use of org.springframework.security.core.userdetails.User in project opennms by OpenNMS.
the class SpringSecurityContextServiceTest method setUp.
@Before
public void setUp() throws Exception {
SecurityContext context = new SecurityContextImpl();
User principal = new User(USERNAME, PASS, true, true, true, true, Arrays.asList(new GrantedAuthority[] { ROLE_ADMIN, ROLE_PROVISION }));
org.springframework.security.core.Authentication auth = new PreAuthenticatedAuthenticationToken(principal, new Object());
context.setAuthentication(auth);
SecurityContextHolder.setContext(context);
this.m_securityContextService = new SpringSecurityContextService();
}
use of org.springframework.security.core.userdetails.User in project incubator-atlas by apache.
the class AtlasKnoxSSOAuthenticationFilter method doFilter.
/*
* doFilter of AtlasKnoxSSOAuthenticationFilter is the first in the filter list so in this it check for the request
* if the request is from browser and sso is enabled then it process the request against knox sso
* else if it's ssoenable and the request is with local login string then it show's the appropriate msg
* else if ssoenable is false then it contiunes with further filters as it was before sso
*/
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;
AtlasResponseRequestWrapper responseWrapper = new AtlasResponseRequestWrapper(httpResponse);
responseWrapper.setHeader("X-Frame-Options", "DENY");
if (!ssoEnabled) {
filterChain.doFilter(servletRequest, servletResponse);
return;
}
HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
if (LOG.isDebugEnabled()) {
LOG.debug("Knox doFilter {}", httpRequest.getRequestURI());
}
if (httpRequest.getSession() != null && httpRequest.getSession().getAttribute("locallogin") != null) {
servletRequest.setAttribute("ssoEnabled", false);
filterChain.doFilter(servletRequest, servletResponse);
return;
}
if (jwtProperties == null || isAuthenticated()) {
filterChain.doFilter(servletRequest, servletResponse);
return;
}
if (LOG.isDebugEnabled()) {
LOG.debug("Knox ssoEnabled {} {}", ssoEnabled, httpRequest.getRequestURI());
}
//if jwt properties are loaded and is current not authenticated then it will go for sso authentication
//Note : Need to remove !isAuthenticated() after knoxsso solve the bug from cross-origin script
HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
String serializedJWT = getJWTFromCookie(httpRequest);
// if we get the hadoop-jwt token from the cookies then will process it further
if (serializedJWT != null) {
SignedJWT jwtToken = null;
try {
jwtToken = SignedJWT.parse(serializedJWT);
boolean valid = validateToken(jwtToken);
//if the public key provide is correct and also token is not expired the process token
if (valid) {
String userName = jwtToken.getJWTClaimsSet().getSubject();
LOG.info("SSO login user : {} ", userName);
//if we get the userName from the token then log into atlas using the same user
if (userName != null && !userName.trim().isEmpty()) {
List<GrantedAuthority> grantedAuths = AtlasAuthenticationProvider.getAuthoritiesFromUGI(userName);
final UserDetails principal = new User(userName, "", grantedAuths);
final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, "", grantedAuths);
WebAuthenticationDetails webDetails = new WebAuthenticationDetails(httpRequest);
((AbstractAuthenticationToken) finalAuthentication).setDetails(webDetails);
authenticationProvider.setSsoEnabled(ssoEnabled);
Authentication authentication = authenticationProvider.authenticate(finalAuthentication);
SecurityContextHolder.getContext().setAuthentication(authentication);
}
filterChain.doFilter(servletRequest, httpServletResponse);
} else {
// if the token is not valid then redirect to knox sso
redirectToKnox(httpRequest, httpServletResponse, filterChain);
}
} catch (ParseException e) {
LOG.warn("Unable to parse the JWT token", e);
redirectToKnox(httpRequest, httpServletResponse, filterChain);
}
} else {
redirectToKnox(httpRequest, httpServletResponse, filterChain);
}
}
use of org.springframework.security.core.userdetails.User in project incubator-atlas by apache.
the class AtlasAbstractAuthenticationProvider method getAuthenticationWithGrantedAuthorityFromUGI.
public Authentication getAuthenticationWithGrantedAuthorityFromUGI(Authentication authentication) {
UsernamePasswordAuthenticationToken result = null;
if (authentication != null && authentication.isAuthenticated()) {
List<GrantedAuthority> grantedAuthsUGI = getAuthoritiesFromUGI(authentication.getName());
final UserDetails userDetails = new User(authentication.getName(), authentication.getCredentials().toString(), grantedAuthsUGI);
result = new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials(), grantedAuthsUGI);
result.setDetails(authentication.getDetails());
return result;
}
return authentication;
}
use of org.springframework.security.core.userdetails.User in project spring-security by spring-projects.
the class AbstractStatelessTicketCacheTests method getToken.
protected CasAuthenticationToken getToken() {
List<String> proxyList = new ArrayList<String>();
proxyList.add("https://localhost/newPortal/login/cas");
User user = new User("rod", "password", true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
final Assertion assertion = new AssertionImpl("rod");
return new CasAuthenticationToken("key", user, "ST-0-ER94xMJmn6pha35CQRoZ", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), user, assertion);
}
use of org.springframework.security.core.userdetails.User in project spring-security by spring-projects.
the class AuthenticationPrincipalArgumentResolverTests method authenticationPrincipalExpressionWhenBeanExpressionSuppliedThenBeanUsed.
@Test
public void authenticationPrincipalExpressionWhenBeanExpressionSuppliedThenBeanUsed() throws Exception {
User user = new User("user", "password", AuthorityUtils.createAuthorityList("ROLE_USER"));
SecurityContext context = SecurityContextHolder.createEmptyContext();
context.setAuthentication(new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities()));
SecurityContextHolder.setContext(context);
MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(wac).build();
mockMvc.perform(get("/users/self")).andExpect(status().isOk()).andExpect(content().string("extracted-user"));
}
Aggregations