View Javadoc
1   /**
2    * Copyright 2005-2015 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kim.client.acegi;
17  
18  import org.acegisecurity.GrantedAuthority;
19  import org.acegisecurity.GrantedAuthorityImpl;
20  import org.acegisecurity.userdetails.User;
21  import org.acegisecurity.userdetails.UserDetails;
22  import org.apache.commons.logging.Log;
23  import org.apache.commons.logging.LogFactory;
24  import org.springframework.beans.factory.InitializingBean;
25  
26  /**
27   * Populates a UserDetails object with ticket or username and 
28   * Authentication Method
29   *  
30   * @author Kuali Rice Team (rice.collab@kuali.org)
31   *
32   */
33  public class KualiUserDetailsServiceImpl implements KualiUserDetailsService, InitializingBean
34  {
35      private static final Log logger = LogFactory.getLog(KualiUserDetailsServiceImpl.class);
36  
37      public void afterPropertiesSet() throws Exception {}
38      
39      /**
40       * This overridden method appends the Distributed Session Ticket to the
41       * granted authorities
42       * 
43       * @see org.kuali.rice.kim.client.acegi.KualiUserDetailsService#loadUserByTicketResponse(org.kuali.rice.kim.client.acegi.KualiTicketResponse)
44       */
45      public UserDetails loadUserByTicketResponse(KualiTicketResponse response) {
46          GrantedAuthority[] authorities = new GrantedAuthority[1];
47          authorities[0]= new GrantedAuthorityImpl(response.getDistributedSessionToken());
48          if (logger.isDebugEnabled()) {
49              logger.debug("loadUserByTicketResponse:" + response.getDistributedSessionToken());
50          }
51          return loadUserByUsernameAndAuthorities(response.getUser(), authorities); 
52      }
53  
54      /**
55       * This overridden method ...
56       * 
57       * @see org.acegisecurity.userdetails.UserDetailsService#loadUserByUsername(java.lang.String)
58       */
59      public UserDetails loadUserByUsername(String username)
60      {
61          if (logger.isDebugEnabled()) {
62              logger.debug("loadUserByUsername");
63          }
64          return loadUserByUsernameAndAuthorities(username, new GrantedAuthority[0]);        
65      }
66      
67      /**
68       * This method is necessary for loading users by the ticket response
69       * 
70       * @param username
71       * @param authorities
72       * @return the UserDetails
73       */
74      public UserDetails loadUserByUsernameAndAuthorities(String username, GrantedAuthority[] authorities) {
75          if (logger.isDebugEnabled()) {
76              logger.debug("loadUserByUsernameAndAuthorities");
77          }
78          GrantedAuthority[] newAuthorities = new GrantedAuthority[authorities.length+1];
79          System.arraycopy(authorities, 0, newAuthorities, 0, authorities.length);
80          newAuthorities[authorities.length]= new GrantedAuthorityImpl("ROLE_KUALI_USER");
81          logger.warn("setting granted authorities:" + newAuthorities.toString());
82          UserDetails user = new User(username, "empty_password", true, true, true, true, newAuthorities);    
83          return user;
84      }
85  
86     
87  }