From 2df2eaa16901a9bc5504cb735dc36890a805ad70 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Tue, 18 Mar 2008 17:22:02 +0000 Subject: [PATCH] SEC-719: Introduced base class for J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource to extract non-http specific functionality (for use in portlet version). --- ...henticatedAuthenticationDetailsSource.java | 91 +++++++++++++++++++ ...ticatedWebAuthenticationDetailsSource.java | 86 +++--------------- ...edWebAuthenticationDetailsSourceTests.java | 4 +- 3 files changed, 107 insertions(+), 74 deletions(-) create mode 100644 core/src/main/java/org/springframework/security/ui/preauth/j2ee/AbstractPreAuthenticatedAuthenticationDetailsSource.java diff --git a/core/src/main/java/org/springframework/security/ui/preauth/j2ee/AbstractPreAuthenticatedAuthenticationDetailsSource.java b/core/src/main/java/org/springframework/security/ui/preauth/j2ee/AbstractPreAuthenticatedAuthenticationDetailsSource.java new file mode 100644 index 0000000000..aa7e62933b --- /dev/null +++ b/core/src/main/java/org/springframework/security/ui/preauth/j2ee/AbstractPreAuthenticatedAuthenticationDetailsSource.java @@ -0,0 +1,91 @@ +package org.springframework.security.ui.preauth.j2ee; + +import java.util.Arrays; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.GrantedAuthority; +import org.springframework.security.MutableGrantedAuthoritiesContainer; +import org.springframework.security.authoritymapping.Attributes2GrantedAuthoritiesMapper; +import org.springframework.security.authoritymapping.MappableAttributesRetriever; +import org.springframework.security.authoritymapping.SimpleAttributes2GrantedAuthoritiesMapper; +import org.springframework.security.ui.AuthenticationDetailsSourceImpl; +import org.springframework.util.Assert; + +/** + * Base implementation for classes scenarios where the authentication details object is used + * to store a list of authorities obtained from the context object (such as an HttpServletRequest) + * passed to {@link #buildDetails(Object)}. + *

+ * + * + * @author Luke Taylor + * @since 2.0 + */ +public abstract class AbstractPreAuthenticatedAuthenticationDetailsSource extends AuthenticationDetailsSourceImpl { + protected final Log logger = LogFactory.getLog(getClass()); + protected String[] j2eeMappableRoles; + protected Attributes2GrantedAuthoritiesMapper j2eeUserRoles2GrantedAuthoritiesMapper = + new SimpleAttributes2GrantedAuthoritiesMapper(); + + public AbstractPreAuthenticatedAuthenticationDetailsSource() { + } + + /** + * Check that all required properties have been set. + */ + public void afterPropertiesSet() throws Exception { + Assert.notNull(j2eeMappableRoles, "No mappable roles available"); + Assert.notNull(j2eeUserRoles2GrantedAuthoritiesMapper, "Roles to granted authorities mapper not set"); + } + + /** + * Build the authentication details object. If the specified authentication + * details class implements {@link MutableGrantedAuthoritiesContainer}, a + * list of pre-authenticated Granted Authorities will be set based on the + * roles for the current user. + * + * @see org.springframework.security.ui.AuthenticationDetailsSource#buildDetails(Object) + */ + public Object buildDetails(Object context) { + Object result = super.buildDetails(context); + + if (result instanceof MutableGrantedAuthoritiesContainer) { + String[] j2eeUserRoles = getUserRoles(context, j2eeMappableRoles); + GrantedAuthority[] userGas = j2eeUserRoles2GrantedAuthoritiesMapper.getGrantedAuthorities(j2eeUserRoles); + + if (logger.isDebugEnabled()) { + logger.debug("J2EE user roles [" + Arrays.asList(j2eeUserRoles) + "] mapped to Granted Authorities: [" + + Arrays.asList(userGas) + "]"); + } + + ((MutableGrantedAuthoritiesContainer) result).setGrantedAuthorities(userGas); + } + return result; + } + + /** + * Allows the roles of the current user to be determined from the context object + * + * @param context the context object (an HttpRequest, PortletRequest etc) + * @param mappableRoles the possible roles as determined by the MappableAttributesRetriever + * @return the subset of mappable roles which the current user has. + */ + protected abstract String[] getUserRoles(Object context, String[] mappableRoles); + + /** + * @param aJ2eeMappableRolesRetriever + * The MappableAttributesRetriever to use + */ + public void setMappableRolesRetriever(MappableAttributesRetriever aJ2eeMappableRolesRetriever) { + this.j2eeMappableRoles = aJ2eeMappableRolesRetriever.getMappableAttributes(); + } + + /** + * @param mapper + * The Attributes2GrantedAuthoritiesMapper to use + */ + public void setUserRoles2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper mapper) { + j2eeUserRoles2GrantedAuthoritiesMapper = mapper; + } +} \ No newline at end of file diff --git a/core/src/main/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.java b/core/src/main/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.java index 1e664cd4b2..8e53065593 100755 --- a/core/src/main/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.java +++ b/core/src/main/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.java @@ -1,107 +1,49 @@ package org.springframework.security.ui.preauth.j2ee; import org.springframework.security.ui.