001: /**
002: * Copyright 2006
003: *
004: * ABAS Software AG (http://www.abas.de)
005: * All rights reserved.
006: */package org.jamwiki.authentication;
007:
008: import java.util.Properties;
009:
010: import org.acegisecurity.GrantedAuthority;
011: import org.acegisecurity.userdetails.UserDetails;
012: import org.acegisecurity.userdetails.UserDetailsService;
013: import org.acegisecurity.userdetails.UsernameNotFoundException;
014: import org.acegisecurity.userdetails.memory.UserMap;
015: import org.acegisecurity.userdetails.memory.UserMapEditor;
016: import org.jamwiki.WikiBase;
017: import org.jamwiki.model.WikiUserInfo;
018: import org.springframework.dao.DataAccessException;
019: import org.springframework.dao.DataRetrievalFailureException;
020:
021: /**
022: * Retrieves user details from an in-memory list created by the bean context. If
023: * no user information is found, a new UserDetails object is created containing
024: * defaultAuthorities. The user is registered in JAMWiki db if no account
025: * exists.
026: *
027: * This class is useful with authentication services not providing user
028: * information like CAS. Each user authenticated by CAS is assigned the
029: * specified in defaultAuthorities. In addition special user mappings can be
030: * provided in a userMap, e.g. to grant certain users the administrator role.
031: *
032: * @author Rainer Schmitz
033: * @since 05.12.2006
034: * @see org.acegisecurity.userdetails.memory.InMemoryDaoImpl
035: *
036: */
037: public class InMemoryDaoWithDefaultRoles implements UserDetailsService {
038:
039: private UserMap userMap;
040: private GrantedAuthority[] defaultAuthorities;
041:
042: /**
043: *
044: */
045: public void setUserMap(UserMap userMap) {
046: this .userMap = userMap;
047: }
048:
049: /**
050: *
051: */
052: public UserMap getUserMap() {
053: return userMap;
054: }
055:
056: /**
057: * Modifies the internal <code>UserMap</code> to reflect the
058: * <code>Properties</code> instance passed. This helps externalise user
059: * information to another file etc.
060: *
061: * @param props The account information in a <code>Properties</code> object
062: * format.
063: */
064: public void setUserProperties(Properties props) {
065: this .userMap = UserMapEditor.addUsersFromProperties(
066: new UserMap(), props);
067: }
068:
069: /**
070: * Default authorities provided to all users not mentioned in userMap.
071: *
072: * @param defaultAuthorities To set.
073: */
074: public void setDefaultAuthorities(
075: GrantedAuthority[] defaultAuthorities) {
076: if (defaultAuthorities == null) {
077: throw new IllegalArgumentException(
078: "Cannot pass a null GrantedAuthority array");
079: }
080: for (int i = 0; i < defaultAuthorities.length; i++) {
081: if (defaultAuthorities[i] == null) {
082: throw new IllegalArgumentException(
083: "Granted authority element "
084: + i
085: + " is null - GrantedAuthority[] cannot contain any null elements");
086: }
087: }
088: this .defaultAuthorities = defaultAuthorities;
089: }
090:
091: /*
092: * (non-Javadoc)
093: *
094: * @see org.acegisecurity.providers.dao.memory.InMemoryDaoImpl#loadUserByUsername(java.lang.String)
095: */
096: public UserDetails loadUserByUsername(String username)
097: throws UsernameNotFoundException, DataAccessException {
098: WikiUserAuth wikiUserAuth = createWikiUserObject(username);
099: syncWikiUserWithJamWikiDB(username, wikiUserAuth);
100: return wikiUserAuth;
101: }
102:
103: /**
104: *
105: */
106: private WikiUserAuth createWikiUserObject(String username) {
107: WikiUserAuth wikiUserAuth;
108: if (userMap == null) {
109: wikiUserAuth = newUserWithDefaultAuthorities(username);
110: } else {
111: try {
112: UserDetails userDetails = userMap.getUser(username);
113: wikiUserAuth = new WikiUserAuth(userDetails
114: .getUsername(), userDetails.getPassword(),
115: true, true, true, true, userDetails
116: .getAuthorities());
117: } catch (UsernameNotFoundException e) {
118: wikiUserAuth = newUserWithDefaultAuthorities(username);
119: }
120: }
121: return wikiUserAuth;
122: }
123:
124: /**
125: *
126: */
127: private WikiUserAuth newUserWithDefaultAuthorities(String username) {
128: return new WikiUserAuth(username, "ignored", true, true, true,
129: true, defaultAuthorities);
130: }
131:
132: /**
133: *
134: */
135: private void syncWikiUserWithJamWikiDB(String username,
136: WikiUserAuth wikiUserAuth) {
137: try {
138: WikiUserInfo userInfo = WikiBase.getUserHandler()
139: .lookupWikiUserInfo(username);
140: if (userInfo == null) {
141: // add user to JAMWiki database
142: userInfo = new WikiUserInfo();
143: userInfo.setUsername(username);
144: // password will never be used
145: userInfo.setEncodedPassword("kd4%6/tzZh§FGER");
146: WikiBase.getDataHandler().writeWikiUser(wikiUserAuth,
147: userInfo, null);
148: userInfo = WikiBase.getUserHandler()
149: .lookupWikiUserInfo(username);
150: }
151: wikiUserAuth.setUserId(userInfo.getUserId());
152: } catch (Exception e) {
153: throw new DataRetrievalFailureException(e.getMessage(), e);
154: }
155: }
156: }
|