Example 46 with User
use of org.springframework.security.core.userdetails.User in project spring-security by spring-projects.
the class WithMockUserSecurityContextFactory method createSecurityContext.
public SecurityContext createSecurityContext(WithMockUser withUser) {
String username = StringUtils.hasLength(withUser.username()) ? withUser.username() : withUser.value();
if (username == null) {
throw new IllegalArgumentException(withUser + " cannot have null username on both username and value properites");
}
List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
for (String authority : withUser.authorities()) {
grantedAuthorities.add(new SimpleGrantedAuthority(authority));
}
if (grantedAuthorities.isEmpty()) {
for (String role : withUser.roles()) {
if (role.startsWith("ROLE_")) {
throw new IllegalArgumentException("roles cannot start with ROLE_ Got " + role);
}
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + role));
}
} else if (!(withUser.roles().length == 1 && "USER".equals(withUser.roles()[0]))) {
throw new IllegalStateException("You cannot define roles attribute " + Arrays.asList(withUser.roles()) + " with authorities attribute " + Arrays.asList(withUser.authorities()));
}
User principal = new User(username, withUser.password(), true, true, true, true, grantedAuthorities);
Authentication authentication = new UsernamePasswordAuthenticationToken(principal, principal.getPassword(), principal.getAuthorities());
SecurityContext context = SecurityContextHolder.createEmptyContext();
context.setAuthentication(authentication);
return context;
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
User(org.springframework.security.core.userdetails.User)
Authentication(org.springframework.security.core.Authentication)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
SecurityContext(org.springframework.security.core.context.SecurityContext)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 47 with User
use of org.springframework.security.core.userdetails.User in project OpenClinica by OpenClinica.
the class OpenClinicaSessionRegistryImpl method removeSessionInformation.
@Override
public void removeSessionInformation(String sessionId) {
SessionInformation info = getSessionInformation(sessionId);
if (info != null) {
User u = (User) info.getPrincipal();
auditLogout(u.getUsername());
}
super.removeSessionInformation(sessionId);
}
Also used :
SessionInformation(org.springframework.security.core.session.SessionInformation)
User(org.springframework.security.core.userdetails.User)
Example 48 with User
use of org.springframework.security.core.userdetails.User in project opennms by OpenNMS.
the class KerberosLdapAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) authentication;
/*
* The incoming username will be in the form of a Kerberos user principal name,
* e.g. user@EXAMPLE.ORG. We typically need to strip off the realm name before
* doing any LDAP operations with the username.
*/
String validatedUsername = trimRealmFromUsername(m_kerberosClient.login(auth.getName(), auth.getCredentials().toString()));
DirContextOperations ldapUserEntry = m_ldapUserSearch.searchForUser(validatedUsername);
Collection<? extends GrantedAuthority> grantedAuthorities = m_ldapAuthoritiesPopulator.getGrantedAuthorities(ldapUserEntry, validatedUsername);
UserDetails userDetails = new User(validatedUsername, "notUsed", true, true, true, true, grantedAuthorities);
UsernamePasswordAuthenticationToken output = new UsernamePasswordAuthenticationToken(userDetails, auth.getCredentials(), grantedAuthorities);
return output;
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
User(org.springframework.security.core.userdetails.User)
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 49 with User
use of org.springframework.security.core.userdetails.User in project incubator-atlas by apache.
the class AtlasAuthenticationFilter method doFilter.
@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest httpRequest = (HttpServletRequest) request;
FilterChain filterChainWrapper = new FilterChain() {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
final HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
final HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;
if (isKerberos) {
Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication();
String userName = readUserFromCookie(httpResponse);
if (StringUtils.isEmpty(userName) && !StringUtils.isEmpty(httpRequest.getRemoteUser())) {
userName = httpRequest.getRemoteUser();
}
if ((existingAuth == null || !existingAuth.isAuthenticated()) && (!StringUtils.isEmpty(userName))) {
List<GrantedAuthority> grantedAuths = AtlasAuthenticationProvider.getAuthoritiesFromUGI(userName);
final UserDetails principal = new User(userName, "", grantedAuths);
final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, "", grantedAuths);
WebAuthenticationDetails webDetails = new WebAuthenticationDetails(httpRequest);
((AbstractAuthenticationToken) finalAuthentication).setDetails(webDetails);
SecurityContextHolder.getContext().setAuthentication(finalAuthentication);
request.setAttribute("atlas.http.authentication.type", true);
LOG.info("Logged into Atlas as = {}", userName);
}
}
// OPTIONS method is sent from quick start jersey atlas client
if (httpRequest.getMethod().equals("OPTIONS")) {
optionsServlet.service(request, response);
} else {
try {
String requestUser = httpRequest.getRemoteUser();
NDC.push(requestUser + ":" + httpRequest.getMethod() + httpRequest.getRequestURI());
RequestContext requestContext = RequestContext.get();
if (requestContext != null) {
requestContext.setUser(requestUser);
}
LOG.info("Request from authenticated user: {}, URL={}", requestUser, Servlets.getRequestURI(httpRequest));
filterChain.doFilter(servletRequest, servletResponse);
} finally {
NDC.pop();
}
}
}
};
try {
Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication();
HttpServletResponse httpResponse = (HttpServletResponse) response;
AtlasResponseRequestWrapper responseWrapper = new AtlasResponseRequestWrapper(httpResponse);
responseWrapper.setHeader("X-Frame-Options", "DENY");
if (existingAuth == null) {
String authHeader = httpRequest.getHeader("Authorization");
if (authHeader != null && authHeader.startsWith("Basic")) {
filterChain.doFilter(request, response);
} else if (isKerberos) {
doKerberosAuth(request, response, filterChainWrapper, filterChain);
} else {
filterChain.doFilter(request, response);
}
} else {
filterChain.doFilter(request, response);
}
} catch (NullPointerException e) {
LOG.error("Exception in AtlasAuthenticationFilter ", e);
//PseudoAuthenticationHandler.getUserName() from hadoop-auth throws NPE if user name is not specified
((HttpServletResponse) response).sendError(Response.Status.BAD_REQUEST.getStatusCode(), "Authentication is enabled and user is not specified. Specify user.name parameter");
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletRequest(javax.servlet.ServletRequest)
ServletResponse(javax.servlet.ServletResponse)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
User(org.springframework.security.core.userdetails.User)
FilterChain(javax.servlet.FilterChain)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
AbstractAuthenticationToken(org.springframework.security.authentication.AbstractAuthenticationToken)
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Authentication(org.springframework.security.core.Authentication)
WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails)
RequestContext(org.apache.atlas.RequestContext)
Example 50 with User
use of org.springframework.security.core.userdetails.User in project incubator-atlas by apache.
the class AtlasAbstractAuthenticationProvider method getAuthenticationWithGrantedAuthority.
/**
*
* @param authentication
* @return
*/
public Authentication getAuthenticationWithGrantedAuthority(Authentication authentication) {
UsernamePasswordAuthenticationToken result = null;
if (authentication != null && authentication.isAuthenticated()) {
final List<GrantedAuthority> grantedAuths = getAuthorities(authentication.getName());
final UserDetails userDetails = new User(authentication.getName(), authentication.getCredentials().toString(), grantedAuths);
result = new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials(), grantedAuths);
result.setDetails(authentication.getDetails());
return result;
}
return authentication;
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
User(org.springframework.security.core.userdetails.User)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Aggregations
User (org.springframework.security.core.userdetails.User)56
Test (org.junit.Test)30
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)17
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)15
UserDetails (org.springframework.security.core.userdetails.UserDetails)14
Authentication (org.springframework.security.core.Authentication)13
GrantedAuthority (org.springframework.security.core.GrantedAuthority)10
ArrayList (java.util.ArrayList)6
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6
UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)4
Before (org.junit.Before)3
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3
SecurityContext (org.springframework.security.core.context.SecurityContext)3
FilterChain (javax.servlet.FilterChain)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
HttpServletResponse (javax.servlet.http.HttpServletResponse)2
Assertion (org.jasig.cas.client.validation.Assertion)2
AssertionImpl (org.jasig.cas.client.validation.AssertionImpl)2
DirContextOperations (org.springframework.ldap.core.DirContextOperations)2
AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)2
