DecodingUserDetailsService.java example

Explorer

geoserver-master
- doc
  - en
    - developer
      - source
        programming-guide
        ows-services
        hello
        src
        main
        java
        HelloWorld.java
        web-ui
        ComponentInfo.java
    - user
      - source
        security
        tutorials
        ldap
        acme-ldap
        src
        main
        java
        org
        acme
        Ldap.java
- src

/* (c) 2014 Open Source Geospatial Foundation - all rights reserved
 * (c) 2001 - 2013 OpenPlans
 * This code is licensed under the GPL 2.0 license, available at the root
 * application directory.
 */
package org.geoserver.security.password;

import java.io.IOException;

import org.geoserver.security.GeoServerUserGroupService;
import org.geoserver.security.impl.GeoServerUser;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/**
 * Wrapper class for a {@link GeoServerUserGroupService} object
 * decoding the passwords.
 * 
 * This is needed for some authentication mechanisms, HTTP Digest
 * authentication as an example.
 * 
 * Decoding is only possible for {@link GeoServerUserPasswordEncoder}
 * objects of type {@link PasswordEncodingType#PLAIN} or
 * {@link PasswordEncodingType#ENCRYPT} 
 * 
 * @author christian
 *
 */
public class DecodingUserDetailsService implements UserDetailsService {

    protected GeoServerUserGroupService service;
    protected GeoServerMultiplexingPasswordEncoder encoder;
    
    /**
     * Creates a new Instance
     * @param service
     *
     * @throws IOException
     */
    public static DecodingUserDetailsService newInstance(GeoServerUserGroupService service) throws IOException {
        DecodingUserDetailsService decodingService = new DecodingUserDetailsService();
        decodingService.setGeoserverUserGroupService(service);        
        return decodingService;
    }
     
    /**
     * Protected, use {@link #canBeUsedFor(GeoServerUserGroupService)} followed
     * by {@link #newInstance(GeoServerUserGroupService)}
     */
    protected DecodingUserDetailsService() {        
    }
    
    /**
     * sets the wrapped {@link GeoServerUserGroupService} objects
     * and prepares the {@link GeoServerUserPasswordEncoder}
     * 
     * @param service
     * @throws IOException
     */
    public void setGeoserverUserGroupService(GeoServerUserGroupService service) throws IOException {
        this.service=service;
        encoder=new GeoServerMultiplexingPasswordEncoder(service.getSecurityManager(),service);
    }
    
    /**
     * loads the user and decodes the password to plain text (if possible).
     * 
     */
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException,
            DataAccessException {
        GeoServerUser user = (GeoServerUser) service.loadUserByUsername(username);
        if (user==null) return null;
        try {
            String decoded = encoder.decode(user.getPassword());
            return new UserDetailsPasswordWrapper(user, decoded);
        } catch (UnsupportedOperationException ex) {
            return new UserDetailsPasswordWrapper(user, user.getPassword());
        }
    }

}