Examples with IProxyFactory org.pentaho.platform.proxy.api.IProxyFactory used on opensource projects

Example 1 with IProxyFactory

use of org.pentaho.platform.proxy.api.IProxyFactory in project pentaho-engineering-samples by pentaho.

the class PentahoSamlAuthenticationSuccessHandler method onAuthenticationSuccess.

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
    try {
        if (authentication instanceof ExpiringUsernameAuthenticationToken) {
            // since no expiration date is passed, this token's behaviour is the same as UsernamePasswordAuthenticationToken
            // also, we would have a hard time supporting a supporting a saml-specific token like this
            // ExpiringUsernameAuthenticationToken in ss2-proxies / ss4-proxies
            // 
            // http://docs.spring.io/spring-security-saml/docs/current/api/org/springframework/security/providers/ExpiringUsernameAuthenticationToken.html
            authentication = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), authentication.getAuthorities());
            SecurityContextHolder.getContext().setAuthentication(authentication);
        }
        // legacy spring ( i.e. non-osgi spring.framework ) SecurityContext storing
        IProxyFactory factory = PentahoSystem.get(IProxyFactory.class);
        Object securityContextProxy = null;
        if (requireProxyWrapping) {
            securityContextProxy = factory.createProxy(SecurityContextHolder.getContext());
            request.setAttribute(SPRING_SECURITY_CONTEXT_KEY, securityContextProxy);
        } else {
            request.setAttribute(SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
        }
        // pentaho auth storing
        // $NON-NLS-1$
        logger.info("synchronizing current IPentahoSession with SecurityContext");
        IPentahoSession pentahoSession = PentahoSessionHolder.getSession();
        Assert.notNull(pentahoSession, "PentahoSessionHolder doesn't have a session");
        pentahoSession.setAuthenticated(authentication.getName());
        // Note: spring-security 2 expects an *array* of GrantedAuthorities ( ss4 uses a list )
        pentahoSession.setAttribute(IPentahoSession.SESSION_ROLES, requireProxyWrapping ? proxyGrantedAuthorities(factory, authentication.getAuthorities()) : authentication.getAuthorities());
        // time to create this user's home folder
        createUserHomeFolder(authentication.getName());
        super.onAuthenticationSuccess(request, new SamlOnRedirectUpdateSessionResponseWrapper(response, request, true, 0, requireProxyWrapping ? securityContextProxy : SecurityContextHolder.getContext(), authentication), authentication);
    } catch (Exception e) {
        logger.error(e.getLocalizedMessage(), e);
    }
}

Example 2 with IProxyFactory

use of org.pentaho.platform.proxy.api.IProxyFactory in project pentaho-engineering-samples by pentaho.

the class Utils method getAuthenticationFromRequest.

public static Authentication getAuthenticationFromRequest(ServletRequest request, boolean requireProxyWrapping) throws NoSuchMethodException, InvocationTargetException, IllegalAccessException, ProxyException {
    Authentication authentication = null;
    if (request != null && request instanceof HttpServletRequest && ((HttpServletRequest) request).getSession(false) != null && ((HttpServletRequest) request).getSession(false).getAttribute(SPRING_2_SECURITY_CTX_KEY) != null) {
        // step 1 - get spring 2 SecurityContext object stored in the HttpRequest
        Object s2SecurityContextObj = ((HttpServletRequest) request).getSession(false).getAttribute(SPRING_2_SECURITY_CTX_KEY);
        // step 2 - grab spring 2 SecurityContext's getAuthentication() method
        Method getAuthenticationMethod = s2SecurityContextObj.getClass().getMethod("getAuthentication");
        if (getAuthenticationMethod != null) {
            // to ensure no IllegalAccessException occurs
            getAuthenticationMethod.setAccessible(true);
            // step 3 - get spring 2 Authentication object
            Object s2AuthenticationObj = getAuthenticationMethod.invoke(s2SecurityContextObj);
            if (s2AuthenticationObj != null) {
                if (requireProxyWrapping) {
                    // step 4 - proxy wrap spring 2 Authentication object into a spring 4 one
                    IProxyFactory factory = PentahoSystem.get(IProxyFactory.class);
                    Object s4AuthenticationProxy = factory.createProxy(s2AuthenticationObj);
                    if (s4AuthenticationProxy != null && s4AuthenticationProxy instanceof Authentication) {
                        authentication = (Authentication) s4AuthenticationProxy;
                    }
                } else {
                    authentication = (Authentication) s2AuthenticationObj;
                }
            }
        }
    }
    return authentication;
}