View Javadoc

1   /*
2    * EL4J, the Extension Library for the J2EE, adds incremental enhancements to
3    * the spring framework, http://el4j.sf.net
4    * Copyright (C) 2005 by ELCA Informatique SA, Av. de la Harpe 22-24,
5    * 1000 Lausanne, Switzerland, http://www.elca.ch
6    *
7    * EL4J is published under the GNU Lesser General Public License (LGPL)
8    * Version 2.1. See http://www.gnu.org/licenses/
9    *
10   * This program is distributed in the hope that it will be useful,
11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13   * GNU Lesser General Public License for more details.
14   *
15   * For alternative licensing, please contact info@elca.ch
16   */
17  
18  package ch.elca.el4j.services.security.authentication;
19  
20  import org.slf4j.Logger;
21  import org.slf4j.LoggerFactory;
22  import org.springframework.security.core.Authentication;
23  import org.springframework.security.core.context.SecurityContextHolder;
24  
25  import ch.elca.el4j.core.contextpassing.AbstractImplicitContextPasser;
26  
27  /**
28   * The ImplicitContextPasser for the AuthenticationService. It handles the
29   * passing of the AuthenticationData and stores it in a ThreadLocal.
30   *
31   * @svnLink $Revision: 4091 $;$Date: 2010-01-15 12:21:07 +0100 (Fr, 15. Jan 2010) $;$Author: jonasha $;$URL: https://el4j.svn.sourceforge.net/svnroot/el4j/branches/el4j_3_1/el4j/framework/modules/security/src/main/java/ch/elca/el4j/services/security/authentication/AuthenticationServiceContextPasser.java $
32   *
33   * @author Raphael Boog (RBO)
34   * @author Andreas Pfenninger (APR)
35   * @author Dominik Zindel (DZI)
36   */
37  public class AuthenticationServiceContextPasser extends
38  	AbstractImplicitContextPasser {
39  
40  	/*
41  	 * The retry interceptor requires that, for implicit context passing, an
42  	 * InheritableThreadLocal be used and not (as the acegi-default value) a
43  	 * ThreadLocal. To achieve this, we set the corresponding strategy.
44  	 */
45  	static {
46  		SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL);
47  	}
48  	
49  	/**
50  	 * Private logger of this class.
51  	 */
52  	private static Logger s_logger = LoggerFactory
53  		.getLogger(AuthenticationServiceContextPasser.class);
54  
55  	/**
56  	 * This method is called by the client that makes a remote invocation to
57  	 * collect the implicitly passed context and add it to the request. The
58  	 * authentication data is fetched from the SecurityContextHolder.
59  	 *
60  	 * @return The authentication data for the currently logged in user
61  	 * @see ch.elca.el4j.core.contextpassing.AbstractImplicitContextPasser
62  	 */
63  	public Object getImplicitlyPassedContext() {
64  		return SecurityContextHolder.getContext().getAuthentication();
65  	}
66  
67  	/**
68  	 * This method is called by the server that receives a remote invocation
69  	 * to push the context to the service. The authentication data is stored in
70  	 * the SecurityContextHolder.
71  	 *
72  	 * @param context
73  	 *            The received implicit context for this passer.
74  	 * @throws ImplicitContextPassingRTException
75  	 * @see ch.elca.el4j.core.contextpassing.AbstractImplicitContextPasser
76  	 */
77  	public void pushImplicitlyPassedContext(Object context) {
78  		if (context == null) {
79  			s_logger.warn("Authentication == null");
80  			SecurityContextHolder.getContext().setAuthentication(null);
81  			return;
82  		}
83  		Authentication auth = (Authentication) context;
84  		SecurityContextHolder.getContext().setAuthentication(auth);
85  	}
86  
87  }