Examples with Authentication org.craftercms.security.authentication.Authentication used on opensource projects

Search in sources :

Example 1 with Authentication

use of org.craftercms.security.authentication.Authentication in project engine by craftercms.

the class CrafterPageAccessManager method checkAccess.

/**
     * Checks if the user has sufficient rights to access the specified page:
     *
     * <ol>
     *     <li>If the page doesn't contain any required role, no authentication is needed.</li>
     *     <li>If the page has the role "Anonymous", no authentication is needed.</li>
     *     <li>If the page has the role "Authenticated", just authentication is needed.</li>
     *     <li>If the page has any other the roles, the user needs to have any of those roles.</li>
     * </ol>
     */
@RunIfSecurityEnabled
public void checkAccess(SiteItem page) throws AuthenticationRequiredException, AccessDeniedException {
    String pageUrl = page.getStoreUrl();
    Profile profile = null;
    Authentication auth = SecurityUtils.getCurrentAuthentication();
    if (auth != null) {
        profile = auth.getProfile();
    }
    List<String> authorizedRoles = getAuthorizedRolesForPage(page);
    if (CollectionUtils.isNotEmpty(authorizedRoles) && !containsRole("anonymous", authorizedRoles)) {
        // If profile == null it is anonymous
        if (profile == null) {
            throw new AuthenticationRequiredException("User is anonymous but page '" + pageUrl + "' requires authentication");
        }
        if (!containsRole("authenticated", authorizedRoles) && !profile.hasAnyRole(authorizedRoles)) {
            throw new AccessDeniedException("User '" + profile.getUsername() + "' is not authorized " + "to view page '" + pageUrl + "'");
        }
    }
}
Also used : AccessDeniedException(org.craftercms.security.exception.AccessDeniedException) Authentication(org.craftercms.security.authentication.Authentication) AuthenticationRequiredException(org.craftercms.security.exception.AuthenticationRequiredException) Profile(org.craftercms.profile.api.Profile) RunIfSecurityEnabled(org.craftercms.security.annotations.RunIfSecurityEnabled)

Example 2 with Authentication

use of org.craftercms.security.authentication.Authentication in project engine by craftercms.

the class GroovyScriptUtils method addSecurityVariables.

private static void addSecurityVariables(Map<String, Object> variables) {
    Authentication auth = SecurityUtils.getCurrentAuthentication();
    Profile profile = null;
    if (auth != null) {
        profile = auth.getProfile();
    }
    variables.put(VARIABLE_AUTH, auth);
    variables.put(VARIABLE_PROFILE, profile);
}
Also used : Authentication(org.craftercms.security.authentication.Authentication) Profile(org.craftercms.profile.api.Profile)

Example 3 with Authentication

use of org.craftercms.security.authentication.Authentication in project engine by craftercms.

the class CrafterFreeMarkerView method buildTemplateModel.

@Override
protected SimpleHash buildTemplateModel(final Map<String, Object> model, final HttpServletRequest request, final HttpServletResponse response) {
    AllHttpScopesAndAppContextHashModel templateModel = new AllHttpScopesAndAppContextHashModel(getObjectWrapper(), applicationContextAccessor, getServletContext(), request);
    HttpSessionHashModel sessionModel = createSessionModel(request, response);
    HttpRequestHashModel requestModel = new HttpRequestHashModel(request, response, getObjectWrapper());
    HttpRequestParametersHashModel requestParamsModel = new HttpRequestParametersHashModel(request);
    Map<String, String> cookies = createCookieMap(request);
    templateModel.put(KEY_APPLICATION_CAP, servletContextHashModel);
    templateModel.put(KEY_APPLICATION, servletContextHashModel);
    templateModel.put(KEY_SESSION_CAP, sessionModel);
    templateModel.put(KEY_SESSION, sessionModel);
    templateModel.put(KEY_REQUEST_CAP, requestModel);
    templateModel.put(KEY_REQUEST, requestModel);
    templateModel.put(KEY_REQUEST_PARAMS_CAP, requestParamsModel);
    templateModel.put(KEY_REQUEST_PARAMS, requestParamsModel);
    templateModel.put(KEY_APP_CONTEXT_CAP, applicationContextAccessor);
    templateModel.put(KEY_APP_CONTEXT, applicationContextAccessor);
    templateModel.put(KEY_COOKIES_CAP, cookies);
    templateModel.put(KEY_COOKIES, cookies);
    Authentication auth = SecurityUtils.getAuthentication(request);
    if (auth != null) {
        templateModel.put(KEY_AUTH_CAP, auth);
        templateModel.put(KEY_AUTH, auth);
        templateModel.put(KEY_PROFILE_CAP, auth.getProfile());
        templateModel.put(KEY_PROFILE, auth.getProfile());
    }
    SiteContext siteContext = SiteContext.getCurrent();
    Configuration siteConfig = siteContext.getConfig();
    Locale locale = LocaleContextHolder.getLocale();
    TemplateHashModel staticModels = BeansWrapper.getDefaultInstance().getStaticModels();
    TemplateHashModel enumModels = BeansWrapper.getDefaultInstance().getEnumModels();
    templateModel.put(KEY_STATICS_CAP, staticModels);
    templateModel.put(KEY_STATICS, staticModels);
    templateModel.put(KEY_ENUMS_CAP, enumModels);
    templateModel.put(KEY_ENUMS, enumModels);
    templateModel.put(KEY_SITE_CONTEXT_CAP, siteContext);
    templateModel.put(KEY_SITE_CONTEXT, siteContext);
    templateModel.put(KEY_LOCALE_CAP, locale);
    templateModel.put(KEY_LOCALE, locale);
    if (siteConfig != null) {
        templateModel.put(KEY_SITE_CONFIG, siteConfig);
        templateModel.put(KEY_SITE_CONFIG_CAP, siteConfig);
    }
    templateModel.putAll(model);
    ObjectFactory<SimpleHash> componentModelFactory = new ObjectFactory<SimpleHash>() {

