Example 66 with AnonymousAuthenticationToken
use of org.springframework.security.authentication.AnonymousAuthenticationToken in project nzbhydra2 by theotherp.
the class HydraAnonymousAuthenticationFilter method createAuthentication.
protected Authentication createAuthentication(HttpServletRequest request) {
AnonymousAuthenticationToken auth = new AnonymousAuthenticationToken(key, principal, authorities);
auth.setDetails(authenticationDetailsSource.buildDetails(request));
return auth;
}
Also used :
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
Example 67 with AnonymousAuthenticationToken
use of org.springframework.security.authentication.AnonymousAuthenticationToken in project shinyproxy by openanalytics.
the class UserService method canAccess.
private boolean canAccess(Authentication principalAuth, String appName) {
ShinyApp app = appService.getApp(appName);
if (app == null)
return false;
String[] groups = app.getGroups();
if (groups == null || groups.length == 0)
return true;
if (principalAuth == null || principalAuth instanceof AnonymousAuthenticationToken)
return true;
for (String group : groups) {
if (isMember(principalAuth, group))
return true;
}
return false;
}
Also used :
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
ShinyApp(eu.openanalytics.shinyproxy.services.AppService.ShinyApp)
Example 68 with AnonymousAuthenticationToken
use of org.springframework.security.authentication.AnonymousAuthenticationToken in project motan by weibocom.
the class LoggingAspect method getUsername.
private String getUsername() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication instanceof AnonymousAuthenticationToken) {
throw new CustomException.UnauthorizedException();
}
UserDetails userDetails = (UserDetails) authentication.getPrincipal();
return TokenUtils.getUserNameFromToken(userDetails.getUsername());
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Authentication(org.springframework.security.core.Authentication)
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
Example 69 with AnonymousAuthenticationToken
use of org.springframework.security.authentication.AnonymousAuthenticationToken in project motan by weibocom.
the class UserController method getUser.
/**
* Retrieves the currently logged in user.
*
* @return A transfer containing the username and the roles.
*/
@RequestMapping(value = "", method = RequestMethod.GET)
public UserTransfer getUser() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication instanceof AnonymousAuthenticationToken) {
throw new CustomException.UnauthorizedException();
}
UserDetails userDetails = (UserDetails) authentication.getPrincipal();
return new UserTransfer(userDetails.getUsername(), createRoleMap(userDetails));
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Authentication(org.springframework.security.core.Authentication)
UserTransfer(com.weibo.model.UserTransfer)
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 70 with AnonymousAuthenticationToken
use of org.springframework.security.authentication.AnonymousAuthenticationToken in project spring-security by spring-projects.
the class DefaultFilterChainValidator method checkLoginPageIsntProtected.
/*
* Checks for the common error of having a login page URL protected by the security
* interceptor
*/
private void checkLoginPageIsntProtected(FilterChainProxy fcp, List<Filter> filterStack) {
ExceptionTranslationFilter etf = getFilter(ExceptionTranslationFilter.class, filterStack);
if (etf == null || !(etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
return;
}
String loginPage = ((LoginUrlAuthenticationEntryPoint) etf.getAuthenticationEntryPoint()).getLoginFormUrl();
this.logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
FilterInvocation loginRequest = new FilterInvocation(loginPage, "POST");
List<Filter> filters = null;
try {
filters = fcp.getFilters(loginPage);
} catch (Exception ex) {
// May happen legitimately if a filter-chain request matcher requires more
// request data than that provided
// by the dummy request used when creating the filter invocation.
this.logger.info("Failed to obtain filter chain information for the login page. Unable to complete check.");
}
if (filters == null || filters.isEmpty()) {
this.logger.debug("Filter chain is empty for the login page");
return;
}
if (getFilter(DefaultLoginPageGeneratingFilter.class, filters) != null) {
this.logger.debug("Default generated login page is in use");
return;
}
FilterSecurityInterceptor fsi = getFilter(FilterSecurityInterceptor.class, filters);
FilterInvocationSecurityMetadataSource fids = fsi.getSecurityMetadataSource();
Collection<ConfigAttribute> attributes = fids.getAttributes(loginRequest);
if (attributes == null) {
this.logger.debug("No access attributes defined for login page URL");
if (fsi.isRejectPublicInvocations()) {
this.logger.warn("FilterSecurityInterceptor is configured to reject public invocations." + " Your login page may not be accessible.");
}
return;
}
AnonymousAuthenticationFilter anonPF = getFilter(AnonymousAuthenticationFilter.class, filters);
if (anonPF == null) {
this.logger.warn("The login page is being protected by the filter chain, but you don't appear to have" + " anonymous authentication enabled. This is almost certainly an error.");
return;
}
// Simulate an anonymous access with the supplied attributes.
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", anonPF.getPrincipal(), anonPF.getAuthorities());
try {
fsi.getAccessDecisionManager().decide(token, loginRequest, attributes);
} catch (AccessDeniedException ex) {
this.logger.warn("Anonymous access to the login page doesn't appear to be enabled. " + "This is almost certainly an error. Please check your configuration allows unauthenticated " + "access to the configured login page. (Simulated access was rejected: " + ex + ")");
} catch (Exception ex) {
// May happen legitimately if a filter-chain request matcher requires more
// request data than that provided
// by the dummy request used when creating the filter invocation. See SEC-1878
this.logger.info("Unable to check access to the login page to determine if anonymous access is allowed. " + "This might be an error, but can happen under normal circumstances.", ex);
}
}
Also used :
DefaultLoginPageGeneratingFilter(org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter)
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
FilterSecurityInterceptor(org.springframework.security.web.access.intercept.FilterSecurityInterceptor)
ExceptionTranslationFilter(org.springframework.security.web.access.ExceptionTranslationFilter)
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)
FilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource)
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
SecurityContextPersistenceFilter(org.springframework.security.web.context.SecurityContextPersistenceFilter)
Filter(jakarta.servlet.Filter)
DefaultLoginPageGeneratingFilter(org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter)
SessionManagementFilter(org.springframework.security.web.session.SessionManagementFilter)
JaasApiIntegrationFilter(org.springframework.security.web.jaasapi.JaasApiIntegrationFilter)
AnonymousAuthenticationFilter(org.springframework.security.web.authentication.AnonymousAuthenticationFilter)
BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter)
SecurityContextHolderAwareRequestFilter(org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter)
ExceptionTranslationFilter(org.springframework.security.web.access.ExceptionTranslationFilter)
UsernamePasswordAuthenticationFilter(org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter)
AnonymousAuthenticationFilter(org.springframework.security.web.authentication.AnonymousAuthenticationFilter)
FilterInvocation(org.springframework.security.web.FilterInvocation)
Aggregations
AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)87
Authentication (org.springframework.security.core.Authentication)37
Test (org.junit.jupiter.api.Test)22
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)17
ArrayList (java.util.ArrayList)14
GrantedAuthority (org.springframework.security.core.GrantedAuthority)13
SecurityContext (org.springframework.security.core.context.SecurityContext)10
MidpointAuthentication (com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)8
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)7
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)7
ModuleAuthentication (com.evolveum.midpoint.authentication.api.config.ModuleAuthentication)6
Before (org.junit.Before)5
Test (org.junit.Test)5
HttpServletRequest (javax.servlet.http.HttpServletRequest)4
HttpServletResponse (javax.servlet.http.HttpServletResponse)4
PreAuthenticatedAuthenticationToken (org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)4
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)4
FilterChain (jakarta.servlet.FilterChain)3
HashMap (java.util.HashMap)3
Map (java.util.Map)3
