source: branches/TaskRewrite/src/plugins/acegi-0.5.1/src/groovy/org/codehaus/groovy/grails/plugins/springsecurity/kerberos/GrailsKerberosAuthenticationProvider.groovy @ 58

Last change on this file since 58 was 58, checked in by gav, 15 years ago

Configure BootStrap? with latest concepts.
Install and setup Acegi plugin with custom views.
Test Fixture plugin in a test app but couldn't get it to work with Acegi encodePassword() so gave up.
File size: 2.5 KB
Line 
1/* Copyright 2006-2009 the original author or authors.
2 *
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *      http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15package org.codehaus.groovy.grails.plugins.springsecurity.kerberos
16
17import org.springframework.security.Authentication
18import org.springframework.security.AuthenticationException
19import org.springframework.security.GrantedAuthority
20import org.springframework.security.providers.jaas.JaasAuthenticationProvider
21import org.springframework.security.providers.jaas.JaasAuthenticationToken
22
23/**
24 * Kerberos {@link AuthenticationProvider}.
25 *
26 * @author <a href='mailto:mmornati@byte-code.com'>Marco Mornati</a>
27 * @author <a href='mailto:beckwithb@studentsonly.com'>Burt Beckwith</a>
28 */
29class GrailsKerberosAuthenticationProvider extends JaasAuthenticationProvider {
30
31        def authenticateService
32        def userDetailsService
33
34        /**
35         * {@inheritDoc}
36         * @see org.springframework.security.providers.jaas.JaasAuthenticationProvider#authenticate(
37         *      org.springframework.security.Authentication)
38         */
39        @Override
40        Authentication authenticate(Authentication auth) throws AuthenticationException {
41
42                Authentication authToken = super.authenticate(auth)
43
44                if (authToken instanceof JaasAuthenticationToken) {
45                        String username = authToken.principal
46                        boolean retrieveDatabaseRoles = authenticateService.securityConfig.security.kerberosRetrieveDatabaseRoles
47                        def dbDetails = userDetailsService.loadUserByUsername(username, retrieveDatabaseRoles)
48                        def authorities = mergeDatabaseRoles(dbDetails, authToken.authorities)
49                        dbDetails.authorities = authorities
50                        authToken = new JaasAuthenticationToken(
51                                        dbDetails, authToken.credentials,
52                                        dbDetails.authorities, authToken.loginContext);
53                }
54
55                return authToken
56        }
57
58        private GrantedAuthority[] mergeDatabaseRoles(details, GrantedAuthority[] authorities) {
59                List merged = []
60                if (authorities) {
61                        merged.addAll(authorities as List)
62                }
63
64                if (details.authorities) {
65                        merged.addAll(details.authorities as List)
66                }
67
68                return merged as GrantedAuthority[]
69        }
70}
Note: See TracBrowser for help on using the repository browser.