Examples with User - org.springframework.security.core.userdetails.User

Example 36 with User

use of org.springframework.security.core.userdetails.User in project spring-boot by spring-projects.

the class AuthenticationAuditListenerTests method testAuthenticationSwitch.

@Test
public void testAuthenticationSwitch() {
    AuditApplicationEvent event = handleAuthenticationEvent(new AuthenticationSwitchUserEvent(new UsernamePasswordAuthenticationToken("user", "password"), new User("user", "password", AuthorityUtils.commaSeparatedStringToAuthorityList("USER"))));
    assertThat(event.getAuditEvent().getType()).isEqualTo(AuthenticationAuditListener.AUTHENTICATION_SWITCH);
}

Also used : User(org.springframework.security.core.userdetails.User) AuditApplicationEvent(org.springframework.boot.actuate.audit.listener.AuditApplicationEvent) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) AuthenticationSwitchUserEvent(org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent) Test(org.junit.Test)

Example 37 with User

use of org.springframework.security.core.userdetails.User in project spring-security by spring-projects.

the class AbstractStatelessTicketCacheTests method getToken.

protected CasAuthenticationToken getToken() {
    List<String> proxyList = new ArrayList<String>();
    proxyList.add("https://localhost/newPortal/login/cas");
    User user = new User("rod", "password", true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
    final Assertion assertion = new AssertionImpl("rod");
    return new CasAuthenticationToken("key", user, "ST-0-ER94xMJmn6pha35CQRoZ", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), user, assertion);
}

Also used : AssertionImpl(org.jasig.cas.client.validation.AssertionImpl) User(org.springframework.security.core.userdetails.User) CasAuthenticationToken(org.springframework.security.cas.authentication.CasAuthenticationToken) ArrayList(java.util.ArrayList) Assertion(org.jasig.cas.client.validation.Assertion)

Example 38 with User

use of org.springframework.security.core.userdetails.User in project spring-security by spring-projects.

the class AuthenticationPrincipalArgumentResolverTests method authenticationPrincipalExpressionWhenBeanExpressionSuppliedThenBeanUsed.

@Test
public void authenticationPrincipalExpressionWhenBeanExpressionSuppliedThenBeanUsed() throws Exception {
    User user = new User("user", "password", AuthorityUtils.createAuthorityList("ROLE_USER"));
    SecurityContext context = SecurityContextHolder.createEmptyContext();
    context.setAuthentication(new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities()));
    SecurityContextHolder.setContext(context);
    MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(wac).build();
    mockMvc.perform(get("/users/self")).andExpect(status().isOk()).andExpect(content().string("extracted-user"));
}

Also used : User(org.springframework.security.core.userdetails.User) SecurityContext(org.springframework.security.core.context.SecurityContext) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) MockMvc(org.springframework.test.web.servlet.MockMvc) Test(org.junit.Test)

Example 39 with User

use of org.springframework.security.core.userdetails.User in project spring-security by spring-projects.

the class UserDeserializer method deserialize.

/**
	 * This method will create {@link User} object. It will ensure successful object creation even if password key is null in
	 * serialized json, because credentials may be removed from the {@link User} by invoking {@link User#eraseCredentials()}.
	 * In that case there won't be any password key in serialized json.
	 *
	 * @param jp the JsonParser
	 * @param ctxt the DeserializationContext
	 * @return the user
	 * @throws IOException if a exception during IO occurs
	 * @throws JsonProcessingException if an error during JSON processing occurs
	 */
@Override
public User deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException, JsonProcessingException {
    ObjectMapper mapper = (ObjectMapper) jp.getCodec();
    JsonNode jsonNode = mapper.readTree(jp);
    Set<GrantedAuthority> authorities = mapper.convertValue(jsonNode.get("authorities"), new TypeReference<Set<SimpleGrantedAuthority>>() {
    });
    JsonNode password = readJsonNode(jsonNode, "password");
    User result = new User(readJsonNode(jsonNode, "username").asText(), password.asText(""), readJsonNode(jsonNode, "enabled").asBoolean(), readJsonNode(jsonNode, "accountNonExpired").asBoolean(), readJsonNode(jsonNode, "credentialsNonExpired").asBoolean(), readJsonNode(jsonNode, "accountNonLocked").asBoolean(), authorities);
    if (password.asText(null) == null) {
        result.eraseCredentials();
    }
    return result;
}

Also used : Set(java.util.Set) User(org.springframework.security.core.userdetails.User) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) JsonNode(com.fasterxml.jackson.databind.JsonNode) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 40 with User

use of org.springframework.security.core.userdetails.User in project spring-security by spring-projects.

the class UserDeserializerTests method deserializeUserWithNullPasswordNoAuthorityTest.

@Test
public void deserializeUserWithNullPasswordNoAuthorityTest() throws Exception {
    String userJsonWithoutPasswordString = removeNode(userWithNoAuthoritiesJson(), mapper, "password");
    User user = mapper.readValue(userJsonWithoutPasswordString, User.class);
    assertThat(user).isNotNull();
    assertThat(user.getUsername()).isEqualTo("admin");
    assertThat(user.getPassword()).isNull();
    assertThat(user.getAuthorities()).isEmpty();
    assertThat(user.isEnabled()).isEqualTo(true);
}

Also used : User(org.springframework.security.core.userdetails.User) Test(org.junit.Test)

Aggregations

User (org.springframework.security.core.userdetails.User)56 Test (org.junit.Test)30 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)17 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)15 UserDetails (org.springframework.security.core.userdetails.UserDetails)14 Authentication (org.springframework.security.core.Authentication)13 GrantedAuthority (org.springframework.security.core.GrantedAuthority)10 ArrayList (java.util.ArrayList)6 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)4 Before (org.junit.Before)3 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3 SecurityContext (org.springframework.security.core.context.SecurityContext)3 FilterChain (javax.servlet.FilterChain)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 Assertion (org.jasig.cas.client.validation.Assertion)2 AssertionImpl (org.jasig.cas.client.validation.AssertionImpl)2 DirContextOperations (org.springframework.ldap.core.DirContextOperations)2 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)2