use of org.springframework.security.authentication.AnonymousAuthenticationToken in project midpoint by Evolveum.
the class SecurityEnforcerImpl method runPrivileged.
@Override
public <T> T runPrivileged(Producer<T> producer) {
LOGGER.debug("Running {} as privileged", producer);
Authentication origAuthentication = SecurityContextHolder.getContext().getAuthentication();
LOGGER.trace("ORIG auth {}", origAuthentication);
// Try to reuse the original identity as much as possible. All we need to is add AUTZ_ALL
// to the list of authorities
Authorization privilegedAuthorization = createPrivilegedAuthorization();
Object newPrincipal = null;
if (origAuthentication != null) {
Object origPrincipal = origAuthentication.getPrincipal();
if (origAuthentication instanceof AnonymousAuthenticationToken) {
newPrincipal = origPrincipal;
} else {
LOGGER.trace("ORIG principal {} ({})", origPrincipal, origPrincipal != null ? origPrincipal.getClass() : null);
if (origPrincipal != null) {
if (origPrincipal instanceof MidPointPrincipal) {
MidPointPrincipal newMidPointPrincipal = ((MidPointPrincipal) origPrincipal).clone();
newMidPointPrincipal.getAuthorities().add(privilegedAuthorization);
newPrincipal = newMidPointPrincipal;
}
}
}
Collection<GrantedAuthority> newAuthorities = new ArrayList<>();
newAuthorities.addAll(origAuthentication.getAuthorities());
newAuthorities.add(privilegedAuthorization);
PreAuthenticatedAuthenticationToken newAuthorization = new PreAuthenticatedAuthenticationToken(newPrincipal, null, newAuthorities);
LOGGER.trace("NEW auth {}", newAuthorization);
SecurityContextHolder.getContext().setAuthentication(newAuthorization);
} else {
LOGGER.debug("No original authentication, do NOT setting any privileged security context");
}
try {
return producer.run();
} finally {
SecurityContextHolder.getContext().setAuthentication(origAuthentication);
LOGGER.debug("Finished running {} as privileged", producer);
LOGGER.trace("Security context after privileged operation: {}", SecurityContextHolder.getContext());
}
}
use of org.springframework.security.authentication.AnonymousAuthenticationToken in project cxf by apache.
the class SpringOAuthAuthenticationFilter method doFilter.
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
List<String> authorities = (List<String>) request.getAttribute(OAUTH_AUTHORITIES);
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
if (authorities != null) {
for (String authority : authorities) {
grantedAuthorities.add(new SimpleGrantedAuthority(authority));
}
Authentication auth = new AnonymousAuthenticationToken(UUID.randomUUID().toString(), req.getUserPrincipal(), grantedAuthorities);
SecurityContextHolder.getContext().setAuthentication(auth);
}
chain.doFilter(req, resp);
}
Aggregations