Example 51 with UserDetails
use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.
the class GrantedAuthorityFromAssertionAttributesUserDetailsServiceTests method correctlyExtractsNamedAttributesFromAssertionAndConvertsThemToAuthorities.
@Test
public void correctlyExtractsNamedAttributesFromAssertionAndConvertsThemToAuthorities() {
GrantedAuthorityFromAssertionAttributesUserDetailsService uds = new GrantedAuthorityFromAssertionAttributesUserDetailsService(new String[] { "a", "b", "c", "d" });
uds.setConvertToUpperCase(false);
Assertion assertion = mock(Assertion.class);
AttributePrincipal principal = mock(AttributePrincipal.class);
Map<String, Object> attributes = new HashMap<String, Object>();
attributes.put("a", Arrays.asList("role_a1", "role_a2"));
attributes.put("b", "role_b");
attributes.put("c", "role_c");
attributes.put("d", null);
attributes.put("someother", "unused");
when(assertion.getPrincipal()).thenReturn(principal);
when(principal.getAttributes()).thenReturn(attributes);
when(principal.getName()).thenReturn("somebody");
CasAssertionAuthenticationToken token = new CasAssertionAuthenticationToken(assertion, "ticket");
UserDetails user = uds.loadUserDetails(token);
Set<String> roles = AuthorityUtils.authorityListToSet(user.getAuthorities());
assertThat(roles.size()).isEqualTo(4);
assertThat(roles).contains("role_a1");
assertThat(roles).contains("role_a2");
assertThat(roles).contains("role_b");
assertThat(roles).contains("role_c");
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
HashMap(java.util.HashMap)
Assertion(org.jasig.cas.client.validation.Assertion)
CasAssertionAuthenticationToken(org.springframework.security.cas.authentication.CasAssertionAuthenticationToken)
AttributePrincipal(org.jasig.cas.client.authentication.AttributePrincipal)
Test(org.junit.Test)
Example 52 with UserDetails
use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.
the class AbstractUserDetailsAuthenticationProvider method authenticate.
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported"));
// Determine username
String username = (authentication.getPrincipal() == null) ? "NONE_PROVIDED" : authentication.getName();
boolean cacheWasUsed = true;
UserDetails user = this.userCache.getUserFromCache(username);
if (user == null) {
cacheWasUsed = false;
try {
user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication);
} catch (UsernameNotFoundException notFound) {
logger.debug("User '" + username + "' not found");
if (hideUserNotFoundExceptions) {
throw new BadCredentialsException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
} else {
throw notFound;
}
}
Assert.notNull(user, "retrieveUser returned null - a violation of the interface contract");
}
try {
preAuthenticationChecks.check(user);
additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
} catch (AuthenticationException exception) {
if (cacheWasUsed) {
// There was a problem, so try again after checking
// we're using latest data (i.e. not from the cache)
cacheWasUsed = false;
user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication);
preAuthenticationChecks.check(user);
additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
} else {
throw exception;
}
}
postAuthenticationChecks.check(user);
if (!cacheWasUsed) {
this.userCache.putUserInCache(user);
}
Object principalToReturn = user;
if (forcePrincipalAsString) {
principalToReturn = user.getUsername();
}
return createSuccessAuthentication(principalToReturn, authentication, user);
}
Also used :
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
UserDetails(org.springframework.security.core.userdetails.UserDetails)
AuthenticationException(org.springframework.security.core.AuthenticationException)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Example 53 with UserDetails
use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.
the class JaasNameCallbackHandler method handle.
// ~ Methods
// ========================================================================================================
/**
* If the callback passed to the 'handle' method is an instance of NameCallback, the
* JaasNameCallbackHandler will call,
* callback.setName(authentication.getPrincipal().toString()).
*
* @param callback
* @param authentication
*
* @throws IOException
* @throws UnsupportedCallbackException
*/
public void handle(Callback callback, Authentication authentication) throws IOException, UnsupportedCallbackException {
if (callback instanceof NameCallback) {
NameCallback ncb = (NameCallback) callback;
String username;
Object principal = authentication.getPrincipal();
if (principal instanceof UserDetails) {
username = ((UserDetails) principal).getUsername();
} else {
username = principal.toString();
}
ncb.setName(username);
}
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Example 54 with UserDetails
use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.
the class JdbcUserDetailsManager method createNewAuthentication.
protected Authentication createNewAuthentication(Authentication currentAuth, String newPassword) {
UserDetails user = loadUserByUsername(currentAuth.getName());
UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
newAuthentication.setDetails(currentAuth.getDetails());
return newAuthentication;
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 55 with UserDetails
use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.
the class JdbcDaoImplTests method testRolePrefixWorks.
@Test
public void testRolePrefixWorks() throws Exception {
JdbcDaoImpl dao = makePopulatedJdbcDaoWithRolePrefix();
assertThat(dao.getRolePrefix()).isEqualTo("ARBITRARY_PREFIX_");
UserDetails user = dao.loadUserByUsername("rod");
assertThat(user.getUsername()).isEqualTo("rod");
assertThat(user.getAuthorities()).hasSize(2);
assertThat(AuthorityUtils.authorityListToSet(user.getAuthorities())).contains("ARBITRARY_PREFIX_ROLE_TELLER");
assertThat(AuthorityUtils.authorityListToSet(user.getAuthorities())).contains("ARBITRARY_PREFIX_ROLE_SUPERVISOR");
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Test(org.junit.Test)
Aggregations
UserDetails (org.springframework.security.core.userdetails.UserDetails)97
Test (org.junit.Test)37
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)32
Authentication (org.springframework.security.core.Authentication)30
GrantedAuthority (org.springframework.security.core.GrantedAuthority)16
User (org.springframework.security.core.userdetails.User)14
UserDetailsService (org.springframework.security.core.userdetails.UserDetailsService)14
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)9
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)8
LdapUserDetailsService (org.springframework.security.ldap.userdetails.LdapUserDetailsService)7
HttpServletRequest (javax.servlet.http.HttpServletRequest)6
UserAccountBean (org.akaza.openclinica.bean.login.UserAccountBean)6
UserAccountDAO (org.akaza.openclinica.dao.login.UserAccountDAO)6
UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)6
User (org.apache.atlas.web.model.User)4
User (org.hisp.dhis.user.User)4
IOException (java.io.IOException)3
Date (java.util.Date)3
HttpServletResponse (javax.servlet.http.HttpServletResponse)3
DirContextAdapter (org.springframework.ldap.core.DirContextAdapter)3
