use of org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken in project midpoint by Evolveum.
the class InitialDataImport method init.
public void init() throws SchemaException {
LOGGER.info("Starting initial object import (if necessary).");
OperationResult mainResult = new OperationResult(OPERATION_INITIAL_OBJECTS_IMPORT);
Task task = taskManager.createTaskInstance(OPERATION_INITIAL_OBJECTS_IMPORT);
task.setChannel(SchemaConstants.CHANNEL_GUI_INIT_URI);
int count = 0;
int errors = 0;
File[] files = getInitialImportObjects();
LOGGER.debug("Files to be imported: {}.", Arrays.toString(files));
// We need to provide a fake Spring security context here.
// We have to fake it because we do not have anything in the repository yet. And to get
// something to the repository we need a context. Chicken and egg. So we fake the egg.
SecurityContext securityContext = SecurityContextHolder.getContext();
UserType userAdministrator = new UserType();
prismContext.adopt(userAdministrator);
userAdministrator.setName(new PolyStringType(new PolyString("initAdmin", "initAdmin")));
MidPointPrincipal principal = new MidPointPrincipal(userAdministrator);
AuthorizationType superAutzType = new AuthorizationType();
prismContext.adopt(superAutzType, RoleType.class, new ItemPath(RoleType.F_AUTHORIZATION));
superAutzType.getAction().add(AuthorizationConstants.AUTZ_ALL_URL);
Authorization superAutz = new Authorization(superAutzType);
Collection<Authorization> authorities = principal.getAuthorities();
authorities.add(superAutz);
Authentication authentication = new PreAuthenticatedAuthenticationToken(principal, null);
securityContext.setAuthentication(authentication);
for (File file : files) {
try {
LOGGER.debug("Considering initial import of file {}.", file.getName());
PrismObject object = prismContext.parseObject(file);
if (ReportType.class.equals(object.getCompileTimeClass())) {
ReportTypeUtil.applyDefinition(object, prismContext);
}
Boolean importObject = importObject(object, file, task, mainResult);
if (importObject == null) {
continue;
}
if (importObject) {
count++;
} else {
errors++;
}
} catch (Exception ex) {
LoggingUtils.logUnexpectedException(LOGGER, "Couldn't import file {}", ex, file.getName());
mainResult.recordFatalError("Couldn't import file '" + file.getName() + "'", ex);
}
}
securityContext.setAuthentication(null);
mainResult.recomputeStatus("Couldn't import objects.");
LOGGER.info("Initial object import finished ({} objects imported, {} errors)", count, errors);
if (LOGGER.isTraceEnabled()) {
LOGGER.trace("Initialization status:\n" + mainResult.debugDump());
}
}
use of org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken in project midpoint by Evolveum.
the class MidPointAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String enteredUsername = (String) authentication.getPrincipal();
LOGGER.trace("Authenticating username '{}'", enteredUsername);
ConnectionEnvironment connEnv = ConnectionEnvironment.create(SchemaConstants.CHANNEL_GUI_USER_URI);
Authentication token;
if (authentication instanceof UsernamePasswordAuthenticationToken) {
String enteredPassword = (String) authentication.getCredentials();
token = passwordAuthenticationEvaluator.authenticate(connEnv, new PasswordAuthenticationContext(enteredUsername, enteredPassword));
} else if (authentication instanceof PreAuthenticatedAuthenticationToken) {
token = passwordAuthenticationEvaluator.authenticateUserPreAuthenticated(connEnv, enteredUsername);
} else {
LOGGER.error("Unsupported authentication {}", authentication);
throw new AuthenticationServiceException("web.security.provider.unavailable");
}
MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
return token;
}
use of org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken in project ORCID-Source by ORCID.
the class SourceManagerImpl method getRealUserIfInDelegationMode.
private String getRealUserIfInDelegationMode(Authentication authentication) {
if (authentication != null) {
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
if (authorities != null) {
for (GrantedAuthority authority : authorities) {
if (authority instanceof SwitchUserGrantedAuthority) {
SwitchUserGrantedAuthority suga = (SwitchUserGrantedAuthority) authority;
Authentication sourceAuthentication = suga.getSource();
if ((sourceAuthentication instanceof UsernamePasswordAuthenticationToken || sourceAuthentication instanceof PreAuthenticatedAuthenticationToken) && sourceAuthentication.getPrincipal() instanceof OrcidProfileUserDetails) {
return ((OrcidProfileUserDetails) sourceAuthentication.getPrincipal()).getOrcid();
}
}
}
}
}
return null;
}
use of org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken in project ORCID-Source by ORCID.
the class BaseControllerUtilTest method getCurrentUserPreAuthenticatedAuthenticationToken.
@Test
public void getCurrentUserPreAuthenticatedAuthenticationToken() {
SecurityContext context = mock(SecurityContext.class);
PreAuthenticatedAuthenticationToken usernamePasswordAuthenticationToken = mock(PreAuthenticatedAuthenticationToken.class);
OrcidProfileUserDetails orcidProfileUserDetails = mock(OrcidProfileUserDetails.class);
when(context.getAuthentication()).thenReturn(usernamePasswordAuthenticationToken);
when(usernamePasswordAuthenticationToken.getPrincipal()).thenReturn(orcidProfileUserDetails);
assertNotNull(baseControllerUtil.getCurrentUser(context));
}
use of org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken in project opennms by OpenNMS.
the class SpringSecurityContextServiceTest method setUp.
@Before
public void setUp() throws Exception {
SecurityContext context = new SecurityContextImpl();
User principal = new User(USERNAME, PASS, true, true, true, true, Arrays.asList(new GrantedAuthority[] { ROLE_ADMIN, ROLE_PROVISION }));
org.springframework.security.core.Authentication auth = new PreAuthenticatedAuthenticationToken(principal, new Object());
context.setAuthentication(auth);
SecurityContextHolder.setContext(context);
this.m_securityContextService = new SpringSecurityContextService();
}
Aggregations