Example 6 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class GaeAuthenticationFilter method doFilter.
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
User googleUser = UserServiceFactory.getUserService().getCurrentUser();
if (authentication != null && !loggedInUserMatchesGaeUser(authentication, googleUser)) {
SecurityContextHolder.clearContext();
authentication = null;
((HttpServletRequest) request).getSession().invalidate();
}
if (authentication == null) {
if (googleUser != null) {
logger.debug("Currently logged on to GAE as user " + googleUser);
logger.debug("Authenticating to Spring Security");
// User has returned after authenticating via GAE. Need to authenticate
// through Spring Security.
PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(googleUser, null);
token.setDetails(ads.buildDetails((HttpServletRequest) request));
try {
authentication = authenticationManager.authenticate(token);
SecurityContextHolder.getContext().setAuthentication(authentication);
if (authentication.getAuthorities().contains(AppRole.NEW_USER)) {
logger.debug("New user authenticated. Redirecting to registration page");
((HttpServletResponse) response).sendRedirect(REGISTRATION_URL);
return;
}
} catch (AuthenticationException e) {
failureHandler.onAuthenticationFailure((HttpServletRequest) request, (HttpServletResponse) response, e);
return;
}
}
}
chain.doFilter(request, response);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
User(com.google.appengine.api.users.User)
GaeUser(samples.gae.users.GaeUser)
AuthenticationException(org.springframework.security.core.AuthenticationException)
Authentication(org.springframework.security.core.Authentication)
PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Example 7 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class RegistrationController method register.
@RequestMapping(method = RequestMethod.POST)
public String register(@Valid RegistrationForm form, BindingResult result) {
if (result.hasErrors()) {
return null;
}
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
GaeUser currentUser = (GaeUser) authentication.getPrincipal();
Set<AppRole> roles = EnumSet.of(AppRole.USER);
if (UserServiceFactory.getUserService().isUserAdmin()) {
roles.add(AppRole.ADMIN);
}
GaeUser user = new GaeUser(currentUser.getUserId(), currentUser.getNickname(), currentUser.getEmail(), form.getForename(), form.getSurname(), roles, true);
registry.registerUser(user);
// Update the context with the full authentication
SecurityContextHolder.getContext().setAuthentication(new GaeUserAuthentication(user, authentication.getDetails()));
return "redirect:/home.htm";
}
Also used :
AppRole(samples.gae.security.AppRole)
GaeUserAuthentication(samples.gae.security.GaeUserAuthentication)
Authentication(org.springframework.security.core.Authentication)
GaeUserAuthentication(samples.gae.security.GaeUserAuthentication)
GaeUser(samples.gae.users.GaeUser)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 8 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class ContactManagerTests method makeActiveUser.
private void makeActiveUser(String username) {
String password = "";
if ("rod".equals(username)) {
password = "koala";
} else if ("dianne".equals(username)) {
password = "emu";
} else if ("scott".equals(username)) {
password = "wombat";
} else if ("peter".equals(username)) {
password = "opal";
}
Authentication authRequest = new UsernamePasswordAuthenticationToken(username, password);
SecurityContextHolder.getContext().setAuthentication(authRequest);
}
Also used :
Authentication(org.springframework.security.core.Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 9 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class JaasApiIntegrationFilterTests method obtainSubjectNonJaasAuthentication.
@Test
public void obtainSubjectNonJaasAuthentication() {
Authentication authentication = new TestingAuthenticationToken("un", "pwd");
authentication.setAuthenticated(true);
SecurityContextHolder.getContext().setAuthentication(authentication);
assertNullSubject(filter.obtainSubject(request));
}
Also used :
Authentication(org.springframework.security.core.Authentication)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 10 with Authentication
use of org.springframework.security.core.Authentication in project spring-security-oauth by spring-projects.
the class JdbcClientTokenServicesTests method testSaveAndRemoveToken.
@Test
public void testSaveAndRemoveToken() throws Exception {
OAuth2AccessToken accessToken = new DefaultOAuth2AccessToken("FOO");
Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setClientId("client");
resource.setScope(Arrays.asList("foo", "bar"));
tokenStore.saveAccessToken(resource, authentication, accessToken);
tokenStore.removeAccessToken(resource, authentication);
// System.err.println(new JdbcTemplate(db).queryForList("select * from oauth_client_token"));
OAuth2AccessToken result = tokenStore.getAccessToken(resource, authentication);
assertNull(result);
}
Also used :
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
Authentication(org.springframework.security.core.Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
AuthorizationCodeResourceDetails(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Test(org.junit.Test)
Aggregations
Authentication (org.springframework.security.core.Authentication)498
Test (org.junit.Test)192
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)114
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)98
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)75
SecurityContext (org.springframework.security.core.context.SecurityContext)63
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)57
GrantedAuthority (org.springframework.security.core.GrantedAuthority)50
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)47
SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)42
MifosUser (org.mifos.security.MifosUser)38
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)34
HttpServletRequest (javax.servlet.http.HttpServletRequest)32
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)32
AuthenticationException (org.springframework.security.core.AuthenticationException)31
UserDetails (org.springframework.security.core.userdetails.UserDetails)31
MifosUserBuilder (org.mifos.builders.MifosUserBuilder)29
HashMap (java.util.HashMap)27
HttpServletResponse (javax.servlet.http.HttpServletResponse)27
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)25
