Java tutorial
/* * Copyright (C) 2011-2014 eXo Platform SAS. * * This file is part of eXo Acceptance Webapp. * * eXo Acceptance Webapp is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 3 of * the License, or (at your option) any later version. * * eXo Acceptance Webapp software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with eXo Acceptance Webapp; if not, write to the Free * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see <http://www.gnu.org/licenses/>. */ package org.exoplatform.acceptance.security; import com.atlassian.crowd.integration.springsecurity.RemoteCrowdAuthenticationProvider; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; /** * This authentication provider is wrapping the one used by Crowd to replace Crowd groups by Application Roles from {@link org.exoplatform.acceptance.security.AppAuthority} * * @author Arnaud Hritier ( aheritier@exoplatform.com ) * @see CrowdGrantedAuthoritiesMapper * @since 2.0.0 */ public class CrowdAuthenticationProviderWrapper implements AuthenticationProvider { private final RemoteCrowdAuthenticationProvider crowdAuthenticationProvider; private final CrowdGrantedAuthoritiesMapper grantedAuthoritiesMapper; /** * <p>Constructor for CrowdAuthenticationProviderWrapper.</p> * * @param crowdAuthenticationProvider a {@link com.atlassian.crowd.integration.springsecurity.RemoteCrowdAuthenticationProvider} object. * @param grantedAuthoritiesMapper a {@link org.exoplatform.acceptance.security.CrowdGrantedAuthoritiesMapper} object. */ public CrowdAuthenticationProviderWrapper(RemoteCrowdAuthenticationProvider crowdAuthenticationProvider, CrowdGrantedAuthoritiesMapper grantedAuthoritiesMapper) { this.crowdAuthenticationProvider = crowdAuthenticationProvider; this.grantedAuthoritiesMapper = grantedAuthoritiesMapper; } /** * {@inheritDoc} * Performs authentication with the same contract as {@link * org.springframework.security.authentication.AuthenticationManager#authenticate(Authentication)}. */ @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { Authentication crowdAuthentication = crowdAuthenticationProvider.authenticate(authentication); return new UsernamePasswordAuthenticationToken(crowdAuthentication.getPrincipal(), crowdAuthentication.getCredentials(), grantedAuthoritiesMapper.mapAuthorities(crowdAuthentication.getAuthorities())); } /** * {@inheritDoc} * Returns <code>true</code> if this <Code>AuthenticationProvider</code> supports the indicated * <Code>Authentication</code> object. * <p> * Returning <code>true</code> does not guarantee an <code>AuthenticationProvider</code> will be able to * authenticate the presented instance of the <code>Authentication</code> class. It simply indicates it can support * closer evaluation of it. An <code>AuthenticationProvider</code> can still return <code>null</code> from the * {@link #authenticate(Authentication)} method to indicate another <code>AuthenticationProvider</code> should be * tried. * </p> * <p>Selection of an <code>AuthenticationProvider</code> capable of performing authentication is * conducted at runtime the <code>ProviderManager</code>.</p> */ @Override public boolean supports(Class<?> authentication) { return crowdAuthenticationProvider.supports(authentication); } }