GigaSpaces XAP 9.7.2 API

org.openspaces.security.spring
Class SpringSecurityManager

java.lang.Object
  extended by org.openspaces.security.spring.SpringSecurityManager
All Implemented Interfaces:
SecurityManager

public class SpringSecurityManager
extends Object
implements SecurityManager

A Spring security bridge over the GigaSpaces SecurityManager interface. The Spring security configurations are loaded using the FileSystemXmlApplicationContext taking the context definition files from the file system or from URLs. The location of the configuration file is set using the spring-security-config-location property; if not set, a default security-config.xml is considered (if present).

A common GigaSpaces security configuration: ([Gigaspaces root]/config/security/security.properties)

 com.gs.security.security-manager.class = org.openspaces.security.spring.SpringSecurityManager
 spring-security-config-location = ../config/security/security-config.xml
 

Since:
7.1.1
Author:
Moran Avigdor

Field Summary
static String SPRING_SECURITY_CONFIG_LOCATION
          The security-config xml file location to create a new FileSystemXmlApplicationContext from
 
Fields inherited from interface com.gigaspaces.security.SecurityManager
SECURITY_MANAGER_CLASS_PROPERTY_KEY
 
Constructor Summary
SpringSecurityManager()
           
 
Method Summary
 Authentication authenticate(UserDetails userDetails)
          Attempts to authenticate the passed UserDetails object, returning a fully populated Authentication object (including granted authorities) if successful.
 void close()
          Closes the Spring application context using ConfigurableApplicationContext.close().
protected  org.springframework.security.core.Authentication createAuthenticationRequest(UserDetails userDetails)
          Creates an Authentication request object to be passed to the AuthenticationManager.authenticate(org.springframework.security.core.Authentication) method on each call to authenticate(UserDetails).
 DirectoryManager createDirectoryManager(UserDetails userDetails)
          Throws a DirectoryAccessDeniedException on any attempt to manage the users/roles using this API.
 void init(Properties properties)
          Initialize the security manager using the spring security configuration.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SPRING_SECURITY_CONFIG_LOCATION

public static final String SPRING_SECURITY_CONFIG_LOCATION
The security-config xml file location to create a new FileSystemXmlApplicationContext from

See Also:
Constant Field Values
Constructor Detail

SpringSecurityManager

public SpringSecurityManager()
Method Detail

init

public void init(Properties properties)
          throws SecurityException
Initialize the security manager using the spring security configuration.

Specified by:
init in interface SecurityManager
Parameters:
properties - properties to use configure this instance.
Throws:
SecurityException

authenticate

public Authentication authenticate(UserDetails userDetails)
                            throws AuthenticationException
Attempts to authenticate the passed UserDetails object, returning a fully populated Authentication object (including granted authorities) if successful.

The API call is delegated to the configured AuthenticationManager, using a UsernamePasswordAuthenticationToken , converting the returned Authentication object (including fully populated granted authorities) to the GigaSpaces Authentication object.

Specified by:
authenticate in interface SecurityManager
Parameters:
userDetails - The GigaSpaces user details request object
Returns:
a fully authenticated object including authorities
Throws:
AuthenticationException - if authentication fails

createAuthenticationRequest

protected org.springframework.security.core.Authentication createAuthenticationRequest(UserDetails userDetails)
Creates an Authentication request object to be passed to the AuthenticationManager.authenticate(org.springframework.security.core.Authentication) method on each call to authenticate(UserDetails).

This method can be overridden by subclasses which require authentication request other than the default UsernamePasswordAuthenticationToken.

Parameters:
userDetails - The GigaSpaces user details request object
Returns:
an authentication request object

close

public void close()
Closes the Spring application context using ConfigurableApplicationContext.close().

Specified by:
close in interface SecurityManager

createDirectoryManager

public DirectoryManager createDirectoryManager(UserDetails userDetails)
                                        throws AuthenticationException,
                                               AccessDeniedException
Throws a DirectoryAccessDeniedException on any attempt to manage the users/roles using this API.

Specified by:
createDirectoryManager in interface SecurityManager
Parameters:
userDetails - the user request object
Returns:
a directory manager instance
Throws:
AuthenticationException - if authentication fails for the specified user
AccessDeniedException - if not granted sufficient access required to manage role details
DirectoryAccessDeniedException - if the directory should not be managed by API.

GigaSpaces XAP 9.7.2 API

Copyright © GigaSpaces.