Examples with UserSession com.haulmont.cuba.security.global.UserSession used on opensource projects

Search in sources :

Example 26 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class IpMaskUserAccessChecker method check.

@Override
public void check(Credentials credentials, AuthenticationDetails authenticationDetails) throws LoginException {
    if (credentials instanceof AbstractClientCredentials) {
        AbstractClientCredentials clientCredentials = (AbstractClientCredentials) credentials;
        if (clientCredentials.isCheckClientPermissions() && clientCredentials.getIpAddress() != null) {
            String ipAddress = clientCredentials.getIpAddress();
            UserSession session = authenticationDetails.getSession();
            if (session.getUser().getIpMask() != null) {
                IpMatcher ipMatcher = new IpMatcher(session.getUser().getIpMask());
                if (!ipMatcher.match(ipAddress)) {
                    log.info("IP address {} is not permitted for user {}", ipAddress, session.getUser());
                    throw new UserIpRestrictedException(messages.getMessage(MSG_PACK, "LoginException.invalidIP"));
                }
            }
        }
    }
}
Also used : IpMatcher(com.haulmont.cuba.security.global.IpMatcher) UserIpRestrictedException(com.haulmont.cuba.security.global.UserIpRestrictedException) UserSession(com.haulmont.cuba.security.global.UserSession) AbstractClientCredentials(com.haulmont.cuba.security.auth.AbstractClientCredentials)

Example 27 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class AnonymousAuthenticationProvider method authenticate.

@Override
public AuthenticationDetails authenticate(Credentials credentials) throws LoginException {
    AnonymousUserCredentials anonymous = (AnonymousUserCredentials) credentials;
    String login = serverConfig.getAnonymousLogin();
    Locale credentialsLocale = anonymous.getLocale() == null ? messages.getTools().trimLocale(messages.getTools().getDefaultLocale()) : anonymous.getLocale();
    User user = loadUser(login);
    if (user == null) {
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    Locale userLocale = getUserLocale(anonymous, user);
    UUID anonymousSessionId = globalConfig.getAnonymousSessionId();
    UserSession session = createSession(anonymous, user, userLocale, anonymousSessionId);
    session.setClientInfo("System anonymous session");
    return new SimpleAuthenticationDetails(session);
}
Also used : Locale(java.util.Locale) User(com.haulmont.cuba.security.entity.User) UserSession(com.haulmont.cuba.security.global.UserSession) SimpleAuthenticationDetails(com.haulmont.cuba.security.auth.SimpleAuthenticationDetails) LoginException(com.haulmont.cuba.security.global.LoginException) UUID(java.util.UUID) AnonymousUserCredentials(com.haulmont.cuba.security.auth.AnonymousUserCredentials)

Example 28 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class LoginPasswordAuthenticationProvider method authenticate.

@Override
public AuthenticationDetails authenticate(Credentials credentials) throws LoginException {
    LoginPasswordCredentials loginAndPassword = (LoginPasswordCredentials) credentials;
    String login = loginAndPassword.getLogin();
    Locale credentialsLocale = loginAndPassword.getLocale() == null ? messages.getTools().getDefaultLocale() : loginAndPassword.getLocale();
    if (Strings.isNullOrEmpty(login)) {
        // empty login is not valid
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    checkUserCredentials(credentials);
    User user = loadUser(login);
    if (user == null) {
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    if (!passwordEncryption.checkPassword(user, loginAndPassword.getPassword())) {
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    Locale userLocale = getUserLocale(loginAndPassword, user);
    UserSession session = createSession(loginAndPassword, user, userLocale);
    setClientSessionParams(loginAndPassword, session);
    AuthenticationDetails authenticationDetails = new SimpleAuthenticationDetails(session);
    checkUserAccess(loginAndPassword, authenticationDetails);
    return authenticationDetails;
}
Also used : Locale(java.util.Locale) User(com.haulmont.cuba.security.entity.User) UserSession(com.haulmont.cuba.security.global.UserSession) LoginException(com.haulmont.cuba.security.global.LoginException)

Example 29 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class SystemAuthenticationProvider method authenticate.

