/**
* Extracts user groups from {@link SecurityRealm}.
*
* @param userId
* @return List of effective groups. Null if there's no info
*/
private static @CheckForNull List<String> getAuthoritiesFromRealm(@Nonnull String userId) {
final Jenkins instance = Jenkins.getInstance();
if (instance == null) {
return null; // Jenkins has not been started yet
}
@CheckForNull UserDetails userDetails = null;
try {
final SecurityRealm sr = instance.getSecurityRealm();
userDetails = sr.loadUserByUsername(userId);
} catch (DataAccessException ex) {
// fallback to null handler
} catch (UsernameNotFoundException ex) {
// fallback to null handler
}
if (userDetails == null) {
return null;
}
GrantedAuthority[] authorities = userDetails.getAuthorities();
List<String> authorityList = new ArrayList<String>(authorities.length);
for (GrantedAuthority auth : authorities) {
authorityList.add(auth.getAuthority());
}
return authorityList;
}
/** Handles the logout processing. */
@Override
public void doLogout(StaplerRequest req, StaplerResponse rsp)
throws IOException, ServletException {
// Clear Spring Security context
SecurityContextHolder.clearContext();
// Remove session from CAS single sign-out storage
HttpSession session = req.getSession(false);
if (session != null) {
SessionMappingStorage sessionMappingStorage =
(SessionMappingStorage) getApplicationContext().getBean("casSessionMappingStorage");
sessionMappingStorage.removeBySessionById(session.getId());
}
super.doLogout(req, rsp);
}
public static List<Descriptor<SecurityRealm>> getSecurityRealmDescriptors() {
return SecurityRealm.all();
}