Context Navigation

source: branches/TaskRewrite/src/plugins/acegi-0.5.1/src/groovy/org/codehaus/groovy/grails/plugins/springsecurity/ldap/GrailsLdapUserDetailsMapper.groovy @ 58

Last change on this file since 58 was 58, checked in by gav, 15 years ago
Configure BootStrap? with latest concepts. Install and setup Acegi plugin with custom views. Test Fixture plugin in a test app but couldn't get it to work with Acegi encodePassword() so gave up.
File size: 3.0 KB

Rev	Line
[58]	1	/* Copyright 2006-2009 the original author or authors.
	2	*
	3	* Licensed under the Apache License, Version 2.0 (the "License");
	4	* you may not use this file except in compliance with the License.
	5	* You may obtain a copy of the License at
	6	*
	7	* http://www.apache.org/licenses/LICENSE-2.0
	8	*
	9	* Unless required by applicable law or agreed to in writing, software
	10	* distributed under the License is distributed on an "AS IS" BASIS,
	11	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	12	* See the License for the specific language governing permissions and
	13	* limitations under the License.
	14	*/
	15	package org.codehaus.groovy.grails.plugins.springsecurity.ldap
	16
	17	import org.codehaus.groovy.grails.plugins.springsecurity.ldap.GrailsLdapUser
	18
	19	import org.springframework.ldap.core.DirContextOperations
	20	import org.springframework.security.GrantedAuthority
	21	import org.springframework.security.userdetails.UserDetails
	22	import org.springframework.security.userdetails.ldap.LdapUserDetails
	23	import org.springframework.security.userdetails.ldap.LdapUserDetailsMapper
	24
	25	/**
	26	* Extends the default to return a {@link GrailsLdapUser} implementing
	27	* both {@link GrailsUser} and {@link LdapUserDetails}.
	28	*
	29	* @author <a href='mailto:beckwithb@studentsonly.com'>Burt Beckwith</a>
	30	*/
	31	class GrailsLdapUserDetailsMapper extends LdapUserDetailsMapper {
	32
	33	/**
	34	* Dependency injection for the user details service.
	35	*/
	36	def userDetailsService
	37
	38	/**
	39	* Dependency injection for whether to use passwords retrieved from LDAP.
	40	*/
	41	boolean usePassword
	42
	43	/**
	44	* Dependency injection for whether to retrieve roles from the database in addition to LDAP
	45	*/
	46	boolean retrieveDatabaseRoles
	47
	48	/**
	49	* {@inheritDoc}
	50	* @see org.springframework.security.userdetails.ldap.LdapUserDetailsMapper#mapUserFromContext(
	51	* org.springframework.ldap.core.DirContextOperations, java.lang.String,
	52	* org.springframework.security.GrantedAuthority[])
	53	*/
	54	@Override
	55	UserDetails mapUserFromContext(DirContextOperations ctx, String username, GrantedAuthority[] authorities) {
	56
	57	def dbDetails = userDetailsService.loadUserByUsername(username, retrieveDatabaseRoles)
	58	authorities = mergeDatabaseRoles(dbDetails, authorities)
	59
	60	LdapUserDetails ldapDetails = (LdapUserDetails)super.mapUserFromContext(ctx, username, authorities)
	61	if (usePassword) {
	62	return new GrailsLdapUser(ldapDetails, dbDetails.domainClass)
	63	}
	64
	65	// use a dummy password to avoid an exception from the User base class
	66	return new GrailsLdapUser(details.username, 'not_used', details.enabled,
	67	details.accountNonExpired, details.credentialsNonExpired,
	68	details.accountNonLocked, details.authorities,
	69	details.attributes, details.dn, dbDetails.domainClass)
	70	}
	71
	72	private GrantedAuthority[] mergeDatabaseRoles(details, GrantedAuthority[] authorities) {
	73	List merged = []
	74	if (authorities) {
	75	merged.addAll(authorities as List)
	76	}
	77
	78	if (details.authorities) {
	79	merged.addAll(details.authorities as List)
	80	}
	81
	82	return merged as GrantedAuthority[]
	83	}
	84	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: