Example 1 with GrantedAuthority
use of net.sf.acegisecurity.GrantedAuthority in project alfresco-repository by Alfresco.
the class AbstractAuthenticationComponent method setCurrentUserImpl.
/**
* Explicitly set the current user to be authenticated.
*
* @param userName
* String
* @return Authentication
*/
private Authentication setCurrentUserImpl(String userName) throws AuthenticationException {
if (userName == null) {
throw new AuthenticationException("Null user name");
}
if (isSystemUserName(userName)) {
return setSystemUserAsCurrentUser(getUserDomain(userName));
}
try {
UserDetails ud = null;
if (isGuestUserName(userName)) {
String tenantDomain = getUserDomain(userName);
if (logger.isTraceEnabled()) {
logger.trace("Setting the current user to the guest user of tenant domain \"" + tenantDomain + '"');
}
GrantedAuthority[] gas = new GrantedAuthority[0];
ud = new User(userName, "", true, true, true, true, gas);
} else {
if (logger.isTraceEnabled()) {
logger.trace("Setting the current user to \"" + AuthenticationUtil.maskUsername(userName) + '"');
}
ud = getUserDetails(userName);
if (!userName.equals(ud.getUsername())) {
ud = new User(userName, ud.getPassword(), ud.isEnabled(), ud.isAccountNonExpired(), ud.isCredentialsNonExpired(), ud.isAccountNonLocked(), ud.getAuthorities());
}
}
return setUserDetails(ud);
} catch (net.sf.acegisecurity.AuthenticationException ae) {
throw new AuthenticationException(ae.getMessage(), ae);
}
}
Also used :
UserDetails(net.sf.acegisecurity.UserDetails)
User(net.sf.acegisecurity.providers.dao.User)
GrantedAuthority(net.sf.acegisecurity.GrantedAuthority)
Example 2 with GrantedAuthority
use of net.sf.acegisecurity.GrantedAuthority in project alfresco-repository by Alfresco.
the class AbstractAuthenticationComponent method getUserDetails.
/**
* Default implementation that makes an ACEGI object on the fly
*
* @param userName String
* @return UserDetails
*/
protected UserDetails getUserDetails(String userName) {
GrantedAuthority[] gas = new GrantedAuthority[1];
gas[0] = new GrantedAuthorityImpl("ROLE_AUTHENTICATED");
UserDetails ud = new User(userName, "", true, true, true, true, gas);
return ud;
}
Also used :
UserDetails(net.sf.acegisecurity.UserDetails)
User(net.sf.acegisecurity.providers.dao.User)
GrantedAuthorityImpl(net.sf.acegisecurity.GrantedAuthorityImpl)
GrantedAuthority(net.sf.acegisecurity.GrantedAuthority)
Example 3 with GrantedAuthority
use of net.sf.acegisecurity.GrantedAuthority in project alfresco-repository by Alfresco.
the class TestAuthenticationServiceImpl method getUserDetails.
/**
* Default implementation that makes an ACEGI object on the fly
*
* @param userName
* @return
*/
protected UserDetails getUserDetails(String userName) {
GrantedAuthority[] gas = new GrantedAuthority[1];
gas[0] = new GrantedAuthorityImpl("ROLE_AUTHENTICATED");
UserDetails ud = new User(userName, "", true, true, true, true, gas);
return ud;
}
Also used :
UserDetails(net.sf.acegisecurity.UserDetails)
User(net.sf.acegisecurity.providers.dao.User)
GrantedAuthorityImpl(net.sf.acegisecurity.GrantedAuthorityImpl)
GrantedAuthority(net.sf.acegisecurity.GrantedAuthority)
Example 4 with GrantedAuthority
use of net.sf.acegisecurity.GrantedAuthority in project alfresco-repository by Alfresco.
the class AuthenticationContextImpl method setSystemUserAsCurrentUser.
public Authentication setSystemUserAsCurrentUser(String tenantDomain) {
GrantedAuthority[] gas = new GrantedAuthority[1];
gas[0] = new GrantedAuthorityImpl("ROLE_SYSTEM");
return setUserDetails(new User(getSystemUserName(tenantDomain), "", true, true, true, true, gas));
}
Also used :
User(net.sf.acegisecurity.providers.dao.User)
GrantedAuthorityImpl(net.sf.acegisecurity.GrantedAuthorityImpl)
GrantedAuthority(net.sf.acegisecurity.GrantedAuthority)
Example 5 with GrantedAuthority
use of net.sf.acegisecurity.GrantedAuthority in project alfresco-repository by Alfresco.
