http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">\r
\r
<service interface="org.argeo.security.ldap.UserNatureMapper">\r
- <beans:bean class="org.argeo.security.ldap.nature.SimpleUserNatureMapper" />\r
+ <beans:bean name="simpleUser" class="org.argeo.security.ldap.nature.SimpleUserNatureMapper" />\r
</service>\r
\r
<service interface="org.argeo.security.ldap.UserNatureMapper">\r
- <beans:bean class="org.argeo.security.ldap.nature.CoworkerUserNatureMapper" />\r
+ <beans:bean name="coworker" class="org.argeo.security.ldap.nature.CoworkerUserNatureMapper" />\r
</service>\r
\r
</beans:beans>
\ No newline at end of file
import java.util.List;
public interface ArgeoSecurityDao {
- public ArgeoUser getCurrentUser();
+// public ArgeoUser getCurrentUser();
public List<ArgeoUser> listUsers();
public ArgeoUser getUser(String username);
public ArgeoUser getUserWithPassword(String username);
+
+ public String getDefaultRole();
}
package org.argeo.security;
public interface ArgeoSecurityService {
+ public ArgeoUser getCurrentUser();
+
public void newUser(ArgeoUser argeoUser);
public void updateUser(ArgeoUser user);
}
/** The provided list, for chaining using {@link Collections} */
- protected static List<String> addAuthoritiesToRoles(
+ public static List<String> addAuthoritiesToRoles(
GrantedAuthority[] authorities, List<String> roles) {
for (GrantedAuthority authority : authorities) {
roles.add(authority.getAuthority());
return roles;
}
- protected static GrantedAuthority[] rolesToAuthorities(List<String> roles) {
+ public static GrantedAuthority[] rolesToAuthorities(List<String> roles) {
GrantedAuthority[] arr = new GrantedAuthority[roles.size()];
for (int i = 0; i < roles.size(); i++) {
String role = roles.get(i);
private String systemAuthenticationKey;
+ public ArgeoUser getCurrentUser() {
+ ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser();
+ if (argeoUser == null)
+ return null;
+ if (argeoUser.getRoles().contains(securityDao.getDefaultRole()))
+ argeoUser.getRoles().remove(securityDao.getDefaultRole());
+ return argeoUser;
+ }
+
public ArgeoSecurityDao getSecurityDao() {
return securityDao;
}
}
public void updateUserPassword(String username, String password) {
- SimpleArgeoUser user = new SimpleArgeoUser(securityDao
- .getUser(username));
+ SimpleArgeoUser user = new SimpleArgeoUser(
+ securityDao.getUser(username));
user.setPassword(password);
securityDao.update(user);
}
public void updateCurrentUserPassword(String oldPassword, String newPassword) {
- SimpleArgeoUser user = new SimpleArgeoUser(securityDao.getCurrentUser());
+ SimpleArgeoUser user = new SimpleArgeoUser(getCurrentUser());
if (!user.getPassword().equals(oldPassword))
throw new ArgeoException("Old password is not correct.");
user.setPassword(newPassword);
public void setSystemAuthenticationKey(String systemAuthenticationKey) {
this.systemAuthenticationKey = systemAuthenticationKey;
}
-
}
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
-import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper;
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
import org.springframework.security.ldap.LdapUtils;
import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
+import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsManager;
import org.springframework.security.userdetails.UserDetailsService;
ldapTemplate = new LdapTemplate(this.contextSource);
}
- public void create(ArgeoUser user) {
+ public synchronized void create(ArgeoUser user) {
userDetailsManager.createUser(new ArgeoUserDetails(user));
}
- public ArgeoUser getUser(String uname) {
+ public synchronized ArgeoUser getUser(String uname) {
SimpleArgeoUser user = createSimpleArgeoUser(getDetails(uname));
user.setPassword(null);
return user;
}
- public ArgeoUser getUserWithPassword(String uname) {
+ public synchronized ArgeoUser getUserWithPassword(String uname) {
return createSimpleArgeoUser(getDetails(uname));
}
- public ArgeoUser getCurrentUser() {
- ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser();
- if (argeoUser == null)
- return null;
- if (argeoUser.getRoles().contains(defaultRole))
- argeoUser.getRoles().remove(defaultRole);
- return argeoUser;
- }
+// public ArgeoUser getCurrentUser() {
+// ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser();
+// if (argeoUser == null)
+// return null;
+// if (argeoUser.getRoles().contains(defaultRole))
+// argeoUser.getRoles().remove(defaultRole);
+// return argeoUser;
+// }
@SuppressWarnings("unchecked")
- public List<ArgeoUser> listUsers() {
+ public synchronized List<ArgeoUser> listUsers() {
List<String> usernames = (List<String>) ldapTemplate.listBindings(
new DistinguishedName(userBase), new ContextMapper() {
public Object mapFromContext(Object ctxArg) {
});
}
- public void update(ArgeoUser user) {
+ public synchronized void update(ArgeoUser user) {
+ ArgeoUserDetails argeoUserDetails = new ArgeoUserDetails(user);
userDetailsManager.updateUser(new ArgeoUserDetails(user));
+ // refresh logged in user
+ if (ArgeoUserDetails.securityContextUser().getUsername()
+ .equals(argeoUserDetails.getUsername())) {
+ SecurityContextHolder.getContext().setAuthentication(
+ new UsernamePasswordAuthenticationToken(argeoUserDetails,
+ null, argeoUserDetails.getAuthorities()));
+ }
}
- public void delete(String username) {
+ public synchronized void delete(String username) {
userDetailsManager.deleteUser(username);
}
- public Boolean userExists(String username) {
+ public synchronized Boolean userExists(String username) {
return userDetailsManager.userExists(username);
}
public class SimpleUserNatureMapper implements UserNatureMapper {
public String getName() {
- return "simple";
+ return "simpleUser";
}
public UserNature mapUserInfoFromContext(DirContextOperations ctx) {
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.argeo.commons.security</groupId>
<Export-Package>
org.argeo.security.mvc.*
</Export-Package>
+ <Import-Package>*,javax.servlet</Import-Package>
</instructions>
</configuration>
</plugin>
<artifactId>org.argeo.server.core</artifactId>
<version>0.2.1-SNAPSHOT</version>
</dependency>
-
+
<!-- Argeo Security -->
<dependency>
<groupId>org.argeo.commons.security</groupId>
<artifactId>org.argeo.security.core</artifactId>
<version>0.2.1-SNAPSHOT</version>
</dependency>
-
+
<!-- Spring -->
<dependency>
<groupId>org.springframework</groupId>
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
- request.setAttribute("argeoUser", securityService.getSecurityDao()
- .getCurrentUser());
+ request.setAttribute("argeoUser", securityService.getCurrentUser());
return super.preHandle(request, response, handler);
}
@RequestMapping("/getCredentials.*")
@ModelAttribute("user")
public ArgeoUser getCredentials() {
- ArgeoUser argeoUser = securityService.getSecurityDao().getCurrentUser();
+ ArgeoUser argeoUser = securityService.getCurrentUser();
if (argeoUser == null)
return new SimpleArgeoUser();
else
@ModelAttribute("user")
/** Will only update the user natures.*/
public ArgeoUser updateUserSelf(Reader reader) {
- ArgeoUser user = securityService.getSecurityDao().getCurrentUser();
+ ArgeoUser user = securityService.getCurrentUser();
ArgeoUser userForNatures = userDeserializer.deserialize(reader,
SimpleArgeoUser.class);
user.updateUserNatures(userForNatures.getUserNatures());