Add mode comments to the classes

[proteocache.git] / server / compbio / spring / security / LDAPAuthorityMapper.java

package compbio.spring.security;

import java.util.Collection;
import java.util.HashSet;
import java.util.Set;

import javax.annotation.Resource;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;

/**
 * The class maps LDAP groups defined in the LDAP service to the ProteoCache
 * roles for a specific user. The class implements the standard Spring Security
 * GrantedAuthoritiesMapper interface and should replace the standard
 * Authorities Mapper in security configuration XML file.
 * 
 * @version 1.0 January 2014
 * 
 * @author Alexaner Sherstnev
 * 
 */
@Resource
public class LDAPAuthorityMapper implements GrantedAuthoritiesMapper {

        private static final Log logger = LogFactory.getLog(LDAPAuthorityMapper.class);

        public LDAPAuthorityMapper() {
        }

        /**
         * the real mapping method. Currently, all users who are able to
         * authenticate are assigned with the same ROLE_LDAP_USER.
         * 
         * @param authorities a set of original granted authorities assigned by ldapAuthProvider
         * @return a new set of granted authorities greated in the method
         */
        public Collection<? extends GrantedAuthority> mapAuthorities(final Collection<? extends GrantedAuthority> authorities) {
                SimpleGrantedAuthority sa = new SimpleGrantedAuthority("ROLE_LDAP_USER");
                Set<GrantedAuthority> roles = new HashSet<GrantedAuthority>();
                roles.add(sa);
                logger.info("LDAPAuthorityMapper: set new role ROLE_LDAP_USER");
                return roles;
        }
}