List of usage examples for org.springframework.security.authentication UsernamePasswordAuthenticationToken getDetails
public Object getDetails()
From source file:org.cloudifysource.security.CloudifyDaoAuthenticationProvider.java
/** * Creates the final <tt>Authentication</tt> object which will be returned * from the <tt>authenticate</tt> method. * /* w w w .j a va 2 s . c om*/ * @param authentication * the original authentication request token * @param user * the <tt>UserDetails</tt> instance returned by the configured * <tt>UserDetailsContextMapper</tt>. * @return the Authentication object for the fully authenticated user. */ protected Authentication createSuccessfulAuthentication( final UsernamePasswordAuthenticationToken authentication, final CloudifyUserDetails user) { logger.finest("starting createSuccessfulAuthentication"); final CustomAuthenticationToken customAuthToken = new CustomAuthenticationToken(user, authentication.getCredentials(), user.getAuthorities(), user.getAuthGroups()); customAuthToken.setDetails(authentication.getDetails()); return customAuthToken; }
From source file:org.geoserver.security.iride.IrideAuthenticationProvider.java
/** * Returns the {@link UsernamePasswordAuthenticationToken} token. * * @param auth the {@link UsernamePasswordAuthenticationToken} token * @return the {@link UsernamePasswordAuthenticationToken} token * @see UsernamePasswordAuthenticationProvider#authenticate(Authentication, HttpServletRequest) *///w w w.j a v a 2 s .c o m private UsernamePasswordAuthenticationToken buildAuthenticationToken(UsernamePasswordAuthenticationToken auth) { if (auth == null) { // pass request to next provider in the chain return null; } if (!auth.getAuthorities().contains(GeoServerRole.AUTHENTICATED_ROLE)) { final List<GrantedAuthority> roles = new ArrayList<>(); roles.addAll(auth.getAuthorities()); roles.add(GeoServerRole.AUTHENTICATED_ROLE); final UsernamePasswordAuthenticationToken newAuth = new UsernamePasswordAuthenticationToken( auth.getPrincipal(), auth.getCredentials(), roles); newAuth.setDetails(auth.getDetails()); return newAuth; } return auth; }
From source file:org.linagora.linshare.auth.dao.LdapAuthenticationProvider.java
@Override protected UserDetails retrieveUser(String login, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { UserDetails loadedUser;/* w ww. ja va 2 s . co m*/ logger.debug("Retrieving user detail for ldap authentication with login : " + login); User foundUser = null; String domainIdentifier = null; // Getting password from context String password = (String) authentication.getCredentials(); if (password.isEmpty()) { String message = "User password is empty, authentification failed"; ldapUserDetailsProvider.logAuthError(login, domainIdentifier, message); logger.error(message); throw new BadCredentialsException(messages .getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials")); } try { // Getting domain from context if (authentication.getDetails() != null && authentication.getDetails() instanceof String) { domainIdentifier = (String) authentication.getDetails(); } foundUser = ldapUserDetailsProvider.retrieveUser(domainIdentifier, login); try { ldapUserDetailsProvider.auth(foundUser.getDomain().getUserProvider(), foundUser.getMail(), password); } catch (BadCredentialsException e1) { logger.debug("Authentication failed: password does not match stored value"); String message = "Bad credentials."; ldapUserDetailsProvider.logAuthError(foundUser, foundUser.getDomainId(), message); logger.error(message); throw new BadCredentialsException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), foundUser); } catch (Exception e) { logger.error(e.getMessage()); throw new AuthenticationServiceException( "Could not authenticate user : " + foundUser.getDomainId() + " : " + foundUser.getMail(), e); } User user = null; try { user = ldapUserDetailsProvider.findOrCreateUser(foundUser.getDomainId(), foundUser.getMail()); } catch (BusinessException e) { logger.error(e); throw new AuthenticationServiceException( "Could not create user account : " + foundUser.getDomainId() + " : " + foundUser.getMail(), e); } List<GrantedAuthority> grantedAuthorities = RoleProvider.getRoles(user); loadedUser = new org.springframework.security.core.userdetails.User(user.getLsUuid(), "", true, true, true, true, grantedAuthorities); } catch (DataAccessException repositoryProblem) { throw new AuthenticationServiceException(repositoryProblem.getMessage(), repositoryProblem); } return loadedUser; }
From source file:org.medici.bia.security.BiaDaoAuthenticationProvider.java
