Class InMemoryRolePopulator
- java.lang.Object
-
- org.springframework.dao.support.DaoSupport
-
- org.springframework.jdbc.core.support.JdbcDaoSupport
-
- com.im.df.security.mechanim.ldap.authorization.InMemoryRolePopulator
-
- All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean
,org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
public final class InMemoryRolePopulator extends org.springframework.jdbc.core.support.JdbcDaoSupport implements org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
Responsible for loading user to role association from the security configuration file e.g iam-db-template.xml. We are using LdapAuthoritiesPopulator to ensure that all of our populators are compatible and we can put them in a list of populators for different providers.- Author:
- Masoud Kalali
-
-
Constructor Summary
Constructors Constructor Description InMemoryRolePopulator(String stpName, String applicationName, String ijcRoleNameInDB, List<String> roleToUserAssignments, com.im.commons.db.DatabasePlatform platform)
This constructor is used in the bean configuration iam-db-template.xml to prepare and load the project (schema) specific role mapping.InMemoryRolePopulator(String stpName, String applicationsAndRoles, List<String> roleToUserAssignments, com.im.commons.db.DatabasePlatform platform)
This constructor is used in the bean configuration iam-db-template.xml to prepare and load the project (schema) specific role mapping.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description List<org.springframework.security.core.GrantedAuthority>
getGrantedAuthorities(org.springframework.ldap.core.DirContextOperations dco, String username)
-
-
-
Constructor Detail
-
InMemoryRolePopulator
public InMemoryRolePopulator(String stpName, String applicationName, String ijcRoleNameInDB, List<String> roleToUserAssignments, com.im.commons.db.DatabasePlatform platform)
This constructor is used in the bean configuration iam-db-template.xml to prepare and load the project (schema) specific role mapping.- Parameters:
stpName
- Name of the stored procedure returning the restricted roleapplicationName
- the application name to pass to the stpijcRoleNameInDB
- the role which should be present in the database to consider user is permitted to access the IJCroleToUserAssignments
- a Map containing user to roles mapping for this particular schemaplatform
- the platform to access the database through it
-
InMemoryRolePopulator
public InMemoryRolePopulator(String stpName, String applicationsAndRoles, List<String> roleToUserAssignments, com.im.commons.db.DatabasePlatform platform)
This constructor is used in the bean configuration iam-db-template.xml to prepare and load the project (schema) specific role mapping.- Parameters:
stpName
- Name of the stored procedure returning the restricted roleapplicationsAndRoles
- The applications and roles in format "app1=role1,app2=role2". It is also possible to define the default role which is assigned to user if stored procedure accepts user (means userA has role1 in app1). By defaultRoles.R_USER
is added. This default can be changed this way: "app1=role1(ROLE_USER),app2=role2(ROLE_EDIT_SCHEMA|ROLE_EDIT_DATA)"roleToUserAssignments
- a Map containing user to roles mapping for this particular schemaplatform
- the platform to access the database through it
-
-
Method Detail
-
getGrantedAuthorities
public List<org.springframework.security.core.GrantedAuthority> getGrantedAuthorities(org.springframework.ldap.core.DirContextOperations dco, String username)
- Specified by:
getGrantedAuthorities
in interfaceorg.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
-
-