use of org.apache.shiro.subject.SimplePrincipalCollection in project shiro by apache.
the class CasRealm method doGetAuthenticationInfo.
/**
* Authenticates a user and retrieves its information.
*
* @param token the authentication token
* @throws AuthenticationException if there is an error during authentication.
*/
@Override
@SuppressWarnings("unchecked")
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
CasToken casToken = (CasToken) token;
if (token == null) {
return null;
}
String ticket = (String) casToken.getCredentials();
if (!StringUtils.hasText(ticket)) {
return null;
}
TicketValidator ticketValidator = ensureTicketValidator();
try {
// contact CAS server to validate service ticket
Assertion casAssertion = ticketValidator.validate(ticket, getCasService());
// get principal, user id and attributes
AttributePrincipal casPrincipal = casAssertion.getPrincipal();
String userId = casPrincipal.getName();
log.debug("Validate ticket : {} in CAS server : {} to retrieve user : {}", new Object[] { ticket, getCasServerUrlPrefix(), userId });
Map<String, Object> attributes = casPrincipal.getAttributes();
// refresh authentication token (user id + remember me)
casToken.setUserId(userId);
String rememberMeAttributeName = getRememberMeAttributeName();
String rememberMeStringValue = (String) attributes.get(rememberMeAttributeName);
boolean isRemembered = rememberMeStringValue != null && Boolean.parseBoolean(rememberMeStringValue);
if (isRemembered) {
casToken.setRememberMe(true);
}
// create simple authentication info
List<Object> principals = CollectionUtils.asList(userId, attributes);
PrincipalCollection principalCollection = new SimplePrincipalCollection(principals, getName());
return new SimpleAuthenticationInfo(principalCollection, ticket);
} catch (TicketValidationException e) {
throw new CasAuthenticationException("Unable to validate ticket [" + ticket + "]", e);
}
}
use of org.apache.shiro.subject.SimplePrincipalCollection in project shiro by apache.
the class CasRealm method doGetAuthorizationInfo.
/**
* Retrieves the AuthorizationInfo for the given principals (the CAS previously authenticated user : id + attributes).
*
* @param principals the primary identifying principals of the AuthorizationInfo that should be retrieved.
* @return the AuthorizationInfo associated with this principals.
*/
@Override
@SuppressWarnings("unchecked")
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// retrieve user information
SimplePrincipalCollection principalCollection = (SimplePrincipalCollection) principals;
List<Object> listPrincipals = principalCollection.asList();
Map<String, String> attributes = (Map<String, String>) listPrincipals.get(1);
// create simple authorization info
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
// add default roles
addRoles(simpleAuthorizationInfo, split(defaultRoles));
// add default permissions
addPermissions(simpleAuthorizationInfo, split(defaultPermissions));
// get roles from attributes
List<String> attributeNames = split(roleAttributeNames);
for (String attributeName : attributeNames) {
String value = attributes.get(attributeName);
addRoles(simpleAuthorizationInfo, split(value));
}
// get permissions from attributes
attributeNames = split(permissionAttributeNames);
for (String attributeName : attributeNames) {
String value = attributes.get(attributeName);
addPermissions(simpleAuthorizationInfo, split(value));
}
return simpleAuthorizationInfo;
}
use of org.apache.shiro.subject.SimplePrincipalCollection in project vertx-auth by vert-x3.
the class ShiroUser method setAuthProvider.
@Override
public void setAuthProvider(AuthProvider authProvider) {
if (authProvider instanceof ShiroAuthProviderImpl) {
ShiroAuthProviderImpl shiroAuthProvider = (ShiroAuthProviderImpl) authProvider;
this.vertx = shiroAuthProvider.getVertx();
this.securityManager = shiroAuthProvider.getSecurityManager();
// before doing any shiro operations set the context
SecurityUtils.setSecurityManager(securityManager);
// generate the subject back from the provider
SubjectContext subjectContext = new DefaultSubjectContext();
PrincipalCollection coll = new SimplePrincipalCollection(username, shiroAuthProvider.getRealmName());
subjectContext.setPrincipals(coll);
subject = securityManager.createSubject(subjectContext);
} else {
throw new IllegalArgumentException("Not a ShiroAuthProviderImpl");
}
}
use of org.apache.shiro.subject.SimplePrincipalCollection in project killbill by killbill.
the class DefaultSecurityApi method invalidateJDBCAuthorizationCache.
private void invalidateJDBCAuthorizationCache(final String username) {
final Collection<Realm> realms = ((DefaultSecurityManager) SecurityUtils.getSecurityManager()).getRealms();
final KillBillJdbcRealm killBillJdbcRealm = (KillBillJdbcRealm) Iterables.tryFind(realms, new Predicate<Realm>() {
@Override
public boolean apply(@Nullable final Realm input) {
return (input instanceof KillBillJdbcRealm);
}
}).orNull();
if (killBillJdbcRealm != null) {
final SimplePrincipalCollection principals = new SimplePrincipalCollection();
principals.add(username, killBillJdbcRealm.getName());
killBillJdbcRealm.clearCachedAuthorizationInfo(principals);
}
}
use of org.apache.shiro.subject.SimplePrincipalCollection in project killbill by killbill.
the class TestKillBillAuth0Realm method testCheckAuth0Connection.
@Test(groups = "external", enabled = false)
public void testCheckAuth0Connection() throws Exception {
// Convenience method to verify your Auth0 connectivity
final Properties props = new Properties();
props.setProperty("org.killbill.security.auth0.url", "https://XXX.us.auth0.com");
props.setProperty("org.killbill.security.auth0.clientId", "YYY");
props.setProperty("org.killbill.security.auth0.clientSecret", "ZZZ");
props.setProperty("org.killbill.security.auth0.apiIdentifier", "WWW");
props.setProperty("org.killbill.security.auth0.databaseConnectionName", "Username-Password-Authentication");
props.setProperty("org.killbill.security.auth0.allowedClockSkew", "2000s");
final ConfigSource customConfigSource = new SimplePropertyConfigSource(props);
final SecurityConfig securityConfig = new ConfigurationObjectFactory(customConfigSource).build(SecurityConfig.class);
final KillBillAuth0Realm auth0Realm = new KillBillAuth0Realm(securityConfig, clock);
final String username = "test@example.com";
final String password = "password";
// Check authentication
final AuthenticationToken token = new UsernamePasswordToken(username, password);
final AuthenticationInfo authenticationInfo = auth0Realm.getAuthenticationInfo(token);
System.out.println(authenticationInfo);
// Check permissions
final PrincipalCollection principals = new SimplePrincipalCollection(username, username);
final AuthorizationInfo authorizationInfo = auth0Realm.doGetAuthorizationInfo(principals);
System.out.println("Roles: " + authorizationInfo.getRoles());
System.out.println("Permissions: " + authorizationInfo.getStringPermissions());
// Check JWT
final Claims claims = auth0Realm.verifyJWT("JWT");
System.out.println("Token claims: " + claims);
}
Aggregations