[New] Persisting of SSO Users, enforcing SSO users have state REMOTE
This commit is contained in:
parent
7d87589ce2
commit
e1326bdc95
|
@ -39,6 +39,7 @@ import li.strolch.privilege.xml.CertificateStubsDomWriter;
|
||||||
import li.strolch.privilege.xml.CertificateStubsSaxReader;
|
import li.strolch.privilege.xml.CertificateStubsSaxReader;
|
||||||
import li.strolch.privilege.xml.CertificateStubsSaxReader.CertificateStub;
|
import li.strolch.privilege.xml.CertificateStubsSaxReader.CertificateStub;
|
||||||
import li.strolch.utils.collections.Tuple;
|
import li.strolch.utils.collections.Tuple;
|
||||||
|
import li.strolch.utils.dbc.DBC;
|
||||||
import li.strolch.utils.helper.AesCryptoHelper;
|
import li.strolch.utils.helper.AesCryptoHelper;
|
||||||
import li.strolch.utils.helper.StringHelper;
|
import li.strolch.utils.helper.StringHelper;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
|
@ -1183,6 +1184,17 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
||||||
throw new IllegalStateException("The SSO Handler is not configured!");
|
throw new IllegalStateException("The SSO Handler is not configured!");
|
||||||
|
|
||||||
User user = this.ssoHandler.authenticateSingleSignOn(data);
|
User user = this.ssoHandler.authenticateSingleSignOn(data);
|
||||||
|
DBC.PRE.assertEquals("SSO Users must have UserState.REMOTE!", UserState.REMOTE, user.getUserState());
|
||||||
|
|
||||||
|
// persist this user
|
||||||
|
User internalUser = this.persistenceHandler.getUser(user.getUsername());
|
||||||
|
if (internalUser == null)
|
||||||
|
this.persistenceHandler.addUser(user);
|
||||||
|
else
|
||||||
|
this.persistenceHandler.replaceUser(user);
|
||||||
|
|
||||||
|
if (this.autoPersistOnUserChangesData)
|
||||||
|
this.persistenceHandler.persist();
|
||||||
|
|
||||||
// get 2 auth tokens
|
// get 2 auth tokens
|
||||||
String authToken = this.encryptionHandler.nextToken();
|
String authToken = this.encryptionHandler.nextToken();
|
||||||
|
|
|
@ -28,5 +28,4 @@ public interface SingleSignOnHandler {
|
||||||
* if the SSO can not be performed with the given data
|
* if the SSO can not be performed with the given data
|
||||||
*/
|
*/
|
||||||
User authenticateSingleSignOn(Object data) throws PrivilegeException;
|
User authenticateSingleSignOn(Object data) throws PrivilegeException;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,6 +24,6 @@ public class DummySsoHandler implements SingleSignOnHandler {
|
||||||
Set<String> roles = Arrays.stream(map.get("roles").split(",")).map(String::trim).collect(Collectors.toSet());
|
Set<String> roles = Arrays.stream(map.get("roles").split(",")).map(String::trim).collect(Collectors.toSet());
|
||||||
Map<String, String> properties = new HashMap<>();
|
Map<String, String> properties = new HashMap<>();
|
||||||
return new User(map.get("userId"), map.get("username"), null, null, null, -1, -1, map.get("firstName"),
|
return new User(map.get("userId"), map.get("username"), null, null, null, -1, -1, map.get("firstName"),
|
||||||
map.get("lastName"), UserState.ENABLED, roles, Locale.ENGLISH, properties);
|
map.get("lastName"), UserState.REMOTE, roles, Locale.ENGLISH, properties);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue