dive4elements/river: gwt-client/src/main/java/org/dive4elements/river/client/server/auth/saml/User.java comparison

comparison gwt-client/src/main/java/org/dive4elements/river/client/server/auth/saml/User.java @ 5948:d7b9b3e3c61a

Make instantiation of saml.User easier. Most of the parameters of the constructor can be taken from the Assertion object, so there's no reason to pass them separately. Also, trying to check the validity dates isn't useful for the single sign on case. See comments in the hasExpired method.

author	Bernhard Herzog <bh@intevation.de>
date	Wed, 08 May 2013 17:56:14 +0200
parents	0b092a1d136b
children	a51adfc957bf

comparison

equal deleted inserted replaced

-:0b092a1d136b
+:d7b9b3e3c61a
 extends DefaultUser
 implements org.dive4elements.river.client.server.auth.User {
 private Assertion assertion;
-public User(String name,
+public User(Assertion assertion, List<String> features, String password) {
-String       password,
+this.setName(assertion.getUserID());
-String       account,
+this.setAccount(assertion.getNameID());
-List<String> roles,
+this.setRoles(assertion.getRoles());
-Assertion    assertion,
-List<String> features
-) {
-this.setName(name);
-this.setPassword(password);
-this.setRoles(roles);
 this.assertion = assertion;
 this.setAllowedFeatures(features);
-this.setAccount(account);
+this.setPassword(password);
 }
 @Override
 public boolean hasExpired() {
-Date until = this.assertion.getUntil();
+// We could check the validity dates of the assertion here, but
-if (until != null) {
+// when using this for Single-Sign-On this would lead to the
-Date current = new Date();
+// code in GGInAFilter to re-authenticate with the password
-return !current.after(until);
+// stored in the User object, which isn't known in the case of
-}
+// Single-Sign-On.
 return false;
 }
 }
 // vim:set ts=4 sw=4 si et fenc=utf8 tw=80:

Mercurial > dive4elements > river

comparison gwt-client/src/main/java/org/dive4elements/river/client/server/auth/saml/User.java @ 5948:d7b9b3e3c61a