Examples with SecurityContext org.springframework.security.core.context.SecurityContext used on opensource projects

Search in sources :

Example 61 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project ORCID-Source by ORCID.

the class BaseControllerUtilTest method getCurrentUserPreAuthenticatedAuthenticationToken.

@Test
public void getCurrentUserPreAuthenticatedAuthenticationToken() {
    SecurityContext context = mock(SecurityContext.class);
    PreAuthenticatedAuthenticationToken usernamePasswordAuthenticationToken = mock(PreAuthenticatedAuthenticationToken.class);
    OrcidProfileUserDetails orcidProfileUserDetails = mock(OrcidProfileUserDetails.class);
    when(context.getAuthentication()).thenReturn(usernamePasswordAuthenticationToken);
    when(usernamePasswordAuthenticationToken.getPrincipal()).thenReturn(orcidProfileUserDetails);
    assertNotNull(baseControllerUtil.getCurrentUser(context));
}
Also used : SecurityContext(org.springframework.security.core.context.SecurityContext) OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails) PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)

Example 62 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project midpoint by Evolveum.

the class InitialDataImport method init.

public void init() throws SchemaException {
    LOGGER.info("Starting initial object import (if necessary).");
    OperationResult mainResult = new OperationResult(OPERATION_INITIAL_OBJECTS_IMPORT);
    Task task = taskManager.createTaskInstance(OPERATION_INITIAL_OBJECTS_IMPORT);
    task.setChannel(SchemaConstants.CHANNEL_GUI_INIT_URI);
    int count = 0;
    int errors = 0;
    File[] files = getInitialImportObjects();
    LOGGER.debug("Files to be imported: {}.", Arrays.toString(files));
    // We need to provide a fake Spring security context here.
    // We have to fake it because we do not have anything in the repository yet. And to get
    // something to the repository we need a context. Chicken and egg. So we fake the egg.
    SecurityContext securityContext = SecurityContextHolder.getContext();
    UserType userAdministrator = new UserType();
    prismContext.adopt(userAdministrator);
    userAdministrator.setName(new PolyStringType(new PolyString("initAdmin", "initAdmin")));
    MidPointPrincipal principal = new MidPointPrincipal(userAdministrator);
    AuthorizationType superAutzType = new AuthorizationType();
    prismContext.adopt(superAutzType, RoleType.class, new ItemPath(RoleType.F_AUTHORIZATION));
    superAutzType.getAction().add(AuthorizationConstants.AUTZ_ALL_URL);
    Authorization superAutz = new Authorization(superAutzType);
    Collection<Authorization> authorities = principal.getAuthorities();
    authorities.add(superAutz);
    Authentication authentication = new PreAuthenticatedAuthenticationToken(principal, null);
    securityContext.setAuthentication(authentication);
    for (File file : files) {
        try {
            LOGGER.debug("Considering initial import of file {}.", file.getName());
            PrismObject object = prismContext.parseObject(file);
            if (ReportType.class.equals(object.getCompileTimeClass())) {
                ReportTypeUtil.applyDefinition(object, prismContext);
            }
            Boolean importObject = importObject(object, file, task, mainResult);
            if (importObject == null) {
                continue;
            }
            if (importObject) {
                count++;
            } else {
                errors++;
            }
        } catch (Exception ex) {
            LoggingUtils.logUnexpectedException(LOGGER, "Couldn't import file {}", ex, file.getName());
            mainResult.recordFatalError("Couldn't import file '" + file.getName() + "'", ex);
        }
    }
    securityContext.setAuthentication(null);
    mainResult.recomputeStatus("Couldn't import objects.");
    LOGGER.info("Initial object import finished ({} objects imported, {} errors)", count, errors);
    if (LOGGER.isTraceEnabled()) {
        LOGGER.trace("Initialization status:\n" + mainResult.debugDump());
    }
}
Also used : PolyStringType(com.evolveum.prism.xml.ns._public.types_3.PolyStringType) Task(com.evolveum.midpoint.task.api.Task) PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) URISyntaxException(java.net.URISyntaxException) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) IOException(java.io.IOException) Authorization(com.evolveum.midpoint.security.api.Authorization) PrismObject(com.evolveum.midpoint.prism.PrismObject) Authentication(org.springframework.security.core.Authentication) PolyString(com.evolveum.midpoint.prism.polystring.PolyString) SecurityContext(org.springframework.security.core.context.SecurityContext) AuthorizationType(com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType) File(java.io.File) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType) MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Example 63 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project midpoint by Evolveum.

the class AbstractModelIntegrationTest method assertNotAuthorized.

protected void assertNotAuthorized(MidPointPrincipal principal, String action, AuthorizationPhaseType phase) throws SchemaException {
    SecurityContext origContext = SecurityContextHolder.getContext();
    createSecurityContext(principal);
    boolean isAuthorized = securityEnforcer.isAuthorized(action, phase, null, null, null, null);
    SecurityContextHolder.setContext(origContext);
    assertFalse("AuthorizationEvaluator.isAuthorized: Principal " + principal + " IS authorized for action " + action + " (" + phase + ") but he should not be", isAuthorized);
}
Also used : SecurityContext(org.springframework.security.core.context.SecurityContext)

Example 64 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project midpoint by Evolveum.

the class AbstractModelIntegrationTest method assertAuthorized.

protected void assertAuthorized(MidPointPrincipal principal, String action, AuthorizationPhaseType phase) throws SchemaException {
    SecurityContext origContext = SecurityContextHolder.getContext();
    createSecurityContext(principal);
    try {
        assertTrue("AuthorizationEvaluator.isAuthorized: Principal " + principal + " NOT authorized for action " + action, securityEnforcer.isAuthorized(action, phase, null, null, null, null));
        if (phase == null) {
            securityEnforcer.decide(SecurityContextHolder.getContext().getAuthentication(), createSecureObject(), createConfigAttributes(action));
        }
    } finally {
        SecurityContextHolder.setContext(origContext);
    }
}
Also used : SecurityContext(org.springframework.security.core.context.SecurityContext)

Example 65 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project midpoint by Evolveum.

the class SecurityEnforcerImpl method setupPreAuthenticatedSecurityContext.

@Override
public void setupPreAuthenticatedSecurityContext(Authentication authentication) {
    SecurityContext securityContext = SecurityContextHolder.getContext();
    securityContext.setAuthentication(authentication);
}
Also used : SecurityContext(org.springframework.security.core.context.SecurityContext)

Aggregations

SecurityContext (org.springframework.security.core.context.SecurityContext)147 Test (org.junit.Test)65 Authentication (org.springframework.security.core.Authentication)63 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)46 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)46 MifosUser (org.mifos.security.MifosUser)38 MifosUserBuilder (org.mifos.builders.MifosUserBuilder)29 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)21 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)19 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)19 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)16 HttpServletResponse (javax.servlet.http.HttpServletResponse)15 Before (org.junit.Before)15 GrantedAuthority (org.springframework.security.core.GrantedAuthority)13 ArrayList (java.util.ArrayList)10 HttpServletRequest (javax.servlet.http.HttpServletRequest)8 PrepareOnlyThisForTest (org.powermock.core.classloader.annotations.PrepareOnlyThisForTest)7 SessionDestroyedEvent (org.springframework.security.core.session.SessionDestroyedEvent)7 HttpSession (javax.servlet.http.HttpSession)6 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial