Example 1 with AgileUserDetails
use of com.jeeagile.springsecurity.userdetails.AgileUserDetails in project jeeagile by jeeagile.
the class AgileSpringSecurity method userLogin.
@Override
public void userLogin(AgileLoginUser agileLoginUser) {
try {
UsernamePasswordAuthenticationToken passwordAuthenticationToken = new UsernamePasswordAuthenticationToken(agileLoginUser.getUserName(), agileLoginUser.getPassword());
Authentication authentication = authenticationManager.authenticate(passwordAuthenticationToken);
AgileUserDetails agileUserDetails = (AgileUserDetails) authentication.getPrincipal();
if (agileUserDetails != null && AgileStringUtil.isNotEmpty(agileUserDetails.getUsername())) {
String userToken = agileUserDetails.getUserData().getUserToken();
AgileCacheUtil.put(AgileCacheConstants.AGILE_CACHE_SESSION_NAME, userToken, agileUserDetails);
sessionRegistry.registerNewSession(userToken, userToken);
SecurityContextHolder.getContext().setAuthentication(authentication);
}
} catch (AgileBaseException ex) {
throw ex;
} catch (Exception ex) {
if (ex.getCause() instanceof AgileBaseException) {
throw (AgileBaseException) ex.getCause();
} else if (ex instanceof BadCredentialsException) {
throw new AgileAuthException("用户登录密码错误!");
} else {
log.error("Spring Security用户登录认证出现异常", ex);
throw new AgileAuthException("Spring Security用户登录认证出现异常!");
}
}
}
Also used :
AgileUserDetails(com.jeeagile.springsecurity.userdetails.AgileUserDetails)
AgileBaseException(com.jeeagile.core.exception.AgileBaseException)
Authentication(org.springframework.security.core.Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
AgileAuthException(com.jeeagile.core.exception.AgileAuthException)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
AgileAuthException(com.jeeagile.core.exception.AgileAuthException)
AgileBaseException(com.jeeagile.core.exception.AgileBaseException)
Example 2 with AgileUserDetails
use of com.jeeagile.springsecurity.userdetails.AgileUserDetails in project jeeagile by jeeagile.
the class AgilePermissionEvaluator method checkPermission.
private boolean checkPermission(Authentication authentication, Object permission) {
if (AgileStringUtil.isEmpty(permission)) {
return false;
}
AgileUserDetails agileUserDetails = (AgileUserDetails) authentication.getPrincipal();
AgileBaseUser userData = null;
if (agileUserDetails != null) {
userData = agileUserDetails.getUserData();
}
if (AgileStringUtil.isEmpty(userData) || CollectionUtils.isEmpty(userData.getUserPerm())) {
return false;
}
return userData.getUserPerm().contains("*:*:*") || userData.getUserPerm().contains(permission);
}
Also used :
AgileUserDetails(com.jeeagile.springsecurity.userdetails.AgileUserDetails)
AgileBaseUser(com.jeeagile.core.security.user.AgileBaseUser)
Example 3 with AgileUserDetails
use of com.jeeagile.springsecurity.userdetails.AgileUserDetails in project jeeagile by jeeagile.
the class AgileUserTokenFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
String userToken = AgileServletUtil.getUserToken(httpServletRequest);
SecurityContext securityContext = SecurityContextHolder.getContext();
if (AgileStringUtil.isNotEmpty(userToken) && securityContext.getAuthentication() == null) {
AgileUserDetails agileUserDetails = (AgileUserDetails) AgileCacheUtil.get(AgileCacheConstants.AGILE_CACHE_SESSION_NAME, userToken);
if (agileUserDetails != null && AgileStringUtil.isNotEmpty(agileUserDetails.getUsername())) {
AgileCacheUtil.put(AgileCacheConstants.AGILE_CACHE_SESSION_NAME, userToken, agileUserDetails);
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(userToken);
if (sessionInformation == null) {
sessionRegistry.registerNewSession(userToken, userToken);
} else {
sessionRegistry.refreshLastRequest(userToken);
}
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(agileUserDetails, null, agileUserDetails.getAuthorities());
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
} else {
sessionRegistry.removeSessionInformation(userToken);
}
}
filterChain.doFilter(httpServletRequest, httpServletResponse);
}
Also used :
AgileUserDetails(com.jeeagile.springsecurity.userdetails.AgileUserDetails)
SessionInformation(org.springframework.security.core.session.SessionInformation)
SecurityContext(org.springframework.security.core.context.SecurityContext)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
WebAuthenticationDetailsSource(org.springframework.security.web.authentication.WebAuthenticationDetailsSource)
Example 4 with AgileUserDetails
use of com.jeeagile.springsecurity.userdetails.AgileUserDetails in project jeeagile by jeeagile.
the class AgileSpringSecurity method getOnlineUserList.
@Override
public List<AgileOnlineUser> getOnlineUserList() {
List<AgileOnlineUser> onlineUserList = new ArrayList<>();
List<Object> sessionIdList = sessionRegistry.getAllPrincipals();
for (Object sessionId : sessionIdList) {
AgileUserDetails agileUserDetails = (AgileUserDetails) AgileCacheUtil.get(AgileCacheConstants.AGILE_CACHE_SESSION_NAME, sessionId.toString());
if (agileUserDetails == null || AgileStringUtil.isEmpty(agileUserDetails.getUsername())) {
sessionRegistry.removeSessionInformation(sessionId.toString());
continue;
}
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId.toString());
if (sessionInformation == null) {
sessionRegistry.removeSessionInformation(sessionId.toString());
continue;
}
AgileOnlineUser agileOnlineUser = new AgileOnlineUser();
BeanUtils.copyProperties(agileUserDetails.getUserData(), agileOnlineUser);
agileOnlineUser.setStartAccessTime(agileUserDetails.getUserData().getLoginTime());
agileOnlineUser.setLastAccessTime(sessionInformation.getLastRequest());
onlineUserList.add(agileOnlineUser);
}
return onlineUserList;
}
Also used :
AgileUserDetails(com.jeeagile.springsecurity.userdetails.AgileUserDetails)
SessionInformation(org.springframework.security.core.session.SessionInformation)
ArrayList(java.util.ArrayList)
AgileOnlineUser(com.jeeagile.core.security.user.AgileOnlineUser)
Aggregations
AgileUserDetails (com.jeeagile.springsecurity.userdetails.AgileUserDetails)4
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)2
SessionInformation (org.springframework.security.core.session.SessionInformation)2
AgileAuthException (com.jeeagile.core.exception.AgileAuthException)1
AgileBaseException (com.jeeagile.core.exception.AgileBaseException)1
AgileBaseUser (com.jeeagile.core.security.user.AgileBaseUser)1
AgileOnlineUser (com.jeeagile.core.security.user.AgileOnlineUser)1
ArrayList (java.util.ArrayList)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
Authentication (org.springframework.security.core.Authentication)1
SecurityContext (org.springframework.security.core.context.SecurityContext)1
WebAuthenticationDetailsSource (org.springframework.security.web.authentication.WebAuthenticationDetailsSource)1
