Examples with UserDetails org.acegisecurity.userdetails.UserDetails used on opensource projects

Example 1 with UserDetails

use of org.acegisecurity.userdetails.UserDetails in project hudson-2.x by hudson.

the class PAMSecurityRealm method createSecurityComponents.

public SecurityComponents createSecurityComponents() {
    Binding binding = new Binding();
    binding.setVariable("instance", this);
    BeanBuilder builder = new BeanBuilder();
    builder.parse(Hudson.getInstance().servletContext.getResourceAsStream("/WEB-INF/security/PAMSecurityRealm.groovy"), binding);
    WebApplicationContext context = builder.createApplicationContext();
    return new SecurityComponents(findBean(AuthenticationManager.class, context), new UserDetailsService() {

        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
            if (!UnixUser.exists(username))
                throw new UsernameNotFoundException("No such Unix user: " + username);
            // return some dummy instance
            return new User(username, "", true, true, true, true, new GrantedAuthority[] { AUTHENTICATED_AUTHORITY });
        }
    });
}

Example 2 with UserDetails

use of org.acegisecurity.userdetails.UserDetails in project hudson-2.x by hudson.

the class ClientAuthenticationCache method get.

/**
     * Gets the persisted authentication for this Hudson.
     *
     * @return {@link Hudson#ANONYMOUS} if no such credential is found, or if the stored credential is invalid.
     */
public Authentication get() {
    Hudson h = Hudson.getInstance();
    Secret userName = Secret.decrypt(props.getProperty(getPropertyKey()));
    // failed to decrypt
    if (userName == null)
        return Hudson.ANONYMOUS;
    try {
        UserDetails u = h.getSecurityRealm().loadUserByUsername(userName.toString());
        return new UsernamePasswordAuthenticationToken(u.getUsername(), u.getPassword(), u.getAuthorities());
    } catch (AuthenticationException e) {
        return Hudson.ANONYMOUS;
    } catch (DataAccessException e) {
        return Hudson.ANONYMOUS;
    }
}

Example 3 with UserDetails

use of org.acegisecurity.userdetails.UserDetails in project blueocean-plugin by jenkinsci.

the class PipelineBaseTest method login.

protected User login() throws IOException {
    j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
    hudson.model.User bob = j.jenkins.getUser("bob");
    bob.setFullName("Bob Smith");
    bob.addProperty(new Mailer.UserProperty("bob@jenkins-ci.org"));
    UserDetails d = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(bob.getId());
    SecurityContextHolder.getContext().setAuthentication(new PrincipalAcegiUserToken(bob.getId(), bob.getId(), bob.getId(), d.getAuthorities(), bob.getId()));
    return bob;
}

Example 4 with UserDetails

use of org.acegisecurity.userdetails.UserDetails in project hudson-2.x by hudson.

the class AbstractPasswordBasedSecurityRealm method doAuthenticate.

/**
     * Authenticate a login attempt.
     * This method is the heart of a {@link AbstractPasswordBasedSecurityRealm}.
     * <p/>
     * <p/>
     * If the user name and the password pair matches, retrieve the information about this user and
     * return it as a {@link UserDetails} object. {@link org.acegisecurity.userdetails.User} is a convenient
     * implementation to use, but if your backend offers additional data, you may want to use your own subtype
     * so that the rest of Hudson can use those additional information (such as e-mail address --- see
     * {@link MailAddressResolver}.)
     * <p/>
     * <p/>
     * Properties like {@link UserDetails#getPassword()} make no sense, so just return an empty value from it.
     * The only information that you need to pay real attention is {@link UserDetails#getAuthorities()}, which
     * is a list of roles/groups that the user is in. At minimum, this must contain {@link #AUTHENTICATED_AUTHORITY}
     * (which indicates that this user is authenticated and not anonymous), but if your backend supports a notion
     * of groups, you should make sure that the authorities contain one entry per one group. This enables
     * users to control authorization based on groups.
     * <p/>
     * <p/>
     * If the user name and the password pair doesn't match, throw {@link AuthenticationException} to reject the login
     * attempt.
     * If authentication was successful - HUDSON_USER environment variable will be set
     * <a href='http://issues.hudson-ci.org/browse/HUDSON-4463'>HUDSON-4463</a>
     */
protected UserDetails doAuthenticate(String username, String password) throws AuthenticationException {
    UserDetails userDetails = authenticate(username, password);
    EnvVars.setHudsonUserEnvVar(userDetails.getUsername());
    return userDetails;
}

Example 5 with UserDetails

use of org.acegisecurity.userdetails.UserDetails in project hudson-2.x by hudson.

the class ClientAuthenticationCache method set.

/**
     * Persists the specified authentication.
     */
public void set(Authentication a) throws IOException, InterruptedException {
    Hudson h = Hudson.getInstance();
    // make sure that this security realm is capable of retrieving the authentication by name,
    // as it's not required.
    UserDetails u = h.getSecurityRealm().loadUserByUsername(a.getName());
    props.setProperty(getPropertyKey(), Secret.fromString(u.getUsername()).getEncryptedValue());
    save();
}