use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.
the class AbstractAuthenticationToken method toString.
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append(super.toString()).append(": ");
sb.append("Principal: ").append(this.getPrincipal()).append("; ");
sb.append("Credentials: [PROTECTED]; ");
sb.append("Authenticated: ").append(this.isAuthenticated()).append("; ");
sb.append("Details: ").append(this.getDetails()).append("; ");
if (!authorities.isEmpty()) {
sb.append("Granted Authorities: ");
int i = 0;
for (GrantedAuthority authority : authorities) {
if (i++ > 0) {
sb.append(", ");
}
sb.append(authority);
}
} else {
sb.append("Not granted any authorities");
}
return sb.toString();
}
use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.
the class RunAsManagerImpl method buildRunAs.
public Authentication buildRunAs(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
List<GrantedAuthority> newAuthorities = new ArrayList<GrantedAuthority>();
for (ConfigAttribute attribute : attributes) {
if (this.supports(attribute)) {
GrantedAuthority extraAuthority = new SimpleGrantedAuthority(getRolePrefix() + attribute.getAttribute());
newAuthorities.add(extraAuthority);
}
}
if (newAuthorities.size() == 0) {
return null;
}
// Add existing authorities
newAuthorities.addAll(authentication.getAuthorities());
return new RunAsUserToken(this.key, authentication.getPrincipal(), authentication.getCredentials(), newAuthorities, authentication.getClass());
}
use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.
the class AbstractJaasAuthenticationProvider method authenticate.
/**
* Attempts to login the user given the Authentication objects principal and
* credential
*
* @param auth The Authentication object to be authenticated.
*
* @return The authenticated Authentication object, with it's grantedAuthorities set.
*
* @throws AuthenticationException This implementation does not handle 'locked' or
* 'disabled' accounts. This method only throws a AuthenticationServiceException, with
* the message of the LoginException that will be thrown, should the
* loginContext.login() method fail.
*/
public Authentication authenticate(Authentication auth) throws AuthenticationException {
if (!(auth instanceof UsernamePasswordAuthenticationToken)) {
return null;
}
UsernamePasswordAuthenticationToken request = (UsernamePasswordAuthenticationToken) auth;
Set<GrantedAuthority> authorities;
try {
// Create the LoginContext object, and pass our InternallCallbackHandler
LoginContext loginContext = createLoginContext(new InternalCallbackHandler(auth));
// Attempt to login the user, the LoginContext will call our
// InternalCallbackHandler at this point.
loginContext.login();
// Create a set to hold the authorities, and add any that have already been
// applied.
authorities = new HashSet<GrantedAuthority>();
// Get the subject principals and pass them to each of the AuthorityGranters
Set<Principal> principals = loginContext.getSubject().getPrincipals();
for (Principal principal : principals) {
for (AuthorityGranter granter : this.authorityGranters) {
Set<String> roles = granter.grant(principal);
// return null.
if ((roles != null) && !roles.isEmpty()) {
for (String role : roles) {
authorities.add(new JaasGrantedAuthority(role, principal));
}
}
}
}
// Convert the authorities set back to an array and apply it to the token.
JaasAuthenticationToken result = new JaasAuthenticationToken(request.getPrincipal(), request.getCredentials(), new ArrayList<GrantedAuthority>(authorities), loginContext);
// Publish the success event
publishSuccessEvent(result);
// we're done, return the token.
return result;
} catch (LoginException loginException) {
AuthenticationException ase = this.loginExceptionResolver.resolveException(loginException);
publishFailureEvent(request, ase);
throw ase;
}
}
use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.
the class JdbcUserDetailsManager method findGroupAuthorities.
public List<GrantedAuthority> findGroupAuthorities(String groupName) {
logger.debug("Loading authorities for group '" + groupName + "'");
Assert.hasText(groupName, "groupName should have text");
;
return getJdbcTemplate().query(groupAuthoritiesSql, new String[] { groupName }, new RowMapper<GrantedAuthority>() {
public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException {
String roleName = getRolePrefix() + rs.getString(3);
return new SimpleGrantedAuthority(roleName);
}
});
}
use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.
the class AppRoleTests method getAuthorityReturnsRoleName.
@Test
public void getAuthorityReturnsRoleName() {
GrantedAuthority admin = ADMIN;
assertThat(admin.getAuthority()).isEqualTo("ROLE_ADMIN");
}
Aggregations