improve authentication api for issue '#3 Add extension point for plugins to define groups and their members'

scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java

@@ -51,6 +51,7 @@ import sonia.scm.user.UserManager;
 
 import java.util.Collection;
 import java.util.HashSet;
+import java.util.Iterator;
 import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
@@ -113,10 +114,13 @@ public class BasicSecurityContext implements WebSecurityContext
                            HttpServletResponse response, String username,
                            String password)
   {
-    user = authenticator.authenticate(request, response, username, password);
+    AuthenticationResult ar = authenticator.authenticate(request, response,
+                                username, password);
 
-    if (user != null)
+    if (ar != null)
     {
+      user = ar.getUser();
+
       try
       {
         user.setLastLogin(System.currentTimeMillis());
@@ -138,7 +142,19 @@ public class BasicSecurityContext implements WebSecurityContext
           userManager.create(user);
         }
 
+        Collection<String> groupCollection = ar.getGroups();
+
+        if (groupCollection != null)
+        {
+          groups.addAll(groupCollection);
+        }
+
         loadGroups();
+
+        if (logger.isDebugEnabled())
+        {
+          logGroups();
+        }
       }
       catch (Exception ex)
       {
@@ -161,7 +177,7 @@ public class BasicSecurityContext implements WebSecurityContext
   public void logout(HttpServletRequest request, HttpServletResponse response)
   {
     user = null;
-    groups = null;
+    groups = new HashSet<String>();
   }
 
   //~--- get methods ----------------------------------------------------------
@@ -220,8 +236,6 @@ public class BasicSecurityContext implements WebSecurityContext
    */
   private void loadGroups()
   {
-    groups = new HashSet<String>();
-
     Collection<Group> groupCollection =
       groupManager.getGroupsForMember(user.getName());
 
@@ -234,6 +248,31 @@ public class BasicSecurityContext implements WebSecurityContext
     }
   }
 
+  /**
+   * Method description
+   *
+   */
+  private void logGroups()
+  {
+    StringBuilder msg = new StringBuilder("user ");
+
+    msg.append(user.getName()).append(" is member of ");
+
+    Iterator<String> groupIt = groups.iterator();
+
+    while (groupIt.hasNext())
+    {
+      msg.append(groupIt.next());
+
+      if (groupIt.hasNext())
+      {
+        msg.append(", ");
+      }
+    }
+
+    logger.debug(msg.toString());
+  }
+
   //~--- fields ---------------------------------------------------------------
 
   /** Field description */

scm-webapp/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java

@@ -97,11 +97,10 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
    * @return
    */
   @Override
-  public User authenticate(HttpServletRequest request,
-                           HttpServletResponse response, String username,
-                           String password)
+  public AuthenticationResult authenticate(HttpServletRequest request,
+          HttpServletResponse response, String username, String password)
   {
-    User user = null;
+    AuthenticationResult ar = null;
 
     for (AuthenticationHandler authenticator : authenticationHandlerSet)
     {
@@ -122,8 +121,10 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
         {
           if (result.getState().isSuccessfully() && (result.getUser() != null))
           {
-            user = result.getUser();
+            User user = result.getUser();
+
             user.setType(authenticator.getType());
+            ar = result;
 
             // notify authentication listeners
             fireAuthenticationEvent(request, response, user);
@@ -138,7 +139,7 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
       }
     }
 
-    return user;
+    return ar;
   }
 
   /**