@Override
public AuthenticationDetails authenticate(Credentials credentials) throws LoginException {
    SystemUserCredentials systemLogin = (SystemUserCredentials) credentials;
    String login = systemLogin.getLogin();
    Locale credentialsLocale = systemLogin.getLocale() == null ? messages.getTools().getDefaultLocale() : systemLogin.getLocale();
    User user = loadUser(login);
    if (user == null) {
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    Locale userLocale = getUserLocale(systemLogin, user);
    UserSession session = userSessionManager.createSession(user, userLocale, true);
    return new SimpleAuthenticationDetails(session);
}
Also used : Locale(java.util.Locale) User(com.haulmont.cuba.security.entity.User) SystemUserCredentials(com.haulmont.cuba.security.auth.SystemUserCredentials) UserSession(com.haulmont.cuba.security.global.UserSession) SimpleAuthenticationDetails(com.haulmont.cuba.security.auth.SimpleAuthenticationDetails) LoginException(com.haulmont.cuba.security.global.LoginException)

Example 30 with UserSession

use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.

the class TrustedClientAuthenticationProvider method authenticate.

@Override
public AuthenticationDetails authenticate(Credentials credentials) throws LoginException {
    TrustedClientCredentials trustedClient = (TrustedClientCredentials) credentials;
    String login = trustedClient.getLogin();
    Locale credentialsLocale = trustedClient.getLocale() == null ? messages.getTools().getDefaultLocale() : trustedClient.getLocale();
    if (Strings.isNullOrEmpty(login)) {
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    User user = loadUser(login);
    if (user == null) {
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    if (trustedClient.getClientIpAddress() != null) {
        // reject request from not permitted client IP
        if (!trustedLoginHandler.checkAddress(trustedClient.getClientIpAddress())) {
            log.warn("Attempt of trusted login from not permitted IP address: {} {}", login, trustedClient.getClientIpAddress());
            throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
        }
    } else {
        log.trace("Unable to check trusted client IP for user {}. It is OK in case of local service invocation mode", trustedClient.getLogin());
    }
    if (!trustedLoginHandler.checkPassword(trustedClient.getTrustedClientPassword())) {
        throw new LoginException(getInvalidCredentialsMessage(login, credentialsLocale));
    }
    Locale userLocale = getUserLocale(trustedClient, user);
    UserSession session = createSession(trustedClient, user, userLocale);
    setClientSessionParams(trustedClient, session);
    AuthenticationDetails authenticationDetails = new SimpleAuthenticationDetails(session);
    checkUserAccess(trustedClient, authenticationDetails);
    return authenticationDetails;
}
Also used : Locale(java.util.Locale) User(com.haulmont.cuba.security.entity.User) UserSession(com.haulmont.cuba.security.global.UserSession) LoginException(com.haulmont.cuba.security.global.LoginException)

Aggregations

UserSession (com.haulmont.cuba.security.global.UserSession)127 SecurityContext (com.haulmont.cuba.core.sys.SecurityContext)29 LoginWorker (com.haulmont.cuba.security.app.LoginWorker)25 TestUserSessionSource (com.haulmont.cuba.testsupport.TestUserSessionSource)24 LoginException (com.haulmont.cuba.security.global.LoginException)23 Test (org.junit.Test)19 User (com.haulmont.cuba.security.entity.User)17 UUID (java.util.UUID)16 IOException (java.io.IOException)14 NoUserSessionException (com.haulmont.cuba.security.global.NoUserSessionException)12 ArrayList (java.util.ArrayList)11 Locale (java.util.Locale)11 List (java.util.List)10 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)9 FileStorageException (com.haulmont.cuba.core.global.FileStorageException)7 LogFileNotFoundException (com.haulmont.cuba.core.sys.logging.LogFileNotFoundException)6 UserSessionSource (com.haulmont.cuba.core.global.UserSessionSource)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)5 ServletRequestAttributes (org.springframework.web.context.request.ServletRequestAttributes)5 FileDescriptor (com.haulmont.cuba.core.entity.FileDescriptor)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial