mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-10-08 14:51:49 +00:00
8674e2bfc8
125603 rmunteanu: Merged 5.1.1 (5.1.1) to 5.1.N (5.1.2)
125484 slanglois: MNT-16155 Update source headers - remove old Copyrights from Java and JSP dource files
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@125781 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
147 lines
4.6 KiB
Java
147 lines
4.6 KiB
Java
package org.alfresco.repo.security.authentication;
|
|
|
|
import net.sf.acegisecurity.AccountExpiredException;
|
|
import net.sf.acegisecurity.Authentication;
|
|
import net.sf.acegisecurity.CredentialsExpiredException;
|
|
import net.sf.acegisecurity.DisabledException;
|
|
import net.sf.acegisecurity.GrantedAuthority;
|
|
import net.sf.acegisecurity.GrantedAuthorityImpl;
|
|
import net.sf.acegisecurity.LockedException;
|
|
import net.sf.acegisecurity.UserDetails;
|
|
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
|
import net.sf.acegisecurity.providers.dao.User;
|
|
|
|
import org.alfresco.repo.tenant.TenantService;
|
|
|
|
/**
|
|
* @author Andy Hind
|
|
* @author dward
|
|
*/
|
|
public class AuthenticationContextImpl implements AuthenticationContext
|
|
{
|
|
private TenantService tenantService;
|
|
|
|
public void setTenantService(TenantService tenantService)
|
|
{
|
|
this.tenantService = tenantService;
|
|
}
|
|
|
|
/**
|
|
* Explicitly set the given validated user details to be authenticated.
|
|
*
|
|
* @param ud
|
|
* the User Details
|
|
* @return Authentication
|
|
*/
|
|
public Authentication setUserDetails(UserDetails ud)
|
|
{
|
|
try
|
|
{
|
|
// Apply the same validation that ACEGI would have to the user details - we may be going through a 'back
|
|
// door'.
|
|
if (!ud.isEnabled())
|
|
{
|
|
throw new DisabledException("User is disabled");
|
|
}
|
|
if (!ud.isAccountNonExpired())
|
|
{
|
|
throw new AccountExpiredException("User account has expired");
|
|
}
|
|
if (!ud.isAccountNonLocked())
|
|
{
|
|
throw new LockedException("User account is locked");
|
|
}
|
|
if (!ud.isCredentialsNonExpired())
|
|
{
|
|
throw new CredentialsExpiredException("User credentials have expired");
|
|
}
|
|
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(ud, "", ud
|
|
.getAuthorities());
|
|
auth.setDetails(ud);
|
|
auth.setAuthenticated(true);
|
|
return setCurrentAuthentication(auth);
|
|
}
|
|
catch (net.sf.acegisecurity.AuthenticationException ae)
|
|
{
|
|
throw new AuthenticationException(ae.getMessage(), ae);
|
|
}
|
|
finally
|
|
{
|
|
// Support for logging tenantdomain / username (via log4j NDC)
|
|
AuthenticationUtil.logNDC(ud.getUsername());
|
|
}
|
|
}
|
|
|
|
public Authentication setSystemUserAsCurrentUser()
|
|
{
|
|
return setSystemUserAsCurrentUser(TenantService.DEFAULT_DOMAIN);
|
|
}
|
|
|
|
public Authentication setSystemUserAsCurrentUser(String tenantDomain)
|
|
{
|
|
GrantedAuthority[] gas = new GrantedAuthority[1];
|
|
gas[0] = new GrantedAuthorityImpl("ROLE_SYSTEM");
|
|
return setUserDetails(new User(getSystemUserName(tenantDomain), "", true, true, true, true, gas));
|
|
}
|
|
|
|
public String getSystemUserName()
|
|
{
|
|
return AuthenticationUtil.SYSTEM_USER_NAME;
|
|
}
|
|
|
|
public String getSystemUserName(String tenantDomain)
|
|
{
|
|
return this.tenantService.getDomainUser(getSystemUserName(), tenantDomain);
|
|
}
|
|
|
|
public boolean isSystemUserName(String userName)
|
|
{
|
|
return getSystemUserName().equals(this.tenantService.getBaseNameUser(userName));
|
|
}
|
|
|
|
public boolean isCurrentUserTheSystemUser()
|
|
{
|
|
return isSystemUserName(getCurrentUserName());
|
|
}
|
|
|
|
public String getGuestUserName(String tenantDomain)
|
|
{
|
|
return this.tenantService.getDomainUser(getGuestUserName(), tenantDomain);
|
|
}
|
|
|
|
public String getGuestUserName()
|
|
{
|
|
return AuthenticationUtil.getGuestUserName();
|
|
}
|
|
|
|
public boolean isGuestUserName(String userName)
|
|
{
|
|
return AuthenticationUtil.getGuestUserName().equalsIgnoreCase(this.tenantService.getBaseNameUser(userName));
|
|
}
|
|
|
|
public Authentication setCurrentAuthentication(Authentication authentication)
|
|
{
|
|
return AuthenticationUtil.setFullAuthentication(authentication);
|
|
}
|
|
|
|
public Authentication getCurrentAuthentication() throws AuthenticationException
|
|
{
|
|
return AuthenticationUtil.getFullAuthentication();
|
|
}
|
|
|
|
public String getCurrentUserName() throws AuthenticationException
|
|
{
|
|
return AuthenticationUtil.getFullyAuthenticatedUser();
|
|
}
|
|
|
|
public void clearCurrentSecurityContext()
|
|
{
|
|
AuthenticationUtil.clearCurrentSecurityContext();
|
|
}
|
|
|
|
public String getUserDomain(String userName)
|
|
{
|
|
return this.tenantService.getUserDomain(userName);
|
|
}
|
|
}
|