        public SimpleHash getObject() {
            return buildTemplateModel(model, request, response);
        }
    };
    RenderComponentDirective renderComponentDirective = new RenderComponentDirective();
    renderComponentDirective.setSiteItemService(siteItemService);
    renderComponentDirective.setModelFactory(componentModelFactory);
    renderComponentDirective.setTemplateXPathQuery(componentTemplateXPathQuery);
    renderComponentDirective.setTemplateNamePrefix(componentTemplateNamePrefix);
    renderComponentDirective.setTemplateNameSuffix(componentTemplateNameSuffix);
    renderComponentDirective.setIncludeElementName(componentIncludeElementName);
    renderComponentDirective.setScriptResolver(componentScriptResolver);
    renderComponentDirective.setServletContext(getServletContext());
    ExecuteControllerDirective executeControllerDirective = new ExecuteControllerDirective();
    executeControllerDirective.setServletContext(getServletContext());
    templateModel.put(RENDER_COMPONENT_DIRECTIVE_NAME, renderComponentDirective);
    templateModel.put(EXECUTE_CONTROLLER_DIRECTIVE_NAME, executeControllerDirective);
    return templateModel;
}
Also used : Locale(java.util.Locale) HttpRequestHashModel(org.craftercms.engine.util.freemarker.HttpRequestHashModel) Configuration(org.apache.commons.configuration.Configuration) SiteContext(org.craftercms.engine.service.context.SiteContext) ExecuteControllerDirective(org.craftercms.engine.freemarker.ExecuteControllerDirective) RenderComponentDirective(org.craftercms.engine.freemarker.RenderComponentDirective) HttpSessionHashModel(freemarker.ext.servlet.HttpSessionHashModel) TemplateHashModel(freemarker.template.TemplateHashModel) ObjectFactory(org.springframework.beans.factory.ObjectFactory) Authentication(org.craftercms.security.authentication.Authentication) SimpleHash(freemarker.template.SimpleHash) HttpRequestParametersHashModel(freemarker.ext.servlet.HttpRequestParametersHashModel)

Aggregations

Authentication (org.craftercms.security.authentication.Authentication)3 Profile (org.craftercms.profile.api.Profile)2 HttpRequestParametersHashModel (freemarker.ext.servlet.HttpRequestParametersHashModel)1 HttpSessionHashModel (freemarker.ext.servlet.HttpSessionHashModel)1 SimpleHash (freemarker.template.SimpleHash)1 TemplateHashModel (freemarker.template.TemplateHashModel)1 Locale (java.util.Locale)1 Configuration (org.apache.commons.configuration.Configuration)1 ExecuteControllerDirective (org.craftercms.engine.freemarker.ExecuteControllerDirective)1 RenderComponentDirective (org.craftercms.engine.freemarker.RenderComponentDirective)1 SiteContext (org.craftercms.engine.service.context.SiteContext)1 HttpRequestHashModel (org.craftercms.engine.util.freemarker.HttpRequestHashModel)1 RunIfSecurityEnabled (org.craftercms.security.annotations.RunIfSecurityEnabled)1 AccessDeniedException (org.craftercms.security.exception.AccessDeniedException)1 AuthenticationRequiredException (org.craftercms.security.exception.AuthenticationRequiredException)1 ObjectFactory (org.springframework.beans.factory.ObjectFactory)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial