having been called as well.
+ */
public class OsAuthenticationProvider implements AuthenticationProvider {
private String osUserRole = "ROLE_OS_USER";
private String userRole = "ROLE_USER";
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
- if (authentication instanceof OsAuthenticationToken) {
- List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
- auths.add(new GrantedAuthorityImpl(osUserRole));
- auths.add(new GrantedAuthorityImpl(userRole));
- if (isAdmin)
- auths.add(new GrantedAuthorityImpl(adminRole));
- return new OsAuthenticationToken(
- auths.toArray(new GrantedAuthority[auths.size()]));
- }
- return null;
+ return new OsAuthenticationToken(getBaseAuthorities());
+ }
+
+ protected GrantedAuthority[] getBaseAuthorities() {
+ List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
+ auths.add(new GrantedAuthorityImpl(osUserRole));
+ auths.add(new GrantedAuthorityImpl(userRole));
+ if (isAdmin)
+ auths.add(new GrantedAuthorityImpl(adminRole));
+ return auths.toArray(new GrantedAuthority[auths.size()]);
}
@SuppressWarnings("rawtypes")
this.osUserRole = osUserRole;
}
+ public void setUserRole(String userRole) {
+ this.userRole = userRole;
+ }
+
public void setAdminRole(String adminRole) {
this.adminRole = adminRole;
}