SEC-620: AuthenticationSource implementation.
This commit is contained in:
parent
5e0cb21c8d
commit
78529f6d28
|
@ -0,0 +1,70 @@
|
||||||
|
package org.springframework.security.ldap;
|
||||||
|
|
||||||
|
import org.springframework.security.Authentication;
|
||||||
|
import org.springframework.security.context.SecurityContextHolder;
|
||||||
|
import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
|
||||||
|
import org.springframework.security.userdetails.ldap.LdapUserDetails;
|
||||||
|
import org.springframework.ldap.core.AuthenticationSource;
|
||||||
|
|
||||||
|
import org.apache.commons.logging.Log;
|
||||||
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This is a copy of Spring LDAP's AcegiAuthenticationSource, updated for use with Spring Security 2.0.
|
||||||
|
*
|
||||||
|
* An AuthenticationSource to retrieve authentication information stored in
|
||||||
|
* Spring Security's {@link SecurityContextHolder}.
|
||||||
|
*
|
||||||
|
* @author Mattias Arthursson
|
||||||
|
* @author Luke Taylor
|
||||||
|
* @since 2.0
|
||||||
|
* @version $Id$
|
||||||
|
*/
|
||||||
|
public class SpringSecurityAuthenticationSource implements AuthenticationSource {
|
||||||
|
private static final Log log = LogFactory.getLog(SpringSecurityAuthenticationSource.class);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the principals of the logged in user, in this case the distinguished
|
||||||
|
* name.
|
||||||
|
*
|
||||||
|
* @return the distinguished name of the logged in user.
|
||||||
|
*/
|
||||||
|
public String getPrincipal() {
|
||||||
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||||
|
|
||||||
|
if (authentication == null) {
|
||||||
|
log.warn("No Authentication object set in SecurityContext - "
|
||||||
|
+ "returning empty String as Principal");
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
Object principal = authentication.getPrincipal();
|
||||||
|
|
||||||
|
if (principal instanceof LdapUserDetails) {
|
||||||
|
LdapUserDetails details = (LdapUserDetails) principal;
|
||||||
|
return details.getDn();
|
||||||
|
} else if (authentication instanceof AnonymousAuthenticationToken) {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Anonymous Authentication, returning empty String as Principal");
|
||||||
|
}
|
||||||
|
return "";
|
||||||
|
} else {
|
||||||
|
throw new IllegalArgumentException("The principal property of the authentication object"
|
||||||
|
+ "needs to be an LdapUserDetails.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* @see org.springframework.ldap.core.AuthenticationSource#getCredentials()
|
||||||
|
*/
|
||||||
|
public String getCredentials() {
|
||||||
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||||
|
|
||||||
|
if (authentication != null) {
|
||||||
|
return (String) authentication.getCredentials();
|
||||||
|
} else {
|
||||||
|
log.warn("No Authentication object set in SecurityContext - returning empty String as Credentials");
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue