Google Git
Sign in
apache / roller / 28e95fa6d156df29d3881f3ab0cb5a8a89533902 / . / app / src / main / java / org / apache / roller / weblogger / ui / core / security / RollerUserDetailsService.java
blob: 3e61f8d8048c48b76029c8f1a8517c82ede04511 [file] [log] [blame]
package org.apache.roller.weblogger.ui.core.security;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.Weblogger;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.pojos.User;
import org.springframework.dao.DataAccessResourceFailureException;
import org.springframework.dao.DataRetrievalFailureException;
/**
* Spring Security UserDetailsService implemented using Weblogger API.
*/
public class RollerUserDetailsService implements UserDetailsService {
private static Log log = LogFactory.getLog(RollerUserDetailsService.class);
/**
* @throws UsernameNotFoundException, DataAccessException
*/
public UserDetails loadUserByUsername(String userName) {
Weblogger roller;
try {
roller = WebloggerFactory.getWeblogger();
} catch (Exception e) {
// Should only happen in case of 1st time startup, setup required
log.debug("Ignorable error getting Roller instance", e);
// Thowing a "soft" exception here allows setup to proceed
throw new UsernameNotFoundException("User info not available yet.");
}
try {
UserManager umgr = roller.getUserManager();
User userData;
// OpenID user?
if (userName.startsWith("http://") || userName.startsWith("https://")) {
if (userName.endsWith("/")) {
userName = userName.substring(0, userName.length() -1 );
}
try {
userData = umgr.getUserByOpenIdUrl(userName);
if (userData == null) {
log.warn("No user found with OpenID URL: " + userName +
" (OpenID aliased by auth provider?) Confirm URL exists in roller_user table");
}
} catch (WebloggerException ex) {
throw new DataRetrievalFailureException("ERROR in user lookup", ex);
}
String name;
String password;
List<SimpleGrantedAuthority> authorities;
// We are not throwing UsernameNotFound exception in case of
// openid authentication in order to receive OpenID Simple Registration (SREG)
// attributes from the authentication filter and save them
if (userData == null) {
authorities = new ArrayList<SimpleGrantedAuthority>(1);
SimpleGrantedAuthority g = new SimpleGrantedAuthority("rollerOpenidLogin");
authorities.add(g);
name = "openid";
password = "openid";
} else {
authorities = getAuthorities(userData, umgr);
name = userData.getUserName();
password = userData.getPassword();
}
return new org.springframework.security.core.userdetails.User(name, password,
true, true, true, true, authorities);
} else {
// standard username/password auth
try {
userData = umgr.getUserByUserName(userName);
} catch (WebloggerException ex) {
throw new DataRetrievalFailureException("ERROR in user lookup", ex);
}
if (userData == null) {
throw new UsernameNotFoundException("ERROR no user: " + userName);
}
List<SimpleGrantedAuthority> authorities = getAuthorities(userData, umgr);
return new org.springframework.security.core.userdetails.User(userData.getUserName(), userData.getPassword(),
true, true, true, true, authorities);
}
} catch (WebloggerException ex) {
throw new DataAccessResourceFailureException("ERROR: fetching roles", ex);
}
}
private List<SimpleGrantedAuthority> getAuthorities(User userData, UserManager umgr) throws WebloggerException {
List<String> roles = umgr.getRoles(userData);
List<SimpleGrantedAuthority> authorities = new ArrayList<SimpleGrantedAuthority>(roles.size());
for (String role : roles) {
authorities.add(new SimpleGrantedAuthority(role));
}
return authorities;
}
}