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails; -import org.springframework.security.ui.WebAuthenticationDetailsSource; -import org.springframework.security.GrantedAuthority; -import org.springframework.security.MutableGrantedAuthoritiesContainer; -import org.springframework.security.authoritymapping.Attributes2GrantedAuthoritiesMapper; -import org.springframework.security.authoritymapping.MappableAttributesRetriever; +import org.springframework.security.authoritymapping.SimpleAttributes2GrantedAuthoritiesMapper; import java.util.ArrayList; -import java.util.Arrays; import javax.servlet.http.HttpServletRequest; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.springframework.beans.factory.InitializingBean; -import org.springframework.util.Assert; /** - * Extended AuthenticationDetailsSource which allows + * Implementation of AuthenticationDetailsSource which converts the user's J2EE roles (as obtained by calling + * {@link HttpServletRequest#isUserInRole(String)}) into GrantedAuthoritys and stores these in the authentication + * details object (. * * @author Ruud Senden * @since 2.0 */ -public class J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource extends WebAuthenticationDetailsSource implements InitializingBean { - private static final Log logger = LogFactory.getLog(J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.class); - - private String[] j2eeMappableRoles; - - private Attributes2GrantedAuthoritiesMapper j2eeUserRoles2GrantedAuthoritiesMapper; - +public class J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource extends AbstractPreAuthenticatedAuthenticationDetailsSource { /** * Public constructor which overrides the default AuthenticationDetails * class to be used. */ public J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource() { super.setClazz(PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails.class); + + j2eeUserRoles2GrantedAuthoritiesMapper = new SimpleAttributes2GrantedAuthoritiesMapper(); } /** - * Check that all required properties have been set. - */ - public void afterPropertiesSet() throws Exception { - Assert.notNull(j2eeMappableRoles, "J2EE defined roles not available"); - Assert.notNull(j2eeUserRoles2GrantedAuthoritiesMapper, "J2EE user roles to granted authorities mapper not set"); - } - - /** - * Build the authentication details object. If the specified authentication - * details class implements {@link MutableGrantedAuthoritiesContainer}, a - * list of pre-authenticated Granted Authorities will be set based on the - * J2EE roles for the current user. - * - * @see org.springframework.security.ui.AuthenticationDetailsSource#buildDetails(Object) - */ - public Object buildDetails(Object context) { - Object result = super.buildDetails(context); - if (result instanceof MutableGrantedAuthoritiesContainer) { - ((MutableGrantedAuthoritiesContainer) result) - .setGrantedAuthorities(getJ2eeBasedGrantedAuthorities((HttpServletRequest)context)); - } - return result; - } - - /** - * Get a list of Granted Authorities based on the current user's J2EE roles. + * Obtains the list of user roles based on the current user's J2EE roles. * * @param request The request against which isUserInRole will be called for each role name * returned by the MappableAttributesRetriever. * @return GrantedAuthority[] mapped from the user's J2EE roles. */ - private GrantedAuthority[] getJ2eeBasedGrantedAuthorities(HttpServletRequest request) { + protected String[] getUserRoles(Object context, String[] mappableRoles) { ArrayList j2eeUserRolesList = new ArrayList(); - for (int i = 0; i < j2eeMappableRoles.length; i++) { - if (request.isUserInRole(j2eeMappableRoles[i])) { - j2eeUserRolesList.add(j2eeMappableRoles[i]); + for (int i = 0; i < mappableRoles.length; i++) { + if (((HttpServletRequest)context).isUserInRole(mappableRoles[i])) { + j2eeUserRolesList.add(mappableRoles[i]); } } - String[] j2eeUserRoles = new String[j2eeUserRolesList.size()]; - j2eeUserRoles = (String[]) j2eeUserRolesList.toArray(j2eeUserRoles); - GrantedAuthority[] userGas = j2eeUserRoles2GrantedAuthoritiesMapper.getGrantedAuthorities(j2eeUserRoles); - if (logger.isDebugEnabled()) { - logger.debug("J2EE user roles [" + j2eeUserRolesList + "] mapped to Granted Authorities: [" - + Arrays.asList(userGas) + "]"); - } - return userGas; - } - - /** - * @param aJ2eeMappableRolesRetriever - * The MappableAttributesRetriever to use - */ - public void setJ2eeMappableRolesRetriever(MappableAttributesRetriever aJ2eeMappableRolesRetriever) { - this.j2eeMappableRoles = aJ2eeMappableRolesRetriever.getMappableAttributes(); + + return (String[]) j2eeUserRolesList.toArray(new String[j2eeUserRolesList.size()]); } - - /** - * @param mapper - * The Attributes2GrantedAuthoritiesMapper to use - */ - public void setJ2eeUserRoles2GrantedAuthoritiesMapper(Attributes2GrantedAuthoritiesMapper mapper) { - j2eeUserRoles2GrantedAuthoritiesMapper = mapper; - } - } diff --git a/core/src/test/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSourceTests.java b/core/src/test/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSourceTests.java index d3c359c555..37307cd4e8 100755 --- a/core/src/test/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSourceTests.java +++ b/core/src/test/java/org/springframework/security/ui/preauth/j2ee/J2eeBasedPreAuthenticatedWebAuthenticationDetailsSourceTests.java @@ -107,8 +107,8 @@ public class J2eeBasedPreAuthenticatedWebAuthenticationDetailsSourceTests extend private final J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource getJ2eeBasedPreAuthenticatedWebAuthenticationDetailsSource( String[] mappedRoles) { J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource result = new J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource(); - result.setJ2eeMappableRolesRetriever(getMappableRolesRetriever(mappedRoles)); - result.setJ2eeUserRoles2GrantedAuthoritiesMapper(getJ2eeUserRoles2GrantedAuthoritiesMapper()); + result.setMappableRolesRetriever(getMappableRolesRetriever(mappedRoles)); + result.setUserRoles2GrantedAuthoritiesMapper(getJ2eeUserRoles2GrantedAuthoritiesMapper()); result.setClazz(PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails.class); try {