org.exoplatform.mongo.security.Realm.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.exoplatform.mongo.security.Realm.java

Introduction

Here is the source code for org.exoplatform.mongo.security.Realm.java

Source

/*
 * Copyright (C) 2003-2013 eXo Platform SAS.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */
package org.exoplatform.mongo.security;

import java.util.Collection;
import java.util.HashSet;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.exoplatform.mongo.service.CryptDe;
import org.springframework.beans.factory.annotation.Required;

/**
 * @author <a href="mailto:sondn@exoplatform.com">Ngoc Son Dang</a>
 * @since Jul 13, 2013
 * @version 
 * 
 * @tag 
 */
public class Realm extends AuthorizingRealm {

    private CryptDe cryptDe;

    /* (non-Javadoc)
     * @see org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        Collection<String> principalsList = principals.byType(String.class);
        if (principalsList.isEmpty()) {
            throw new AuthorizationException("Empty principals list");
        }
        Set<String> roles = new HashSet<String>();
        roles.add("ops");
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roles);
        info.setRoles(roles);
        // Set<Permission> permissions = new HashSet<Permission>();
        // info.setObjectPermissions(permissions);

        return info;
    }

    /* (non-Javadoc)
     * @see org.apache.shiro.realm.AuthenticatingRealm#doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken userPasswordToken = (UsernamePasswordToken) token;
        String user = userPasswordToken.getUsername();
        String password = new String(userPasswordToken.getPassword());
        if (!cryptDe.validate(user, password)) {
            throw new AuthenticationException("Service cannot allow access with invalid credentials");
        }

        return new SimpleAuthenticationInfo(user, password, getName());
    }

    @Required
    public void setCryptDe(CryptDe cryptDe) {
        this.cryptDe = cryptDe;
    }
}