git://source.jalview.org / proteocache.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Some tiny technical changes to controllers
[proteocache.git] / server / compbio / spring / security / LDAPAuthorityMapper.java
diff --git a/server/compbio/spring/security/LDAPAuthorityMapper.java b/server/compbio/spring/security/LDAPAuthorityMapper.java
index 061a3c6..4be363a 100644 (file)
--- a/server/compbio/spring/security/LDAPAuthorityMapper.java
+++ b/server/compbio/spring/security/LDAPAuthorityMapper.java
@@ -11,10 +11,17 @@ import org.apache.commons.logging.LogFactory;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
-import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
 
 /**
- * Maps groups defined in LDAP to roles for a specific user.
+ * The class maps LDAP groups defined in the LDAP service to the ProteoCache
+ * roles for a specific user. The class implements the standard Spring Security
+ * GrantedAuthoritiesMapper interface and should replace the standard
+ * Authorities Mapper in security configuration XML file.
+ * 
+ * @version 1.0 January 2014
+ * 
+ * @author Alexaner Sherstnev
+ * 
  */
 @Resource
 public class LDAPAuthorityMapper implements GrantedAuthoritiesMapper {
@@ -23,29 +30,19 @@ public class LDAPAuthorityMapper implements GrantedAuthoritiesMapper {
 
        public LDAPAuthorityMapper() {
        }
-/*
-       public Collection<? extends GrantedAuthority> mapAuthorities(final Collection<? extends GrantedAuthority> authorities) {
 
-               Set<PCacheLDAPAuthority> roles = EnumSet.noneOf(PCacheLDAPAuthority.class);
-               roles.add(PCacheLDAPAuthority.ROLE_LDAP_USER);
-               logger.info("LDAPAuthorityMapper: set new role ROLE_LDAP_USER");
-               *
-                * for (GrantedAuthority authority : authorities) { if
-                * (ROLE_CUSTOMER_SERVICE_OFFICER.equals(authority.getAuthority())) {
-                * roles.add(PCacheLDAPAuthority.ROLE_USER); } else if
-                * (ROLE_ADMIN.equals(authority.getAuthority())) {
-                * roles.add(PCacheLDAPAuthority.ROLE_ADMIN); } }
-                *
-               return roles;
-       }*/
-       
-       
+       /**
+        * the real mapping method. Currently, all users who are able to
+        * authenticate are assigned with the same ROLE_LDAP_USER.
+        * 
+        * @param authorities a set of original granted authorities assigned by ldapAuthProvider
+        * @return a new set of granted authorities greated in the method
+        */
        public Collection<? extends GrantedAuthority> mapAuthorities(final Collection<? extends GrantedAuthority> authorities) {
                SimpleGrantedAuthority sa = new SimpleGrantedAuthority("ROLE_LDAP_USER");
                Set<GrantedAuthority> roles = new HashSet<GrantedAuthority>();
                roles.add(sa);
                logger.info("LDAPAuthorityMapper: set new role ROLE_LDAP_USER");
-
                return roles;
        }
 }