Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Added template method for role creation, as requested in the forum.

Luke Taylor 19 years ago
parent
7475906218
commit
b0caa72e80
1 changed files with 27 additions and 9 deletions
Split View Show Diff Stats
  1. 27 9
      core/src/main/java/org/acegisecurity/userdetails/ldap/LdapUserDetailsMapper.java

+ 27 - 9
core/src/main/java/org/acegisecurity/userdetails/ldap/LdapUserDetailsMapper.java
View File 

@@ -16,6 +16,7 @@
 
 package org.acegisecurity.userdetails.ldap;

 

 import org.acegisecurity.GrantedAuthorityImpl;

+import org.acegisecurity.GrantedAuthority;

 

 import org.acegisecurity.ldap.LdapEntryMapper;

 

@@ -74,17 +75,12 @@ public class LdapUserDetailsMapper implements LdapEntryMapper {
 
             NamingEnumeration attributeRoles = roleAttribute.getAll();

 

             while (attributeRoles.hasMore()) {

-                Object role = attributeRoles.next();

+                GrantedAuthority authority = createAuthority(attributeRoles.next());

 

-                // We only handle Strings for the time being

-                if (role instanceof String) {

-                    if (convertToUpperCase) {

-                        role = ((String) role).toUpperCase();

-                    }

-

-                    essence.addAuthority(new GrantedAuthorityImpl(rolePrefix + role));

+                if(authority != null) {

+                    essence.addAuthority(authority);

                 } else {

-                    logger.warn("Non-String value found for role attribute " + roleAttribute.getID());

+                    logger.debug("Failed to create an authority value from attribute with Id: " + roleAttribute.getID());

                 }

             }

         }

@@ -92,6 +88,28 @@ public class LdapUserDetailsMapper implements LdapEntryMapper {
 
         return essence;

     }

 

+    /**

+     * Creates a GrantedAuthority from a role attribute. Override to customize

+     * authority object creation.

+     * <p>

+     * The default implementation converts string attributes to roles, making use of the <tt>rolePrefix</tt>

+     * and <tt>convertToUpperCase</tt> properties. Non-String attributes are ignored.

+     * </p>

+     *

+     * @param role the attribute returned from

+     * @return the authority to be added to the list of authorities for the user, or null

+     * if this attribute should be ignored.

+     */

+    protected GrantedAuthority createAuthority(Object role) {

+        if (role instanceof String) {

+            if (convertToUpperCase) {

+                role = ((String) role).toUpperCase();

+            }

+            return new GrantedAuthorityImpl(rolePrefix + role);

+        }

+        return null;

+    }

+

     /**

      * Determines whether role field values will be converted to upper case when loaded.

      * The default is true.