@Override @Transactional(readOnly = false, propagation = Propagation.REQUIRED) protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException { try {// w ww . j a v a 2s. co m Long startTime = System.currentTimeMillis(); super.additionalAuthenticationChecks(userDetails, usernamePasswordAuthenticationToken); User user = getUserDAO().findUser(userDetails.getUsername()); if (!user.getActive()) { throw new DisabledException("User is not activated"); } if (!user.getApproved()) { throw new AccountNotApprovedException( "User has not been approved yet. Wait for an approvation email before logging"); } if (!user.getExpirationDate().after(new Date())) { throw new AccountExpiredException("User is expired"); } if (user.getLocked()) { throw new LockedException("User is locked"); } user.setLastLoginDate(user.getCurrentLoginDate()); user.setCurrentLoginDate(new Date()); user.setBadLogin(0); getUserDAO().merge(user); AccessLog accessLog = new AccessLog(); accessLog.setAccount(userDetails.getUsername()); accessLog.setDateAndTime(new Date(System.currentTimeMillis())); accessLog.setIpAddress(((WebAuthenticationDetails) usernamePasswordAuthenticationToken.getDetails()) .getRemoteAddress()); accessLog.setAction("/loginProcess"); List<UserRole> userRoles = getUserRoleDAO().findUserRoles(user.getAccount()); accessLog.setAuthorities(UserRoleUtils.toString(userRoles)); accessLog.setExecutionTime(System.currentTimeMillis() - startTime); accessLog.setHttpMethod(HttpMethod.POST.toString()); try { getLogService().traceAccessLog(accessLog); // Update the online users in "application context variable" applicationAccessContainer.addOnlineUser(user); } catch (ApplicationThrowable applicationThrowable) { logger.error(applicationThrowable); } logger.info(" Authentication OK"); } catch (AuthenticationException authenticationException) { User user = getUserDAO().findUser(userDetails.getUsername()); if (user != null) { if (!user.getActive()) { throw new DisabledException("User is not activated", authenticationException); } if (!user.getApproved()) { throw new AccountNotApprovedException( "User has not been approved yet. Wait for an approvation email before logging"); } if (!user.getExpirationDate().after(new Date())) { throw new AccountExpiredException("User is expired", authenticationException); } if (user.getLocked()) { throw new LockedException("User is locked", authenticationException); } user.setBadLogin(user.getBadLogin() + 1); Integer badLogin = NumberUtils .createInteger(ApplicationPropertyManager.getApplicationProperty("user.maxBadLogin")); if (user.getBadLogin() > badLogin) { user.setLocked(true); getUserDAO().merge(user); try { getAdminService().addLockedUser(user); } catch (ApplicationThrowable ath) { } } getUserDAO().merge(user); } throw authenticationException; } }
From source file:org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.java
/** * Creates the final {@code Authentication} object which will be returned from the * {@code authenticate} method./*from w w w.j av a 2 s . c o m*/ * * @param authentication the original authentication request token * @param user the <tt>UserDetails</tt> instance returned by the configured * <tt>UserDetailsContextMapper</tt>. * @return the Authentication object for the fully authenticated user. */ protected Authentication createSuccessfulAuthentication(UsernamePasswordAuthenticationToken authentication, UserDetails user) { Object password = useAuthenticationRequestCredentials ? authentication.getCredentials() : user.getPassword(); UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(user, password, authoritiesMapper.mapAuthorities(user.getAuthorities())); result.setDetails(authentication.getDetails()); return result; }
From source file:org.springframework.security.ldap.authentication.LdapAuthenticationProvider.java
/** * Creates the final <tt>Authentication</tt> object which will be returned from the <tt>authenticate</tt> method. * * @param authentication the original authentication request token * @param user the <tt>UserDetails</tt> instance returned by the configured <tt>UserDetailsContextMapper</tt>. * @return the Authentication object for the fully authenticated user. */// ww w . j av a 2 s .c om protected Authentication createSuccessfulAuthentication(UsernamePasswordAuthenticationToken authentication, UserDetails user) { Object password = useAuthenticationRequestCredentials ? authentication.getCredentials() : user.getPassword(); UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities()); result.setDetails(authentication.getDetails()); return result; }