Examples with SimplePrincipalCollection org.apache.shiro.subject.SimplePrincipalCollection used on opensource projects

Example 81 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project shiro by apache.

the class CasRealm method doGetAuthenticationInfo.

/**
 * Authenticates a user and retrieves its information.
 *
 * @param token the authentication token
 * @throws AuthenticationException if there is an error during authentication.
 */
@Override
@SuppressWarnings("unchecked")
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    CasToken casToken = (CasToken) token;
    if (token == null) {
        return null;
    }
    String ticket = (String) casToken.getCredentials();
    if (!StringUtils.hasText(ticket)) {
        return null;
    }
    TicketValidator ticketValidator = ensureTicketValidator();
    try {
        // contact CAS server to validate service ticket
        Assertion casAssertion = ticketValidator.validate(ticket, getCasService());
        // get principal, user id and attributes
        AttributePrincipal casPrincipal = casAssertion.getPrincipal();
        String userId = casPrincipal.getName();
        log.debug("Validate ticket : {} in CAS server : {} to retrieve user : {}", new Object[] { ticket, getCasServerUrlPrefix(), userId });
        Map<String, Object> attributes = casPrincipal.getAttributes();
        // refresh authentication token (user id + remember me)
        casToken.setUserId(userId);
        String rememberMeAttributeName = getRememberMeAttributeName();
        String rememberMeStringValue = (String) attributes.get(rememberMeAttributeName);
        boolean isRemembered = rememberMeStringValue != null && Boolean.parseBoolean(rememberMeStringValue);
        if (isRemembered) {
            casToken.setRememberMe(true);
        }
        // create simple authentication info
        List<Object> principals = CollectionUtils.asList(userId, attributes);
        PrincipalCollection principalCollection = new SimplePrincipalCollection(principals, getName());
        return new SimpleAuthenticationInfo(principalCollection, ticket);
    } catch (TicketValidationException e) {
        throw new CasAuthenticationException("Unable to validate ticket [" + ticket + "]", e);
    }
}

Example 82 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project shiro by apache.

the class CasRealm method doGetAuthorizationInfo.

/**
 * Retrieves the AuthorizationInfo for the given principals (the CAS previously authenticated user : id + attributes).
 *
 * @param principals the primary identifying principals of the AuthorizationInfo that should be retrieved.
 * @return the AuthorizationInfo associated with this principals.
 */
@Override
@SuppressWarnings("unchecked")
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    // retrieve user information
    SimplePrincipalCollection principalCollection = (SimplePrincipalCollection) principals;
    List<Object> listPrincipals = principalCollection.asList();
    Map<String, String> attributes = (Map<String, String>) listPrincipals.get(1);
    // create simple authorization info
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    // add default roles
    addRoles(simpleAuthorizationInfo, split(defaultRoles));
    // add default permissions
    addPermissions(simpleAuthorizationInfo, split(defaultPermissions));
    // get roles from attributes
    List<String> attributeNames = split(roleAttributeNames);
    for (String attributeName : attributeNames) {
        String value = attributes.get(attributeName);
        addRoles(simpleAuthorizationInfo, split(value));
    }
    // get permissions from attributes
    attributeNames = split(permissionAttributeNames);
    for (String attributeName : attributeNames) {
        String value = attributes.get(attributeName);
        addPermissions(simpleAuthorizationInfo, split(value));
    }
    return simpleAuthorizationInfo;
}

Example 83 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project vertx-auth by vert-x3.

the class ShiroUser method setAuthProvider.

@Override
public void setAuthProvider(AuthProvider authProvider) {
    if (authProvider instanceof ShiroAuthProviderImpl) {
        ShiroAuthProviderImpl shiroAuthProvider = (ShiroAuthProviderImpl) authProvider;
        this.vertx = shiroAuthProvider.getVertx();
        this.securityManager = shiroAuthProvider.getSecurityManager();
        // before doing any shiro operations set the context
        SecurityUtils.setSecurityManager(securityManager);
        // generate the subject back from the provider
        SubjectContext subjectContext = new DefaultSubjectContext();
        PrincipalCollection coll = new SimplePrincipalCollection(username, shiroAuthProvider.getRealmName());
        subjectContext.setPrincipals(coll);
        subject = securityManager.createSubject(subjectContext);
    } else {
        throw new IllegalArgumentException("Not a ShiroAuthProviderImpl");
    }
}

Example 84 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project killbill by killbill.

the class DefaultSecurityApi method invalidateJDBCAuthorizationCache.

private void invalidateJDBCAuthorizationCache(final String username) {
    final Collection<Realm> realms = ((DefaultSecurityManager) SecurityUtils.getSecurityManager()).getRealms();
    final KillBillJdbcRealm killBillJdbcRealm = (KillBillJdbcRealm) Iterables.tryFind(realms, new Predicate<Realm>() {

        @Override
        public boolean apply(@Nullable final Realm input) {
            return (input instanceof KillBillJdbcRealm);
        }
    }).orNull();
    if (killBillJdbcRealm != null) {
        final SimplePrincipalCollection principals = new SimplePrincipalCollection();
        principals.add(username, killBillJdbcRealm.getName());
        killBillJdbcRealm.clearCachedAuthorizationInfo(principals);
    }
}

Example 85 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project killbill by killbill.

the class TestKillBillAuth0Realm method testCheckAuth0Connection.

@Test(groups = "external", enabled = false)
public void testCheckAuth0Connection() throws Exception {
    // Convenience method to verify your Auth0 connectivity
    final Properties props = new Properties();
    props.setProperty("org.killbill.security.auth0.url", "https://XXX.us.auth0.com");
    props.setProperty("org.killbill.security.auth0.clientId", "YYY");
    props.setProperty("org.killbill.security.auth0.clientSecret", "ZZZ");
    props.setProperty("org.killbill.security.auth0.apiIdentifier", "WWW");
    props.setProperty("org.killbill.security.auth0.databaseConnectionName", "Username-Password-Authentication");
    props.setProperty("org.killbill.security.auth0.allowedClockSkew", "2000s");
    final ConfigSource customConfigSource = new SimplePropertyConfigSource(props);
    final SecurityConfig securityConfig = new ConfigurationObjectFactory(customConfigSource).build(SecurityConfig.class);
    final KillBillAuth0Realm auth0Realm = new KillBillAuth0Realm(securityConfig, clock);
    final String username = "test@example.com";
    final String password = "password";
    // Check authentication
    final AuthenticationToken token = new UsernamePasswordToken(username, password);
    final AuthenticationInfo authenticationInfo = auth0Realm.getAuthenticationInfo(token);
    System.out.println(authenticationInfo);
    // Check permissions
    final PrincipalCollection principals = new SimplePrincipalCollection(username, username);
    final AuthorizationInfo authorizationInfo = auth0Realm.doGetAuthorizationInfo(principals);
    System.out.println("Roles: " + authorizationInfo.getRoles());
    System.out.println("Permissions: " + authorizationInfo.getStringPermissions());
    // Check JWT
    final Claims claims = auth0Realm.verifyJWT("JWT");
    System.out.println("Token claims: " + claims);
}