use of org.apache.atlas.web.model.User in project incubator-atlas by apache.
the class AtlasADAuthenticationProvider method getADAuthentication.
private Authentication getADAuthentication(Authentication authentication) {
try {
String userName = authentication.getName();
String userPassword = "";
if (authentication.getCredentials() != null) {
userPassword = authentication.getCredentials().toString();
}
ActiveDirectoryLdapAuthenticationProvider adAuthenticationProvider = new ActiveDirectoryLdapAuthenticationProvider(adDomain, adURL);
adAuthenticationProvider.setConvertSubErrorCodesToExceptions(true);
adAuthenticationProvider.setUseAuthenticationRequestCredentials(true);
if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
final UserDetails principal = new User(userName, userPassword, grantedAuths);
final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
authentication = adAuthenticationProvider.authenticate(finalAuthentication);
if (groupsFromUGI) {
authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
}
return authentication;
} else {
LOG.error("AD Authentication Failed userName or userPassword is null or empty");
return null;
}
} catch (Exception e) {
LOG.error("AD Authentication Failed:", e);
return null;
}
}
use of org.apache.atlas.web.model.User in project incubator-atlas by apache.
the class AtlasADAuthenticationProvider method getADBindAuthentication.
private Authentication getADBindAuthentication(Authentication authentication) {
try {
String userName = authentication.getName();
String userPassword = "";
if (authentication.getCredentials() != null) {
userPassword = authentication.getCredentials().toString();
}
LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(adURL);
ldapContextSource.setUserDn(adBindDN);
ldapContextSource.setPassword(adBindPassword);
ldapContextSource.setReferral(adReferral);
ldapContextSource.setCacheEnvironmentProperties(true);
ldapContextSource.setAnonymousReadOnly(false);
ldapContextSource.setPooled(true);
ldapContextSource.afterPropertiesSet();
if (adUserSearchFilter == null || adUserSearchFilter.trim().isEmpty()) {
adUserSearchFilter = "(sAMAccountName={0})";
}
FilterBasedLdapUserSearch userSearch = new FilterBasedLdapUserSearch(adBase, adUserSearchFilter, ldapContextSource);
userSearch.setSearchSubtree(true);
BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
bindAuthenticator.setUserSearch(userSearch);
bindAuthenticator.afterPropertiesSet();
LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
final UserDetails principal = new User(userName, userPassword, grantedAuths);
final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
if (groupsFromUGI) {
authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
}
return authentication;
} else {
LOG.error("AD Authentication Failed userName or userPassword is null or empty");
return null;
}
} catch (Exception e) {
LOG.error("AD Authentication Failed:", e);
return null;
}
}
use of org.apache.atlas.web.model.User in project incubator-atlas by apache.
the class UserDaoTest method testUserDaowithInValidLogin.
@Test
public void testUserDaowithInValidLogin() {
boolean hadException = false;
Properties userLogins = new Properties();
userLogins.put("admin", "ADMIN::admin123");
userLogins.put("test", "DATA_STEWARD::test123");
UserDao user = new UserDao();
user.setUserLogins(userLogins);
try {
User userBean = user.loadUserByUsername("xyz");
} catch (UsernameNotFoundException uex) {
hadException = true;
}
assertTrue(hadException);
}
use of org.apache.atlas.web.model.User in project incubator-atlas by apache.
the class AtlasLdapAuthenticationProvider method getLdapAuthentication.
private Authentication getLdapAuthentication(Authentication authentication) {
if (isDebugEnabled) {
LOG.debug("==> AtlasLdapAuthenticationProvider getLdapAuthentication");
}
try {
// taking the user-name and password from the authentication
// object.
String userName = authentication.getName();
String userPassword = "";
if (authentication.getCredentials() != null) {
userPassword = authentication.getCredentials().toString();
}
// populating LDAP context source with LDAP URL and user-DN-pattern
LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(ldapURL);
ldapContextSource.setCacheEnvironmentProperties(false);
ldapContextSource.setAnonymousReadOnly(true);
// Creating BindAuthenticator using Ldap Context Source.
BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
//String[] userDnPatterns = new String[] { rangerLdapUserDNPattern };
String[] userDnPatterns = ldapUserDNPattern.split(";");
bindAuthenticator.setUserDnPatterns(userDnPatterns);
LdapAuthenticationProvider ldapAuthenticationProvider = null;
if (!StringUtils.isEmpty(ldapGroupSearchBase) && !StringUtils.isEmpty(ldapGroupSearchFilter)) {
// Creating LDAP authorities populator using Ldap context source and
// Ldap group search base.
// populating LDAP authorities populator with group search
// base,group role attribute, group search filter.
DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContextSource, ldapGroupSearchBase);
defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute);
defaultLdapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter);
defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);
// Creating Ldap authentication provider using BindAuthenticator and Ldap authentication populator
ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator);
} else {
ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
}
// getting user authenticated
if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
final UserDetails principal = new User(userName, userPassword, grantedAuths);
final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
if (groupsFromUGI) {
authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
}
return authentication;
} else {
return authentication;
}
} catch (Exception e) {
LOG.error("getLdapAuthentication LDAP Authentication Failed:", e);
}
if (isDebugEnabled) {
LOG.debug("<== AtlasLdapAuthenticationProvider getLdapAuthentication");
}
return authentication;
}
use of org.apache.atlas.web.model.User in project incubator-atlas by apache.
the class UserDao method loadUserByUsername.
public User loadUserByUsername(final String username) throws AuthenticationException {
String userdetailsStr = userLogins.getProperty(username);
if (userdetailsStr == null || userdetailsStr.isEmpty()) {
throw new UsernameNotFoundException("Username not found." + username);
}
String password = "";
String role = "";
String[] dataArr = userdetailsStr.split("::");
if (dataArr != null && dataArr.length == 2) {
role = dataArr[0];
password = dataArr[1];
} else {
LOG.error("User role credentials is not set properly for {}", username);
throw new AtlasAuthenticationException("User role credentials is not set properly for " + username);
}
List<GrantedAuthority> grantedAuths = new ArrayList<>();
if (StringUtils.hasText(role)) {
grantedAuths.add(new SimpleGrantedAuthority(role));
} else {
LOG.error("User role credentials is not set properly for {}", username);
throw new AtlasAuthenticationException("User role credentials is not set properly for " + username);
}
User userDetails = new User(username, password, grantedAuths);
return userDetails;
}
Aggregations