Examples with UsernamePasswordAuthenticationToken org.springframework.security.authentication.UsernamePasswordAuthenticationToken used on opensource projects

Example 11 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class UsernamePasswordAuthenticationTokenDeserializer method deserialize.

/**
	 * This method construct {@link UsernamePasswordAuthenticationToken} object from serialized json.
	 * @param jp the JsonParser
	 * @param ctxt the DeserializationContext
	 * @return the user
	 * @throws IOException if a exception during IO occurs
	 * @throws JsonProcessingException if an error during JSON processing occurs
	 */
@Override
public UsernamePasswordAuthenticationToken deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException, JsonProcessingException {
    UsernamePasswordAuthenticationToken token = null;
    ObjectMapper mapper = (ObjectMapper) jp.getCodec();
    JsonNode jsonNode = mapper.readTree(jp);
    Boolean authenticated = readJsonNode(jsonNode, "authenticated").asBoolean();
    JsonNode principalNode = readJsonNode(jsonNode, "principal");
    Object principal = null;
    if (principalNode.isObject()) {
        principal = mapper.readValue(principalNode.toString(), new TypeReference<User>() {
        });
    } else {
        principal = principalNode.asText();
    }
    Object credentials = readJsonNode(jsonNode, "credentials").asText();
    List<GrantedAuthority> authorities = mapper.readValue(readJsonNode(jsonNode, "authorities").toString(), new TypeReference<List<GrantedAuthority>>() {
    });
    if (authenticated) {
        token = new UsernamePasswordAuthenticationToken(principal, credentials, authorities);
    } else {
        token = new UsernamePasswordAuthenticationToken(principal, credentials);
    }
    token.setDetails(readJsonNode(jsonNode, "details"));
    return token;
}

Example 12 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class AbstractJaasAuthenticationProvider method authenticate.

/**
	 * Attempts to login the user given the Authentication objects principal and
	 * credential
	 *
	 * @param auth The Authentication object to be authenticated.
	 *
	 * @return The authenticated Authentication object, with it's grantedAuthorities set.
	 *
	 * @throws AuthenticationException This implementation does not handle 'locked' or
	 * 'disabled' accounts. This method only throws a AuthenticationServiceException, with
	 * the message of the LoginException that will be thrown, should the
	 * loginContext.login() method fail.
	 */
public Authentication authenticate(Authentication auth) throws AuthenticationException {
    if (!(auth instanceof UsernamePasswordAuthenticationToken)) {
        return null;
    }
    UsernamePasswordAuthenticationToken request = (UsernamePasswordAuthenticationToken) auth;
    Set<GrantedAuthority> authorities;
    try {
        // Create the LoginContext object, and pass our InternallCallbackHandler
        LoginContext loginContext = createLoginContext(new InternalCallbackHandler(auth));
        // Attempt to login the user, the LoginContext will call our
        // InternalCallbackHandler at this point.
        loginContext.login();
        // Create a set to hold the authorities, and add any that have already been
        // applied.
        authorities = new HashSet<GrantedAuthority>();
        // Get the subject principals and pass them to each of the AuthorityGranters
        Set<Principal> principals = loginContext.getSubject().getPrincipals();
        for (Principal principal : principals) {
            for (AuthorityGranter granter : this.authorityGranters) {
                Set<String> roles = granter.grant(principal);
                // return null.
                if ((roles != null) && !roles.isEmpty()) {
                    for (String role : roles) {
                        authorities.add(new JaasGrantedAuthority(role, principal));
                    }
                }
            }
        }
        // Convert the authorities set back to an array and apply it to the token.
        JaasAuthenticationToken result = new JaasAuthenticationToken(request.getPrincipal(), request.getCredentials(), new ArrayList<GrantedAuthority>(authorities), loginContext);
        // Publish the success event
        publishSuccessEvent(result);
        // we're done, return the token.
        return result;
    } catch (LoginException loginException) {
        AuthenticationException ase = this.loginExceptionResolver.resolveException(loginException);
        publishFailureEvent(request, ase);
        throw ase;
    }
}

Example 13 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class ClientApplication method main.

public static void main(String[] args) {
    String username = System.getProperty("username", "");
    String password = System.getProperty("password", "");
    String nrOfCallsString = System.getProperty("nrOfCalls", "");
    if ("".equals(username) || "".equals(password)) {
        System.out.println("You need to specify the user ID to use, the password to use, and optionally a number of calls " + "using the username, password, and nrOfCalls system properties respectively. eg for user rod, " + "use: -Dusername=rod -Dpassword=koala' for a single call per service and " + "use: -Dusername=rod -Dpassword=koala -DnrOfCalls=10 for ten calls per service.");
        System.exit(-1);
    } else {
        int nrOfCalls = 1;
        if (!"".equals(nrOfCallsString)) {
            nrOfCalls = Integer.parseInt(nrOfCallsString);
        }
        ListableBeanFactory beanFactory = new FileSystemXmlApplicationContext("clientContext.xml");
        ClientApplication client = new ClientApplication(beanFactory);
        client.invokeContactManager(new UsernamePasswordAuthenticationToken(username, password), nrOfCalls);
        System.exit(0);
    }
}

Example 14 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class WithUserDetailsSecurityContextFactory method createSecurityContext.

public SecurityContext createSecurityContext(WithUserDetails withUser) {
    String beanName = withUser.userDetailsServiceBeanName();
    UserDetailsService userDetailsService = StringUtils.hasLength(beanName) ? this.beans.getBean(beanName, UserDetailsService.class) : this.beans.getBean(UserDetailsService.class);
    String username = withUser.value();
    Assert.hasLength(username, "value() must be non empty String");
    UserDetails principal = userDetailsService.loadUserByUsername(username);
    Authentication authentication = new UsernamePasswordAuthenticationToken(principal, principal.getPassword(), principal.getAuthorities());
    SecurityContext context = SecurityContextHolder.createEmptyContext();
    context.setAuthentication(authentication);
    return context;
}

Example 15 with UsernamePasswordAuthenticationToken

use of org.springframework.security.authentication.UsernamePasswordAuthenticationToken in project spring-security by spring-projects.

the class WithMockCustomUserSecurityContextFactory method createSecurityContext.

public SecurityContext createSecurityContext(WithMockCustomUser customUser) {
    SecurityContext context = SecurityContextHolder.createEmptyContext();
    CustomUserDetails principal = new CustomUserDetails(customUser.name(), customUser.username());
    Authentication auth = new UsernamePasswordAuthenticationToken(principal, "password", principal.getAuthorities());
    context.setAuthentication(auth);
    return context;
}