SEC-620: AuthenticationSource implementation.

2007-12-09 23:44:15 +00:00 · 2007-12-09 23:44:15 +00:00 · 78529f6d28
parent 5e0cb21c8d
commit 78529f6d28
1 changed files with 70 additions and 0 deletions
--- a/core/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java
+++ b/core/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java
@ -0,0 +1,70 @@
+package org.springframework.security.ldap;
+
+import org.springframework.security.Authentication;
+import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
+import org.springframework.security.userdetails.ldap.LdapUserDetails;
+import org.springframework.ldap.core.AuthenticationSource;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * This is a copy of Spring LDAP's AcegiAuthenticationSource, updated for use with Spring Security 2.0.
+ *
+ * An AuthenticationSource to retrieve authentication information stored in
+ * Spring Security's {@link SecurityContextHolder}.
+ *
+ * @author Mattias Arthursson
+ * @author Luke Taylor
+ * @since 2.0
+ * @version $Id$
+ */
+public class SpringSecurityAuthenticationSource implements AuthenticationSource {
+    private static final Log log = LogFactory.getLog(SpringSecurityAuthenticationSource.class);
+
+    /**
+     * Get the principals of the logged in user, in this case the distinguished
+     * name.
+     *
+     * @return the distinguished name of the logged in user.
+     */
+    public String getPrincipal() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        if (authentication == null) {
+            log.warn("No Authentication object set in SecurityContext - "
+                    + "returning empty String as Principal");
+            return "";
+        }
+
+        Object principal = authentication.getPrincipal();
+
+        if (principal instanceof LdapUserDetails) {
+            LdapUserDetails details = (LdapUserDetails) principal;
+            return details.getDn();
+        } else if (authentication instanceof AnonymousAuthenticationToken) {
+            if (log.isDebugEnabled()) {
+                log.debug("Anonymous Authentication, returning empty String as Principal");
+            }
+            return "";
+        } else {
+            throw new IllegalArgumentException("The principal property of the authentication object"
+                            + "needs to be an LdapUserDetails.");
+        }
+    }
+
+    /*
+     * @see org.springframework.ldap.core.AuthenticationSource#getCredentials()
+     */
+    public String getCredentials() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        if (authentication != null) {
+            return (String) authentication.getCredentials();
+        } else {
+            log.warn("No Authentication object set in SecurityContext - returning empty String as Credentials");
+            return "";
+        }
+    }
+}