AuthorityGranter is entrusted to provide relevant roles to the authenticated user. We will be creating our own custom class by implementing org.springframework.security.authentication.jaas.AuthorityGranter:
public class JaasAuthorityGranter implements AuthorityGranter {
@Override
public Set<String> grant(Principal principal) {
if (principal.getName().equalsIgnoreCase("Authenticated_admin")) {
return Collections.singleton("ROLE_ADMIN");
} else if (principal.getName().equalsIgnoreCase("Authenticated_user")) {
return Collections.singleton("ROLE_USER");
}
return Collections.singleton("ROLE_USER");
}
}
Being a sample implementation, in this class, we look at the logged in users username and grant a hard-coded role to it. In real-life applications, we would be doing something more serious in here by actually querying a database and then granting appropriate roles to the logged in user.