View Javadoc

1   package org.appfuse.webapp.services.impl;
2   
3   import org.appfuse.Constants;
4   import org.appfuse.model.Role;
5   import org.appfuse.model.User;
6   import org.appfuse.webapp.services.SecurityContext;
7   import org.springframework.security.authentication.AuthenticationTrustResolver;
8   import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
9   import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
10  import org.springframework.security.core.Authentication;
11  import org.springframework.security.core.context.SecurityContextHolder;
12  import org.springframework.security.core.userdetails.UserDetails;
13  
14  import java.util.Arrays;
15  import java.util.List;
16  import java.util.regex.Pattern;
17  
18  /**
19   * Security context implementation based on Spring Security
20   *
21   * @author Serge Eby
22   */
23  public class SpringSecurityContext implements SecurityContext {
24  
25      private final static Pattern COMMA_PATTERN = Pattern.compile("\\s*,\\s*");
26  
27      public boolean isLoggedIn() {
28  
29          Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
30          if (authentication != null && authentication.getPrincipal() != null) {
31              if ("anonymousUser".equals(authentication.getName())) {
32                  return false;
33              }
34              return authentication.isAuthenticated();
35          }
36          return false;
37      }
38  
39      public UserDetails getUserDetails() {
40  
41          UserDetails userDetails = null;
42          if (isLoggedIn()) {
43              Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
44              if (principal instanceof UserDetails) {
45                  userDetails = (UserDetails) principal;
46              }
47          }
48          return userDetails;
49      }
50  
51  
52      public User getUser() {
53          User user = null;
54          if (isLoggedIn()) {
55              Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
56              if (principal instanceof UserDetails) {
57                  user = (User) principal;
58              }
59          }
60          return user;
61      }
62  
63      public String getUsername() {
64          User user = getUser();
65          return user != null ? user.getUsername() : null;
66      }
67  
68      public boolean hasRoles(String roleName) {
69          // If no role defined, return true
70          if (roleName == null) {
71              return true;
72          }
73  
74          User user = getUser();
75          //TODO: User InternalUtils class??
76          List<String> allowedRoles = Arrays.asList(COMMA_PATTERN.split(roleName.trim()));
77          if (user != null) {
78              for (Role role : user.getRoles()) {
79                  if (allowedRoles.contains(role.getName())) {
80                      return true;
81                  }
82              }
83          }
84          return false;
85      }
86  
87  
88      public boolean isAdmin() {
89          return hasRoles(Constants.ADMIN_ROLE);
90      }
91  
92      public void logout() {
93          // NYI
94      }
95  
96      public boolean isRememberMe() {
97          AuthenticationTrustResolver resolver = new AuthenticationTrustResolverImpl();
98          Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
99  
100         return resolver.isRememberMe(authentication);
101     }
102 
103     public void login(User user) {
104         if (user == null) {
105             throw new IllegalArgumentException("User cannot be null");
106         }
107 
108         UsernamePasswordAuthenticationToken loggedIn = new UsernamePasswordAuthenticationToken(
109                 user,
110                 user.getConfirmPassword(),
111                 user.getAuthorities());
112 
113         loggedIn.setDetails(user);
114         SecurityContextHolder.getContext().setAuthentication(loggedIn);
115 
116     }
117 
118 }