1 package org.appfuse.webapp.services.impl;
2
3 import org.appfuse.Constants;
4 import org.appfuse.model.Role;
5 import org.appfuse.model.User;
6 import org.appfuse.webapp.services.SecurityContext;
7 import org.springframework.security.authentication.AuthenticationTrustResolver;
8 import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
9 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
10 import org.springframework.security.core.Authentication;
11 import org.springframework.security.core.context.SecurityContextHolder;
12 import org.springframework.security.core.userdetails.UserDetails;
13
14 import java.util.Arrays;
15 import java.util.List;
16 import java.util.regex.Pattern;
17
18
19
20
21
22
23 public class SpringSecurityContext implements SecurityContext {
24
25 private final static Pattern COMMA_PATTERN = Pattern.compile("\\s*,\\s*");
26
27 public boolean isLoggedIn() {
28
29 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
30 if (authentication != null && authentication.getPrincipal() != null) {
31 if ("anonymousUser".equals(authentication.getName())) {
32 return false;
33 }
34 return authentication.isAuthenticated();
35 }
36 return false;
37 }
38
39 public UserDetails getUserDetails() {
40
41 UserDetails userDetails = null;
42 if (isLoggedIn()) {
43 Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
44 if (principal instanceof UserDetails) {
45 userDetails = (UserDetails) principal;
46 }
47 }
48 return userDetails;
49 }
50
51
52 public User getUser() {
53 User user = null;
54 if (isLoggedIn()) {
55 Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
56 if (principal instanceof UserDetails) {
57 user = (User) principal;
58 }
59 }
60 return user;
61 }
62
63 public String getUsername() {
64 User user = getUser();
65 return user != null ? user.getUsername() : null;
66 }
67
68 public boolean hasRoles(String roleName) {
69
70 if (roleName == null) {
71 return true;
72 }
73
74 User user = getUser();
75
76 List<String> allowedRoles = Arrays.asList(COMMA_PATTERN.split(roleName.trim()));
77 if (user != null) {
78 for (Role role : user.getRoles()) {
79 if (allowedRoles.contains(role.getName())) {
80 return true;
81 }
82 }
83 }
84 return false;
85 }
86
87
88 public boolean isAdmin() {
89 return hasRoles(Constants.ADMIN_ROLE);
90 }
91
92 public void logout() {
93
94 }
95
96 public boolean isRememberMe() {
97 AuthenticationTrustResolver resolver = new AuthenticationTrustResolverImpl();
98 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
99
100 return resolver.isRememberMe(authentication);
101 }
102
103 public void login(User user) {
104 if (user == null) {
105 throw new IllegalArgumentException("User cannot be null");
106 }
107
108 UsernamePasswordAuthenticationToken loggedIn = new UsernamePasswordAuthenticationToken(
109 user,
110 user.getConfirmPassword(),
111 user.getAuthorities());
112
113 loggedIn.setDetails(user);
114 SecurityContextHolder.getContext().setAuthentication(loggedIn);
115
116 }
117
118 }