[DURACOM-192] Authentication Method related special groups are put in claim set even if a different authentication method is used

dspace-api/src/main/java/org/dspace/authenticate/AuthenticationMethod.java

@@ -153,6 +153,22 @@ public interface AuthenticationMethod {
     public List<Group> getSpecialGroups(Context context, HttpServletRequest request)
         throws SQLException;
 
+    /**
+     * Returns true if the special groups returned by
+     * {@link org.dspace.authenticate.AuthenticationMethod#getSpecialGroups(Context, HttpServletRequest)}
+     * should be implicitly be added to the groups related to the current user. By
+     * default this is true if the authentication method is the actual
+     * authentication mechanism used by the user.
+     * @param  context A valid DSpace context.
+     * @param  request The request that started this operation, or null if not
+     *                 applicable.
+     * @return         true is the special groups must be considered, false
+     *                 otherwise
+     */
+    public default boolean areSpecialGroupsApplicable(Context context, HttpServletRequest request) {
+        return getName().equals(context.getAuthenticationMethod());
+    }
+
     /**
      * Authenticate the given or implicit credentials.
      * This is the heart of the authentication method: test the

dspace-api/src/main/java/org/dspace/authenticate/AuthenticationServiceImpl.java

@@ -179,11 +179,16 @@ public class AuthenticationServiceImpl implements AuthenticationService {
         int totalLen = 0;
 
         for (AuthenticationMethod method : getAuthenticationMethodStack()) {
+
+            if (method.areSpecialGroupsApplicable(context, request)) {
+
                 List<Group> gl = method.getSpecialGroups(context, request);
                 if (gl.size() > 0) {
                     result.addAll(gl);
                     totalLen += gl.size();
                 }
+
+            }
         }
 
         return result;

dspace-api/src/main/java/org/dspace/authenticate/IPAuthentication.java

@@ -252,6 +252,11 @@ public class IPAuthentication implements AuthenticationMethod {
         return groups;
     }
 
+    @Override
+    public boolean areSpecialGroupsApplicable(Context context, HttpServletRequest request) {
+        return true;
+    }
+
     @Override
     public int authenticate(Context context, String username, String password,
                             String realm, HttpServletRequest request) throws SQLException {