com.gigaspaces.security.openid

Class OpenIdSecurityManager

java.lang.Object

com.gigaspaces.security.openid.OpenIdSecurityManager

All Implemented Interfaces:

SecurityManager

public class OpenIdSecurityManager
extends Object
implements SecurityManager

Field Summary

Fields

Modifier and Type	Field and Description
static String	SPRING_SECURITY_CONFIG_LOCATION
static String	XAP_SECURITY_ACTIVE_CONFIG
static String	XAP_SECURITY_ROLES

Fields inherited from interface com.gigaspaces.security.SecurityManager

SECURITY_MANAGER_CLASS_PROPERTY_KEY

Constructor Summary

Constructors

Constructor and Description
OpenIdSecurityManager()

Method Summary

Modifier and Type	Method and Description
Authentication	authenticate(UserDetails userDetails) Attempts to authenticate the passed user represented by UserDetails, returning a fully populated UserDetails object (including granted authorities) if successful.
protected PopulatedRoleAuthority[]	buildUserAuthorities(Collection<? extends org.springframework.security.core.GrantedAuthority> authorities) Creates Complex Authority List from GrantedAuthorities SimpleRoleGrantedAuthority[] (implements GrantedAuthority).
void	close() Closes the Spring application context using ConfigurableApplicationContext.close().
protected org.springframework.security.core.Authentication	createAuthenticationRequest(UserDetails userDetails) Creates an Authentication request object to be passed to the AuthenticationManager.authenticate(org.springframework.security.core.Authentication) method on each call to authenticate(UserDetails).
DirectoryManager	createDirectoryManager(UserDetails userDetails) Throws a DirectoryAccessDeniedException on any attempt to manage the users/roles using this API.
void	init(Properties properties) Initialize the security manager using the spring security configuration.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SPRING_SECURITY_CONFIG_LOCATION

public static final String SPRING_SECURITY_CONFIG_LOCATION

See Also:

Constant Field Values

XAP_SECURITY_ACTIVE_CONFIG

public static final String XAP_SECURITY_ACTIVE_CONFIG

See Also:

Constant Field Values

XAP_SECURITY_ROLES

public static final String XAP_SECURITY_ROLES

See Also:

Constant Field Values

Constructor Detail

OpenIdSecurityManager

public OpenIdSecurityManager()

Method Detail

init

public void init(Properties properties)
          throws SecurityException

Initialize the security manager using the spring security configuration.

Specified by:

init in interface SecurityManager

Parameters:

properties - properties to use configure this instance.

Throws:

SecurityException

authenticate

public Authentication authenticate(UserDetails userDetails)
                            throws AuthenticationException

Description copied from interface: SecurityManager

Attempts to authenticate the passed user represented by UserDetails, returning a fully populated UserDetails object (including granted authorities) if successful.

Specified by:

authenticate in interface SecurityManager

Parameters:

userDetails - the user request object

Returns:

a fully authenticated object including authorities

Throws:

AuthenticationException - if authentication fails

buildUserAuthorities

protected PopulatedRoleAuthority[] buildUserAuthorities(Collection<? extends org.springframework.security.core.GrantedAuthority> authorities)
                                                 throws Exception

Creates Complex Authority List from GrantedAuthorities SimpleRoleGrantedAuthority[] (implements GrantedAuthority). Example structure: [{role1, auth1}, {role1, auth2}, {role2, auth3}]
to typed PopulatedRoleAuthority[]. Example structure: [{role1, [auth1, auth2]}, {role2, [auth3]}]

Throws:

Exception

createAuthenticationRequest

protected org.springframework.security.core.Authentication createAuthenticationRequest(UserDetails userDetails)

Creates an Authentication request object to be passed to the AuthenticationManager.authenticate(org.springframework.security.core.Authentication) method on each call to authenticate(UserDetails).

This method can be overridden by subclasses which require authentication request other than the default UsernamePasswordAuthenticationToken.

Parameters:

userDetails - The GigaSpaces user details request object

Returns:

an authentication request object

close

public void close()

Closes the Spring application context using ConfigurableApplicationContext.close().

Specified by:

close in interface SecurityManager

createDirectoryManager

public DirectoryManager createDirectoryManager(UserDetails userDetails)
                                        throws AuthenticationException,
                                               AccessDeniedException

Throws a DirectoryAccessDeniedException on any attempt to manage the users/roles using this API.

Specified by:

createDirectoryManager in interface SecurityManager

Parameters:

userDetails - the user request object

Returns:

a directory manager instance

Throws:

AuthenticationException - if authentication fails for the specified user

AccessDeniedException - if not granted sufficient access required to manage role details

DirectoryAccessDeniedException - if the directory should not be managed by API.