SpringSecurityManager (GigaSpaces XAP 9.7.2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

GigaSpaces XAP 9.7.2 API

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.openspaces.security.spring
Class SpringSecurityManager

java.lang.Object
  org.openspaces.security.spring.SpringSecurityManager

All Implemented Interfaces:: SecurityManager

public class SpringSecurityManager
extends Object
implements SecurityManager
extends Object
implements SecurityManager

A Spring security bridge over the GigaSpaces SecurityManager interface. The Spring security configurations are loaded using the FileSystemXmlApplicationContext taking the context definition files from the file system or from URLs. The location of the configuration file is set using the spring-security-config-location property; if not set, a default security-config.xml is considered (if present).

A common GigaSpaces security configuration: ([Gigaspaces root]/config/security/security.properties)

 com.gs.security.security-manager.class = org.openspaces.security.spring.SpringSecurityManager
 spring-security-config-location = ../config/security/security-config.xml

Since:: 7.1.1
Author:: Moran Avigdor

Field Summary
`static String`	`SPRING_SECURITY_CONFIG_LOCATION` The security-config xml file location to create a new `FileSystemXmlApplicationContext` from

Fields inherited from interface com.gigaspaces.security.SecurityManager
`SECURITY_MANAGER_CLASS_PROPERTY_KEY`

Constructor Summary
`SpringSecurityManager()`

Method Summary
`Authentication`	`authenticate(UserDetails userDetails)` Attempts to authenticate the passed `UserDetails` object, returning a fully populated `Authentication` object (including granted authorities) if successful.
`void`	`close()` Closes the Spring application context using `ConfigurableApplicationContext.close()`.
`protected org.springframework.security.core.Authentication`	`createAuthenticationRequest(UserDetails userDetails)` Creates an `Authentication` request object to be passed to the `AuthenticationManager.authenticate(org.springframework.security.core.Authentication)` method on each call to `authenticate(UserDetails)`.
`DirectoryManager`	`createDirectoryManager(UserDetails userDetails)` Throws a `DirectoryAccessDeniedException` on any attempt to manage the users/roles using this API.
`void`	`init(Properties properties)` Initialize the security manager using the spring security configuration.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

SPRING_SECURITY_CONFIG_LOCATION

public static final String SPRING_SECURITY_CONFIG_LOCATION

The security-config xml file location to create a new FileSystemXmlApplicationContext from

See Also:: Constant Field Values

Constructor Detail

SpringSecurityManager

public SpringSecurityManager()

Method Detail

init

public void init(Properties properties)
          throws SecurityException

Initialize the security manager using the spring security configuration.

Specified by:: init in interface SecurityManager

Parameters:: properties - properties to use configure this instance.
Throws:: SecurityException

authenticate

public Authentication authenticate(UserDetails userDetails)
                            throws AuthenticationException

Attempts to authenticate the passed UserDetails object, returning a fully populated Authentication object (including granted authorities) if successful.

The API call is delegated to the configured AuthenticationManager, using a UsernamePasswordAuthenticationToken , converting the returned Authentication object (including fully populated granted authorities) to the GigaSpaces Authentication object.

Specified by:: authenticate in interface SecurityManager

Parameters:: userDetails - The GigaSpaces user details request object
Returns:: a fully authenticated object including authorities
Throws:: AuthenticationException - if authentication fails

createAuthenticationRequest

protected org.springframework.security.core.Authentication createAuthenticationRequest(UserDetails userDetails)

Creates an Authentication request object to be passed to the AuthenticationManager.authenticate(org.springframework.security.core.Authentication) method on each call to authenticate(UserDetails).

This method can be overridden by subclasses which require authentication request other than the default UsernamePasswordAuthenticationToken.

Parameters:: userDetails - The GigaSpaces user details request object
Returns:: an authentication request object

close

public void close()

Closes the Spring application context using ConfigurableApplicationContext.close().

Specified by:: close in interface SecurityManager

createDirectoryManager

public DirectoryManager createDirectoryManager(UserDetails userDetails)
                                        throws AuthenticationException,
                                               AccessDeniedException

Throws a DirectoryAccessDeniedException on any attempt to manage the users/roles using this API.

Specified by:: createDirectoryManager in interface SecurityManager

Parameters:: userDetails - the user request object
Returns:: a directory manager instance
Throws:: AuthenticationException - if authentication fails for the specified user; AccessDeniedException - if not granted sufficient access required to manage role details; DirectoryAccessDeniedException - if the directory should not be managed by API.