3

I've successfully integrate JOSSO and Spring Security applications to my Grails application (using LDAP for user control).

Since JOSSO already manages authentication, I'm using "Pre-Authentication Scenarios" for Spring Security integration. Here is my resources.groovy content related to Spring Security configuration:

def developmentEnvironment = {
  if (grailsApplication.config.grails.plugins.springsecurity.active) {

    preAuthenticatedAuthenticationProvider(PreAuthenticatedAuthenticationProvider) {
      preAuthenticatedUserDetailsService = ref('preAuthenticatedUserDetailsService')
    }

    preAuthenticatedUserDetailsService(PreAuthenticatedGrantedAuthoritiesUserDetailsService) {
    }

    j2eePreAuthFilter(J2eePreAuthenticatedProcessingFilter) {
      authenticationManager = ref('authenticationManager')
      authenticationDetailsSource = {
        J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource authenticationDetailsSource ->
        mappableRolesRetriever = {
          SimpleMappableAttributesRetriever mappableAttributesRetriever ->
            mappableAttributes = ['app_admin', 'app_user', 'app_report', 'app_access'] as Set
        }
        userRoles2GrantedAuthoritiesMapper = {
          SimpleAttributes2GrantedAuthoritiesMapper grantedAuthoritiesMapper ->
            convertAttributeToUpperCase = "true"
        }
      }
    }

    preAuthenticatedProcessingFilterEntryPoint(Http403ForbiddenEntryPoint) {
    }

    preAuthenticatedExceptionTranslationFilter(ExceptionTranslationFilter) {
      authenticationEntryPoint = ref('preAuthenticatedProcessingFilterEntryPoint')
    }
  }
}

Everything works fine and I can access default properties on Grails side (for example using springSecurityService).

But now I have a new requirement to get custom properties from LDAP (for example ownership). So, I add these properties to my user under LDAP, as far as I know JOSSO automatically will get these properties, but I can't get these on grails application side. Is there any way to get these properties on grails side?

Aram Aslanyan
  • 106
  • 4
  • 1
    Probably I should override UserDetails and UserDetailsService classes to add my own custom properties. The problem is how I can get user data under loadUserByUsername(..) method of UserDetailsService class. – Aram Aslanyan Jul 13 '12 at 06:23

1 Answers1

0

Such custom properties should be placed in your implementation of UserDetails interface, or extension of User class. In http://static.springsource.org/spring-security/site/docs/3.1.x/reference/preauth.html you can find how this scenario should implement the AuthenticationUserDetailsService.

Once you do this, you can query the SecurityContextHolder to get your UserDetails implementation

SecurityContextHolder.getContext().getAuthentication().getPrincipal()
José Lecaros
  • 974
  • 11
  • 13