Examples with MidPointPrincipal com.evolveum.midpoint.security.api.MidPointPrincipal used on opensource projects

Search in sources :

Example 11 with MidPointPrincipal

use of com.evolveum.midpoint.security.api.MidPointPrincipal in project midpoint by Evolveum.

the class MidPointAuthenticationProvider method authenticate.

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    String enteredUsername = (String) authentication.getPrincipal();
    LOGGER.trace("Authenticating username '{}'", enteredUsername);
    ConnectionEnvironment connEnv = ConnectionEnvironment.create(SchemaConstants.CHANNEL_GUI_USER_URI);
    Authentication token;
    if (authentication instanceof UsernamePasswordAuthenticationToken) {
        String enteredPassword = (String) authentication.getCredentials();
        token = passwordAuthenticationEvaluator.authenticate(connEnv, new PasswordAuthenticationContext(enteredUsername, enteredPassword));
    } else if (authentication instanceof PreAuthenticatedAuthenticationToken) {
        token = passwordAuthenticationEvaluator.authenticateUserPreAuthenticated(connEnv, enteredUsername);
    } else {
        LOGGER.error("Unsupported authentication {}", authentication);
        throw new AuthenticationServiceException("web.security.provider.unavailable");
    }
    MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
    LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
    return token;
}
Also used : PasswordAuthenticationContext(com.evolveum.midpoint.model.api.context.PasswordAuthenticationContext) Authentication(org.springframework.security.core.Authentication) PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) ConnectionEnvironment(com.evolveum.midpoint.security.api.ConnectionEnvironment) MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal)

Example 12 with MidPointPrincipal

use of com.evolveum.midpoint.security.api.MidPointPrincipal in project midpoint by Evolveum.

the class AuditedLogoutHandler method auditEvent.

private void auditEvent(HttpServletRequest request, Authentication authentication) {
    MidPointPrincipal principal = SecurityUtils.getPrincipalUser(authentication);
    PrismObject<UserType> user = principal != null ? principal.getUser().asPrismObject() : null;
    Task task = taskManager.createTaskInstance();
    task.setOwner(user);
    task.setChannel(SchemaConstants.CHANNEL_GUI_USER_URI);
    AuditEventRecord record = new AuditEventRecord(AuditEventType.TERMINATE_SESSION, AuditEventStage.REQUEST);
    record.setInitiator(user);
    record.setParameter(WebComponentUtil.getName(user));
    record.setChannel(SchemaConstants.CHANNEL_GUI_USER_URI);
    record.setTimestamp(System.currentTimeMillis());
    record.setOutcome(OperationResultStatus.SUCCESS);
    // probably not needed, as audit service would take care of it; but it doesn't hurt so let's keep it here
    record.setHostIdentifier(request.getLocalName());
    record.setRemoteHostAddress(request.getLocalAddr());
    record.setNodeIdentifier(taskManager.getNodeId());
    record.setSessionIdentifier(request.getRequestedSessionId());
    auditService.audit(record, task);
}
Also used : Task(com.evolveum.midpoint.task.api.Task) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType) AuditEventRecord(com.evolveum.midpoint.audit.api.AuditEventRecord) MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal)

Example 13 with MidPointPrincipal

use of com.evolveum.midpoint.security.api.MidPointPrincipal in project midpoint by Evolveum.

the class TestSecurityPrincipal method test111GuybrushRoleCaptain.

@Test
public void test111GuybrushRoleCaptain() throws Exception {
    final String TEST_NAME = "test111GuybrushRoleCaptain";
    TestUtil.displayTestTile(this, TEST_NAME);
    // GIVEN
    login(USER_ADMINISTRATOR_USERNAME);
    Task task = taskManager.createTaskInstance(TestRbac.class.getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    assignRole(USER_GUYBRUSH_OID, ROLE_CAPTAIN_OID, task, result);
    resetAuthentication();
    // WHEN
    MidPointPrincipal principal = userProfileService.getPrincipal(USER_GUYBRUSH_USERNAME);
    // THEN
    display("Principal guybrush", principal);
    assertEquals("Wrong number of authorizations", 3, principal.getAuthorities().size());
    assertNotAuthorized(principal, AUTZ_LOOT_URL);
    assertAuthorized(principal, AUTZ_COMMAND_URL);
}
Also used : Task(com.evolveum.midpoint.task.api.Task) TestRbac(com.evolveum.midpoint.model.intest.rbac.TestRbac) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal) Test(org.testng.annotations.Test)

Example 14 with MidPointPrincipal

use of com.evolveum.midpoint.security.api.MidPointPrincipal in project midpoint by Evolveum.

the class TestSecurityPrincipal method test062GuybrushConditionalRoleUnassign.

@Test
public void test062GuybrushConditionalRoleUnassign() throws Exception {
    final String TEST_NAME = "test062GuybrushConditionalRoleUnassign";
    TestUtil.displayTestTile(this, TEST_NAME);
    login(USER_ADMINISTRATOR_USERNAME);
    unassignRole(USER_GUYBRUSH_OID, ROLE_CONDITIONAL_OID);
    resetAuthentication();
    // WHEN
    MidPointPrincipal principal = userProfileService.getPrincipal(USER_GUYBRUSH_USERNAME);
    // THEN
    display("Principal guybrush", principal);
    assertEquals("wrong username", USER_GUYBRUSH_USERNAME, principal.getUsername());
    assertEquals("wrong oid", USER_GUYBRUSH_OID, principal.getOid());
    assertTrue("Unexpected authorizations", principal.getAuthorities().isEmpty());
    display("User in principal guybrush", principal.getUser().asPrismObject());
    principal.getUser().asPrismObject().checkConsistence(true, true);
    assertNotAuthorized(principal, AUTZ_LOOT_URL);
    assertNotAuthorized(principal, AUTZ_COMMAND_URL);
}
Also used : MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal) Test(org.testng.annotations.Test)

Example 15 with MidPointPrincipal

use of com.evolveum.midpoint.security.api.MidPointPrincipal in project midpoint by Evolveum.

the class TestSecurityPrincipal method test050GetUserJack.

@Test
public void test050GetUserJack() throws Exception {
    final String TEST_NAME = "test050GetUserJack";
    TestUtil.displayTestTile(this, TEST_NAME);
    resetAuthentication();
    // WHEN
    MidPointPrincipal principal = userProfileService.getPrincipal(USER_JACK_USERNAME);
    // THEN
    assertNoAuthentication();
    assertJack(principal);
    assertTrue("Unexpected authorizations", principal.getAuthorities().isEmpty());
    assertNoAuthentication();
    assertNotAuthorized(principal, AUTZ_LOOT_URL);
    assertNotAuthorized(principal, AUTZ_COMMAND_URL);
    assertNoAuthentication();
}
Also used : MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal) Test(org.testng.annotations.Test)

Aggregations

MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)75 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)35 Task (com.evolveum.midpoint.task.api.Task)35 Test (org.testng.annotations.Test)30 AbstractInitializedModelIntegrationTest (com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest)18 TestTriggerTask (com.evolveum.midpoint.model.intest.TestTriggerTask)18 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)11 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)10 SecurityViolationException (com.evolveum.midpoint.util.exception.SecurityViolationException)10 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)9 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)8 IdItemPathSegment (com.evolveum.midpoint.prism.path.IdItemPathSegment)6 NameItemPathSegment (com.evolveum.midpoint.prism.path.NameItemPathSegment)6 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)6 Authentication (org.springframework.security.core.Authentication)6 TestRbac (com.evolveum.midpoint.model.intest.rbac.TestRbac)5 SystemException (com.evolveum.midpoint.util.exception.SystemException)5 Authorization (com.evolveum.midpoint.security.api.Authorization)3 ConnectionEnvironment (com.evolveum.midpoint.security.api.ConnectionEnvironment)3 CommunicationException (com.evolveum.midpoint.util.exception.CommunicationException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial