Source code

001/**
002 * Copyright 2005-2015 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.kim.client.acegi;
017
018import org.acegisecurity.GrantedAuthority;
019import org.acegisecurity.GrantedAuthorityImpl;
020import org.acegisecurity.userdetails.User;
021import org.acegisecurity.userdetails.UserDetails;
022import org.apache.commons.logging.Log;
023import org.apache.commons.logging.LogFactory;
024import org.springframework.beans.factory.InitializingBean;
025
026/**
027 * Populates a UserDetails object with ticket or username and 
028 * Authentication Method
029 *  
030 * @author Kuali Rice Team (rice.collab@kuali.org)
031 *
032 */
033public class KualiUserDetailsServiceImpl implements KualiUserDetailsService, InitializingBean
034{
035    private static final Log logger = LogFactory.getLog(KualiUserDetailsServiceImpl.class);
036
037    public void afterPropertiesSet() throws Exception {}
038    
039    /**
040     * This overridden method appends the Distributed Session Ticket to the
041     * granted authorities
042     * 
043     * @see org.kuali.rice.kim.client.acegi.KualiUserDetailsService#loadUserByTicketResponse(org.kuali.rice.kim.client.acegi.KualiTicketResponse)
044     */
045    public UserDetails loadUserByTicketResponse(KualiTicketResponse response) {
046        GrantedAuthority[] authorities = new GrantedAuthority[1];
047        authorities[0]= new GrantedAuthorityImpl(response.getDistributedSessionToken());
048        if (logger.isDebugEnabled()) {
049            logger.debug("loadUserByTicketResponse:" + response.getDistributedSessionToken());
050        }
051        return loadUserByUsernameAndAuthorities(response.getUser(), authorities); 
052    }
053
054    /**
055     * This overridden method ...
056     * 
057     * @see org.acegisecurity.userdetails.UserDetailsService#loadUserByUsername(java.lang.String)
058     */
059    public UserDetails loadUserByUsername(String username)
060    {
061        if (logger.isDebugEnabled()) {
062            logger.debug("loadUserByUsername");
063        }
064        return loadUserByUsernameAndAuthorities(username, new GrantedAuthority[0]);        
065    }
066    
067    /**
068     * This method is necessary for loading users by the ticket response
069     * 
070     * @param username
071     * @param authorities
072     * @return the UserDetails
073     */
074    public UserDetails loadUserByUsernameAndAuthorities(String username, GrantedAuthority[] authorities) {
075        if (logger.isDebugEnabled()) {
076            logger.debug("loadUserByUsernameAndAuthorities");
077        }
078        GrantedAuthority[] newAuthorities = new GrantedAuthority[authorities.length+1];
079        System.arraycopy(authorities, 0, newAuthorities, 0, authorities.length);
080        newAuthorities[authorities.length]= new GrantedAuthorityImpl("ROLE_KUALI_USER");
081        logger.warn("setting granted authorities:" + newAuthorities.toString());
082        UserDetails user = new User(username, "empty_password", true, true, true, true, newAuthorities);    
083        return user;
084    }
085
086   
087}