List of usage examples for org.springframework.security.authentication UsernamePasswordAuthenticationToken setDetails
public void setDetails(Object details)
From source file:org.springframework.cloud.security.oauth2.resource.UserInfoTokenServices.java
private OAuth2Authentication extractAuthentication(Map<String, Object> map) { UsernamePasswordAuthenticationToken user = new UsernamePasswordAuthenticationToken(getPrincipal(map), "N/A", AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER")); user.setDetails(map); OAuth2Request request = new OAuth2Request(null, clientId, null, true, null, null, null, null, null); return new OAuth2Authentication(request, user); }
From source file:org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.java
/** * Creates a successful {@link Authentication} object. * <p>/*from ww w . j av a 2s .co m*/ * Protected so subclasses can override. * </p> * <p> * Subclasses will usually store the original credentials the user supplied (not * salted or encoded passwords) in the returned <code>Authentication</code> object. * </p> * * @param principal that should be the principal in the returned object (defined by * the {@link #isForcePrincipalAsString()} method) * @param authentication that was presented to the provider for validation * @param user that was loaded by the implementation * * @return the successful authentication token */ protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) { // Ensure we return the original credentials the user supplied, // so subsequent attempts are successful even with encoded passwords. // Also ensure we return the original getDetails(), so that future // authentication events after cache expiry contain the details UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(principal, authentication.getCredentials(), authoritiesMapper.mapAuthorities(user.getAuthorities())); result.setDetails(authentication.getDetails()); return result; }
From source file:org.springframework.security.extensions.kerberos.KerberosAuthenticationProvider.java
public Authentication authenticate(Authentication authentication) throws AuthenticationException { UsernamePasswordAuthenticationToken auth = (UsernamePasswordAuthenticationToken) authentication; String validatedUsername = kerberosClient.login(auth.getName(), auth.getCredentials().toString()); UserDetails userDetails = this.userDetailsService.loadUserByUsername(validatedUsername); UsernamePasswordAuthenticationToken output = new UsernamePasswordAuthenticationToken(userDetails, auth.getCredentials(), userDetails.getAuthorities()); output.setDetails(authentication.getDetails()); return output; }
From source file:org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.java
/** * Creates the final {@code Authentication} object which will be returned from the * {@code authenticate} method./* ww w. ja va2s .c om*/ * * @param authentication the original authentication request token * @param user the <tt>UserDetails</tt> instance returned by the configured * <tt>UserDetailsContextMapper</tt>. * @return the Authentication object for the fully authenticated user. */ protected Authentication createSuccessfulAuthentication(UsernamePasswordAuthenticationToken authentication, UserDetails user) { Object password = useAuthenticationRequestCredentials ? authentication.getCredentials() : user.getPassword(); UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(user, password, authoritiesMapper.mapAuthorities(user.getAuthorities())); result.setDetails(authentication.getDetails()); return result; }
From source file:org.springframework.security.ldap.authentication.LdapAuthenticationProvider.java
/** * Creates the final <tt>Authentication</tt> object which will be returned from the <tt>authenticate</tt> method. * * @param authentication the original authentication request token * @param user the <tt>UserDetails</tt> instance returned by the configured <tt>UserDetailsContextMapper</tt>. * @return the Authentication object for the fully authenticated user. */// w ww . j a v a 2 s. co m protected Authentication createSuccessfulAuthentication(UsernamePasswordAuthenticationToken authentication, UserDetails user) { Object password = useAuthenticationRequestCredentials ? authentication.getCredentials() : user.getPassword(); UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(user, password, user.getAuthorities()); result.setDetails(authentication.getDetails()); return result; }
From source file:org.springframework.security.oauth2.provider.endpoint.TokenEndpointAuthenticationFilter.java
/** * If the incoming request contains user credentials in headers or parameters then extract them here into an * Authentication token that can be validated later. This implementation only recognises password grant requests and * extracts the username and password./*w w w.j av a2s . c om*/ * * @param request the incoming request, possibly with user credentials * @return an authentication for validation (or null if there is no further authentication) */ protected Authentication extractCredentials(HttpServletRequest request) { String grantType = request.getParameter("grant_type"); if (grantType != null && grantType.equals("password")) { UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken( request.getParameter("username"), request.getParameter("password")); result.setDetails(authenticationDetailsSource.buildDetails(request)); return result; } return null; }
From source file:org.springframework.security.provisioning.JdbcUserDetailsManager.java
protected Authentication createNewAuthentication(Authentication currentAuth, String newPassword) { UserDetails user = loadUserByUsername(currentAuth.getName()); UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());//from w ww .j av a 2s . c o m newAuthentication.setDetails(currentAuth.getDetails()); return newAuthentication; }
From source file:org.springframework.security.ui.ntlm.NtlmAuthenticationFilter.java
/** * Authenticates the user credentials acquired from NTLM against the Spring * Security <code>AuthenticationManager</code>. * * @param request the <code>HttpServletRequest</code> object. * @param response the <code>HttpServletResponse</code> object. * @param session the <code>HttpSession</code> object. * @param auth the <code>NtlmPasswordAuthentication</code> object. * @throws IOException//from ww w. j a va2s. c om */ private void authenticate(final HttpServletRequest request, final HttpServletResponse response, final HttpSession session, final NtlmPasswordAuthentication auth) throws IOException { final Authentication authResult; final UsernamePasswordAuthenticationToken authRequest; final Authentication backupAuth; authRequest = new NtlmUsernamePasswordAuthenticationToken(auth, stripDomain); authRequest.setDetails(authenticationDetailsSource.buildDetails(request)); // Place the last username attempted into HttpSession for views // session.setAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY, authRequest.getName()); // Replace in your code by : // SecurityContextHolder.getContext().getAuthentication().getPrincipal(); // Backup the current authentication in case of an AuthenticationException backupAuth = SecurityContextHolder.getContext().getAuthentication(); try { // Authenticate the user with the authentication manager authResult = authenticationManager.authenticate(authRequest); } catch (AuthenticationException failed) { if (LOGGER.isInfoEnabled()) { LOGGER.info("Authentication request for user: " + authRequest.getName() + " failed: " + failed.toString()); } // Reset the backup Authentication object and rethrow the AuthenticationException SecurityContextHolder.getContext().setAuthentication(backupAuth); if (retryOnAuthFailure && (failed instanceof AuthenticationCredentialsNotFoundException || failed instanceof InsufficientAuthenticationException)) { LOGGER.debug("Restart NTLM authentication handshake due to AuthenticationException"); session.setAttribute(STATE_ATTR, BEGIN); throw new NtlmBeginHandshakeException(); } throw failed; } // Set the Authentication object with the valid authentication result SecurityContextHolder.getContext().setAuthentication(authResult); }
From source file:org.springframework.security.web.authentication.www.BasicAuthenticationFilterTests.java
@Before public void setUp() throws Exception { SecurityContextHolder.clearContext(); UsernamePasswordAuthenticationToken rodRequest = new UsernamePasswordAuthenticationToken("rod", "koala"); rodRequest.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest())); Authentication rod = new UsernamePasswordAuthenticationToken("rod", "koala", AuthorityUtils.createAuthorityList("ROLE_1")); manager = mock(AuthenticationManager.class); when(manager.authenticate(rodRequest)).thenReturn(rod); when(manager.authenticate(not(eq(rodRequest)))).thenThrow(new BadCredentialsException("")); filter = new BasicAuthenticationFilter(manager, new BasicAuthenticationEntryPoint()); }
From source file:org.springframework.security.web.authentication.www.DigestAuthenticationFilter.java
private Authentication createSuccessfulAuthentication(HttpServletRequest request, UserDetails user) { UsernamePasswordAuthenticationToken authRequest; if (this.createAuthenticatedToken) { authRequest = new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities()); } else {//from w w w . j a v a 2s . c o m authRequest = new UsernamePasswordAuthenticationToken(user, user.getPassword()); } authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request)); return authRequest; }