the class RepositoryAuthenticationDao method getUserEntryOrNullImpl.
private CacheEntry getUserEntryOrNullImpl(final String caseSensitiveSearchUserName) {
if (caseSensitiveSearchUserName == null || caseSensitiveSearchUserName.length() == 0) {
return null;
}
class SearchUserNameCallback implements RetryingTransactionCallback<CacheEntry> {
@Override
public CacheEntry execute() throws Throwable {
CacheEntry cacheEntry = authenticationCache.get(caseSensitiveSearchUserName);
// Check the cache entry if it exists
if (cacheEntry != null && !nodeService.exists(cacheEntry.nodeRef)) {
logger.warn("Detected state cache entry for '" + caseSensitiveSearchUserName + "'. Node does not exist: " + cacheEntry);
// We were about to give out a stale node. Something went wrong with the cache.
// The removal is guaranteed whether we commit or rollback.
removeAuthenticationFromCache(caseSensitiveSearchUserName);
cacheEntry = null;
}
// Check again
if (cacheEntry != null) {
// We found what we wanted
return cacheEntry;
}
// Not found, so query
List<ChildAssociationRef> results = nodeService.getChildAssocs(getUserFolderLocation(caseSensitiveSearchUserName), ContentModel.ASSOC_CHILDREN, QName.createQName(ContentModel.USER_MODEL_URI, caseSensitiveSearchUserName));
if (!results.isEmpty()) {
// Extract values from the query results
NodeRef userRef = tenantService.getName(results.get(0).getChildRef());
Map<QName, Serializable> properties = nodeService.getProperties(userRef);
Pair<List<String>, String> hashPassword = determinePasswordHash(properties);
// Report back the user name as stored on the user
String userName = DefaultTypeConverter.INSTANCE.convert(String.class, properties.get(ContentModel.PROP_USER_USERNAME));
Serializable salt = properties.get(ContentModel.PROP_SALT);
GrantedAuthority[] gas = new GrantedAuthority[1];
gas[0] = new GrantedAuthorityImpl("ROLE_AUTHENTICATED");
boolean isAdminAuthority = authorityService.isAdminAuthority(userName);
Date credentialsExpiryDate = getCredentialsExpiryDate(userName, properties, isAdminAuthority);
boolean credentialsHaveNotExpired = (credentialsExpiryDate == null || credentialsExpiryDate.getTime() >= System.currentTimeMillis());
UserDetails ud = new RepositoryAuthenticatedUser(userName, hashPassword.getSecond(), getEnabled(userName, properties, isAdminAuthority), !getHasExpired(userName, properties, isAdminAuthority), credentialsHaveNotExpired, !getLocked(userName, properties, isAdminAuthority), gas, hashPassword.getFirst(), salt);
cacheEntry = new CacheEntry(userRef, ud, credentialsExpiryDate);
// Only cache positive results
authenticationCache.put(caseSensitiveSearchUserName, cacheEntry);
}
return cacheEntry;
}
}
// Always use a transaction
return transactionService.getRetryingTransactionHelper().doInTransaction(new SearchUserNameCallback(), true);
}
Also used :
Serializable(java.io.Serializable)
QName(org.alfresco.service.namespace.QName)
GrantedAuthority(net.sf.acegisecurity.GrantedAuthority)
ChildAssociationRef(org.alfresco.service.cmr.repository.ChildAssociationRef)
Date(java.util.Date)
NodeRef(org.alfresco.service.cmr.repository.NodeRef)
UserDetails(net.sf.acegisecurity.UserDetails)
GrantedAuthorityImpl(net.sf.acegisecurity.GrantedAuthorityImpl)
RetryingTransactionCallback(org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback)
List(java.util.List)
Aggregations
GrantedAuthority (net.sf.acegisecurity.GrantedAuthority)8
User (net.sf.acegisecurity.providers.dao.User)6
GrantedAuthorityImpl (net.sf.acegisecurity.GrantedAuthorityImpl)5
UserDetails (net.sf.acegisecurity.UserDetails)5
Serializable (java.io.Serializable)1
Date (java.util.Date)1
List (java.util.List)1
Authentication (net.sf.acegisecurity.Authentication)1
UsernamePasswordAuthenticationToken (net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken)1
RetryingTransactionCallback (org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback)1
ChildAssociationRef (org.alfresco.service.cmr.repository.ChildAssociationRef)1
NodeRef (org.alfresco.service.cmr.repository.NodeRef)1
QName (org.alfresco.service.namespace.QName)1
