From 78529f6d28c9b90a55ec712d69ed8ed97dc6799a Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Sun, 9 Dec 2007 23:44:15 +0000
Subject: [PATCH] SEC-620: AuthenticationSource implementation.

---
 .../SpringSecurityAuthenticationSource.java   | 70 +++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 core/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java

diff --git a/core/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java b/core/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java
new file mode 100644
index 0000000000..705e8e0534
--- /dev/null
+++ b/core/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java
@@ -0,0 +1,70 @@
+package org.springframework.security.ldap;
+
+import org.springframework.security.Authentication;
+import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
+import org.springframework.security.userdetails.ldap.LdapUserDetails;
+import org.springframework.ldap.core.AuthenticationSource;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * This is a copy of Spring LDAP's AcegiAuthenticationSource, updated for use with Spring Security 2.0.
+ *
+ * An AuthenticationSource to retrieve authentication information stored in
+ * Spring Security's {@link SecurityContextHolder}.
+ *
+ * @author Mattias Arthursson
+ * @author Luke Taylor
+ * @since 2.0
+ * @version $Id$
+ */
+public class SpringSecurityAuthenticationSource implements AuthenticationSource {
+    private static final Log log = LogFactory.getLog(SpringSecurityAuthenticationSource.class);
+
+    /**
+     * Get the principals of the logged in user, in this case the distinguished
+     * name.
+     *
+     * @return the distinguished name of the logged in user.
+     */
+    public String getPrincipal() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        if (authentication == null) {
+            log.warn("No Authentication object set in SecurityContext - "
+                    + "returning empty String as Principal");
+            return "";
+        }
+
+        Object principal = authentication.getPrincipal();
+
+        if (principal instanceof LdapUserDetails) {
+            LdapUserDetails details = (LdapUserDetails) principal;
+            return details.getDn();
+        } else if (authentication instanceof AnonymousAuthenticationToken) {
+            if (log.isDebugEnabled()) {
+                log.debug("Anonymous Authentication, returning empty String as Principal");
+            }
+            return "";
+        } else {
+            throw new IllegalArgumentException("The principal property of the authentication object"
+                            + "needs to be an LdapUserDetails.");
+        }
+    }
+
+    /*
+     * @see org.springframework.ldap.core.AuthenticationSource#getCredentials()
+     */
+    public String getCredentials() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        if (authentication != null) {
+            return (String) authentication.getCredentials();
+        } else {
+            log.warn("No Authentication object set in SecurityContext - returning empty String as Credentials");
+            return "";
+        }
+    }
+}