import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
-import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper;
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
import org.springframework.security.ldap.LdapUtils;
import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
+import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsManager;
import org.springframework.security.userdetails.UserDetailsService;
ldapTemplate = new LdapTemplate(this.contextSource);
}
- public void create(ArgeoUser user) {
+ public synchronized void create(ArgeoUser user) {
userDetailsManager.createUser(new ArgeoUserDetails(user));
}
- public ArgeoUser getUser(String uname) {
+ public synchronized ArgeoUser getUser(String uname) {
SimpleArgeoUser user = createSimpleArgeoUser(getDetails(uname));
user.setPassword(null);
return user;
}
- public ArgeoUser getUserWithPassword(String uname) {
+ public synchronized ArgeoUser getUserWithPassword(String uname) {
return createSimpleArgeoUser(getDetails(uname));
}
- public ArgeoUser getCurrentUser() {
- Authentication authentication = SecurityContextHolder.getContext()
- .getAuthentication();
- ArgeoUser argeoUser = ArgeoUserDetails.asArgeoUser(authentication);
- if (argeoUser == null)
- return null;
- if (argeoUser.getRoles().contains(defaultRole))
- argeoUser.getRoles().remove(defaultRole);
- return argeoUser;
- }
+// public ArgeoUser getCurrentUser() {
+// ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser();
+// if (argeoUser == null)
+// return null;
+// if (argeoUser.getRoles().contains(defaultRole))
+// argeoUser.getRoles().remove(defaultRole);
+// return argeoUser;
+// }
@SuppressWarnings("unchecked")
- public List<ArgeoUser> listUsers() {
+ public synchronized List<ArgeoUser> listUsers() {
List<String> usernames = (List<String>) ldapTemplate.listBindings(
new DistinguishedName(userBase), new ContextMapper() {
public Object mapFromContext(Object ctxArg) {
});
}
- public void update(ArgeoUser user) {
+ public synchronized void update(ArgeoUser user) {
+ ArgeoUserDetails argeoUserDetails = new ArgeoUserDetails(user);
userDetailsManager.updateUser(new ArgeoUserDetails(user));
+ // refresh logged in user
+ if (ArgeoUserDetails.securityContextUser().getUsername()
+ .equals(argeoUserDetails.getUsername())) {
+ SecurityContextHolder.getContext().setAuthentication(
+ new UsernamePasswordAuthenticationToken(argeoUserDetails,
+ null, argeoUserDetails.getAuthorities()));
+ }
}
- public void delete(String username) {
+ public synchronized void delete(String username) {
userDetailsManager.deleteUser(username);
}
- public Boolean userExists(String username) {
+ public synchronized Boolean userExists(String username) {
return userDetailsManager.userExists(username);
}
.executeReadWrite(new ContextExecutor() {
public Object executeWithContext(DirContext ctx)
throws NamingException {
- return LdapUtils.getFullDn(usernameMapper
- .buildDn(superuserName), ctx);
+ return LdapUtils.getFullDn(
+ usernameMapper.buildDn(superuserName), ctx);
}
});
context.setAttributeValue("cn", group);
// Add superuser because cannot create empty group
- context.setAttributeValue(groupMemberAttributeName, superuserDn
- .toString());
+ context.setAttributeValue(groupMemberAttributeName,
+ superuserDn.toString());
ldapTemplate.bind(groupDn, context, null);
}