private boolean authorized(AdPrincipal principal) { boolean authorized = true; for (String requiredGroup : configuration.getRequiredGroups()) { authorized = authorized && principal.getGroupNames().contains(requiredGroup); } return authorized; }
private Optional<T> doAuthenticate(AdCredentials credentials) throws AuthenticationException { DirContext boundContext = bindUser(credentials); if (boundContext != null) { AdPrincipal principal = getAdPrincipal(boundContext, credentials); if (authorized(principal)) { return Optional.fromNullable(mapper.map(principal)); } else { Set<String> missingGroups = configuration.getRequiredGroups(); missingGroups.removeAll(principal.getGroupNames()); LOG.warn( String.format( "%s authenticated successfully but did not have authority. Missing Groups: %s", credentials.getUsername(), missingGroups.toString())); } } return Optional.absent(); }