Examples with Authentication org.springframework.security.core.Authentication used on opensource projects

Example 86 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class ProviderManagerTests method providerThrowsInternalAuthenticationServiceException.

// SEC-2367
@Test
public void providerThrowsInternalAuthenticationServiceException() {
    InternalAuthenticationServiceException expected = new InternalAuthenticationServiceException("Expected");
    ProviderManager mgr = new ProviderManager(Arrays.asList(createProviderWhichThrows(expected), createProviderWhichThrows(new BadCredentialsException("Oops"))), null);
    final Authentication authReq = mock(Authentication.class);
    try {
        mgr.authenticate(authReq);
        fail("Expected Exception");
    } catch (InternalAuthenticationServiceException success) {
    }
}

Example 87 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class AnonymousAuthenticationProviderTests method testNormalOperation.

@Test
public void testNormalOperation() throws Exception {
    AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider("qwerty");
    AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("qwerty", "Test", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
    Authentication result = aap.authenticate(token);
    assertThat(token).isEqualTo(result);
}

Example 88 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class SecurityRequestsTests method requestProtectedUrlWithAuthentication.

@Test
public void requestProtectedUrlWithAuthentication() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("test", "notused", "ROLE_USER");
    mvc.perform(get("/").with(authentication(authentication))).andExpect(status().isNotFound()).andExpect(authenticated().withAuthentication(authentication));
}

Example 89 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class AuthenticationPrincipalArgumentResolver method resolveArgument.

/*
	 * (non-Javadoc)
	 *
	 * @see org.springframework.web.method.support.HandlerMethodArgumentResolver#
	 * resolveArgument (org.springframework.core.MethodParameter,
	 * org.springframework.web.method.support.ModelAndViewContainer,
	 * org.springframework.web.context.request.NativeWebRequest,
	 * org.springframework.web.bind.support.WebDataBinderFactory)
	 */
public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null) {
        return null;
    }
    Object principal = authentication.getPrincipal();
    if (principal != null && !parameter.getParameterType().isAssignableFrom(principal.getClass())) {
        AuthenticationPrincipal authPrincipal = findMethodAnnotation(AuthenticationPrincipal.class, parameter);
        if (authPrincipal.errorOnInvalidType()) {
            throw new ClassCastException(principal + " is not assignable to " + parameter.getParameterType());
        } else {
            return null;
        }
    }
    return principal;
}

Example 90 with Authentication

use of org.springframework.security.core.Authentication in project spring-security by spring-projects.

the class JaasApiIntegrationFilter method obtainSubject.

/**
	 * <p>
	 * Obtains the <code>Subject</code> to run as or <code>null</code> if no
	 * <code>Subject</code> is available.
	 * </p>
	 * <p>
	 * The default implementation attempts to obtain the <code>Subject</code> from the
	 * <code>SecurityContext</code>'s <code>Authentication</code>. If it is of type
	 * <code>JaasAuthenticationToken</code> and is authenticated, the <code>Subject</code>
	 * is returned from it. Otherwise, <code>null</code> is returned.
	 * </p>
	 *
	 * @param request the current <code>ServletRequest</code>
	 * @return the Subject to run as or <code>null</code> if no <code>Subject</code> is
	 * available.
	 */
protected Subject obtainSubject(ServletRequest request) {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (logger.isDebugEnabled()) {
        logger.debug("Attempting to obtainSubject using authentication : " + authentication);
    }
    if (authentication == null) {
        return null;
    }
    if (!authentication.isAuthenticated()) {
        return null;
    }
    if (!(authentication instanceof JaasAuthenticationToken)) {
        return null;
    }
    JaasAuthenticationToken token = (JaasAuthenticationToken) authentication;
    LoginContext loginContext = token.getLoginContext();
    if (loginContext == null) {
        return null;
    }
    return loginContext.getSubject();
}