use of org.springframework.security.providers.ExpiringUsernameAuthenticationToken in project pentaho-engineering-samples by pentaho.
the class PentahoSamlAuthenticationSuccessHandler method onAuthenticationSuccess.
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
try {
if (authentication instanceof ExpiringUsernameAuthenticationToken) {
// since no expiration date is passed, this token's behaviour is the same as UsernamePasswordAuthenticationToken
// also, we would have a hard time supporting a supporting a saml-specific token like this
// ExpiringUsernameAuthenticationToken in ss2-proxies / ss4-proxies
//
// http://docs.spring.io/spring-security-saml/docs/current/api/org/springframework/security/providers/ExpiringUsernameAuthenticationToken.html
authentication = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), authentication.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
}
// legacy spring ( i.e. non-osgi spring.framework ) SecurityContext storing
IProxyFactory factory = PentahoSystem.get(IProxyFactory.class);
Object securityContextProxy = null;
if (requireProxyWrapping) {
securityContextProxy = factory.createProxy(SecurityContextHolder.getContext());
request.setAttribute(SPRING_SECURITY_CONTEXT_KEY, securityContextProxy);
} else {
request.setAttribute(SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
}
// pentaho auth storing
// $NON-NLS-1$
logger.info("synchronizing current IPentahoSession with SecurityContext");
IPentahoSession pentahoSession = PentahoSessionHolder.getSession();
Assert.notNull(pentahoSession, "PentahoSessionHolder doesn't have a session");
pentahoSession.setAuthenticated(authentication.getName());
// Note: spring-security 2 expects an *array* of GrantedAuthorities ( ss4 uses a list )
pentahoSession.setAttribute(IPentahoSession.SESSION_ROLES, requireProxyWrapping ? proxyGrantedAuthorities(factory, authentication.getAuthorities()) : authentication.getAuthorities());
// time to create this user's home folder
createUserHomeFolder(authentication.getName());
super.onAuthenticationSuccess(request, new SamlOnRedirectUpdateSessionResponseWrapper(response, request, true, 0, requireProxyWrapping ? securityContextProxy : SecurityContextHolder.getContext(), authentication), authentication);
} catch (Exception e) {
logger.error(e.getLocalizedMessage(), e);
}
}
use of org.springframework.security.providers.ExpiringUsernameAuthenticationToken in project webcert by sklintyg.
the class FakeElegAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
SAMLCredential credential = createSamlCredential(authentication);
Object details = elegWebCertUserDetailsService.loadUserBySAML(credential);
ExpiringUsernameAuthenticationToken result = new ExpiringUsernameAuthenticationToken(null, details, credential, new ArrayList<>());
result.setDetails(details);
return result;
}
use of org.springframework.security.providers.ExpiringUsernameAuthenticationToken in project webcert by sklintyg.
the class CommonFakeAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication token) throws AuthenticationException {
SAMLCredential credential = createSamlCredential(token);
Object details = userDetails.loadUserBySAML(credential);
addAbsentAttributesFromFakeCredentials(token, details);
selectVardenhetFromFakeCredentials(token, details);
overrideSekretessMarkeringFromFakeCredentials(token, details);
updateFeatures(details);
applyUserOrigin(token, details);
applyAuthenticationMethod(token, details);
applyPersonalNumberForBankID(token, details);
ExpiringUsernameAuthenticationToken result = new ExpiringUsernameAuthenticationToken(null, details, credential, new ArrayList<>());
result.setDetails(details);
return result;
}
Aggregations