WaffleNegotiateAuthenticationRealm.java

package org.aplikator.server;

import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Authorizer;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.subject.PrincipalCollection;

import waffle.servlet.WindowsPrincipal;
import waffle.shiro.GroupMappingWaffleRealm;
import waffle.shiro.negotiate.NegotiateAuthenticationRealm;

/**
 *
 */
public class WaffleNegotiateAuthenticationRealm extends NegotiateAuthenticationRealm implements Authorizer {

    GroupMappingWaffleRealm delegate = new GroupMappingWaffleRealm() {

        Map<Object, AuthorizationInfo> cache = new HashMap<>();

        protected AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {
            if (principals == null) {
                return null;
            }
            AuthorizationInfo info = cache.get(principals);
            if (info == null) {
                // Call template method if the info was not found in a cache
                info = doGetAuthorizationInfoOverriden(principals);
                // If the info is not null and the cache has been created, then cache the authorization info.
                if (info != null && cache != null) {
                    cache.put(principals, info);
                }
            }
            return info;
        }

        protected AuthorizationInfo doGetAuthorizationInfoOverriden(final PrincipalCollection principals) {
            final WindowsPrincipal principal = principals.oneByType(WindowsPrincipal.class);
            return principal == null ? null : this.doAuthorizationInfoOverriden(principal);
        }

        protected AuthorizationInfo doAuthorizationInfoOverriden(final WindowsPrincipal principal) {
            final SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
            authorizationInfo.addRoles(this.getRoleNamesForGroups(principal.getGroups().keySet()));
            return authorizationInfo;
        }
    };

    public void setGroupRolesMap(final Map<String, String> value) {
        delegate.setGroupRolesMap(value);
    }

    @Override
    public boolean isPermitted(PrincipalCollection principals, String permission) {
        return delegate.isPermitted(principals, permission);
    }

    @Override
    public boolean isPermitted(PrincipalCollection subjectPrincipal, Permission permission) {
        return delegate.isPermitted(subjectPrincipal, permission);
    }

    @Override
    public boolean[] isPermitted(PrincipalCollection subjectPrincipal, String... permissions) {
        return delegate.isPermitted(subjectPrincipal, permissions);
    }

    @Override
    public boolean[] isPermitted(PrincipalCollection subjectPrincipal, List<Permission> permissions) {
        return delegate.isPermitted(subjectPrincipal, permissions);
    }

    @Override
    public boolean isPermittedAll(PrincipalCollection subjectPrincipal, String... permissions) {
        return delegate.isPermittedAll(subjectPrincipal, permissions);
    }

    @Override
    public boolean isPermittedAll(PrincipalCollection subjectPrincipal, Collection<Permission> permissions) {
        return delegate.isPermittedAll(subjectPrincipal, permissions);
    }

    @Override
    public void checkPermission(PrincipalCollection subjectPrincipal, String permission) throws AuthorizationException {
        delegate.checkPermission(subjectPrincipal, permission);
    }

    @Override
    public void checkPermission(PrincipalCollection subjectPrincipal, Permission permission) throws AuthorizationException {
        delegate.checkPermission(subjectPrincipal, permission);
    }

    @Override
    public void checkPermissions(PrincipalCollection subjectPrincipal, String... permissions) throws AuthorizationException {
        delegate.checkPermissions(subjectPrincipal, permissions);
    }

    @Override
    public void checkPermissions(PrincipalCollection subjectPrincipal, Collection<Permission> permissions) throws AuthorizationException {
        delegate.checkPermissions(subjectPrincipal, permissions);
    }

    @Override
    public boolean hasRole(PrincipalCollection subjectPrincipal, String roleIdentifier) {
        return delegate.hasRole(subjectPrincipal, roleIdentifier);
    }

    @Override
    public boolean[] hasRoles(PrincipalCollection subjectPrincipal, List<String> roleIdentifiers) {
        return hasRoles(subjectPrincipal, roleIdentifiers);
    }

    @Override
    public boolean hasAllRoles(PrincipalCollection subjectPrincipal, Collection<String> roleIdentifiers) {
        return hasAllRoles(subjectPrincipal, roleIdentifiers);
    }

    @Override
    public void checkRole(PrincipalCollection subjectPrincipal, String roleIdentifier) throws AuthorizationException {
        delegate.checkRole(subjectPrincipal, roleIdentifier);
    }

    @Override
    public void checkRoles(PrincipalCollection subjectPrincipal, Collection<String> roleIdentifiers) throws AuthorizationException {
        delegate.checkRoles(subjectPrincipal, roleIdentifiers);
    }

    @Override
    public void checkRoles(PrincipalCollection subjectPrincipal, String... roleIdentifiers) throws AuthorizationException {
        delegate.checkRoles(subjectPrincipal, roleIdentifiers);
    }
}