Example usage for org.springframework.security.core Authentication getAuthorities

List of usage examples for org.springframework.security.core Authentication getAuthorities

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.core.*
  5. Authentication
  6. getAuthorities

Introduction

In this page you can find the example usage for org.springframework.security.core Authentication getAuthorities.

Prototype

Collection<? extends GrantedAuthority> getAuthorities();

Source Link

Document

Set by an AuthenticationManager to indicate the authorities that the principal has been granted.

Usage

From source file:nz.net.orcon.kanban.security.GravityPermissionEvaluator.java

public boolean isAuthorised(Authentication authentication, Map<String, String> roles, List<String> filter) {

    if (authentication == null) {
        LOG.warn("No Authentication");
        return false;
    }//from   w  ww .  j  a v  a 2 s  . com

    String username = (String) authentication.getPrincipal();

    Set<String> teams = new HashSet<String>();
    for (GrantedAuthority authority : authentication.getAuthorities()) {
        teams.add(authority.getAuthority());
    }

    for (Entry<String, String> entry : roles.entrySet()) {
        if (filter == null || filter.contains(entry.getValue())) {
            if (username.equals(entry.getKey())) {
                return true;
            }
            if (teams.contains(entry.getKey())) {
                return true;
            }
        }
    }
    LOG.warn("Unauthorized: " + username);
    return false;
}

From source file:org.meruvian.yama.webapi.config.oauth.UserTokenConverter.java

public Map<String, ?> convertUserAuthentication(Authentication authentication) {
    Map<String, Object> response = new LinkedHashMap<String, Object>();
    response.put(USERNAME, authentication.getName());

    if (authentication.getPrincipal() instanceof DefaultUserDetails) {
        DefaultUserDetails details = (DefaultUserDetails) authentication.getPrincipal();
        response.put(USER_ID, details.getId());
    }/*w  w w . ja va2s.c om*/

    if (authentication.getAuthorities() != null && !authentication.getAuthorities().isEmpty()) {
        response.put(AUTHORITIES, AuthorityUtils.authorityListToSet(authentication.getAuthorities()));
    }

    return response;
}

From source file:com.sonymobile.backlogtool.HomeController.java

private boolean isLoggedIn() {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    GrantedAuthority anonymous = new GrantedAuthorityImpl("ROLE_ANONYMOUS");
    return !auth.getAuthorities().contains(anonymous);
}

From source file:org.xaloon.wicket.security.spring.SpringSecurityFacade.java

@Override
public boolean hasAny(String... roles) {
    boolean result = false;
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null) {
        return result;
    }/*from   w  ww.  ja  v a  2  s . c  o  m*/
    for (String role : roles) {
        for (GrantedAuthority authority : authentication.getAuthorities()) {
            if (authority.getAuthority().equalsIgnoreCase(role)) {
                result = true;
                break;
            }
        }
    }
    return result;
}

From source file:ch.astina.hesperid.web.components.security.IfRole.java

@SuppressWarnings("unchecked")
private Collection getPrincipalAuthorities() {
    Authentication currentUser = null;
    currentUser = SecurityContextHolder.getContext().getAuthentication();

    if (null == currentUser) {
        return Collections.EMPTY_LIST;
    }/*from  w w w .j ava  2  s .c o m*/

    if ((null == currentUser.getAuthorities()) || (currentUser.getAuthorities().size() < 1)) {
        return Collections.EMPTY_LIST;
    }

    Collection granted = Arrays.asList(currentUser.getAuthorities());
    return granted;
}

From source file:org.openvpms.component.business.service.security.ArchetypeAwareVoter.java

/**
 * Verifies that access is granted to each archetype.
 *
 * @param shortNames     the archetype short names
 * @param authentication the authentication
 * @param attribute      the config attribute
 * @return <tt>ACCESS_GRANTED</tt> if access is granted;
 *         otherwise <tt>ACCESS_DENIED</tt>.
 *//* w ww. j  a  va 2  s.c o  m*/
private int isAccessGranted(String[] shortNames, Authentication authentication, ConfigAttribute attribute) {
    boolean granted = false;
    for (String shortName : shortNames) {
        granted = false;
        // Attempt to find a matching granted authority
        for (GrantedAuthority authority : authentication.getAuthorities()) {
            if (isAccessGranted((ArchetypeAwareGrantedAuthority) authority, attribute, shortName)) {
                granted = true;
                break;
            }
        }
        if (!granted) {
            if (log.isWarnEnabled()) {
                log.warn("Access denied to principal=" + authentication.getPrincipal() + ", operation="
                        + attribute.getAttribute() + ", archetype=" + shortName);
            }
            break;
        }
    }
    return (granted) ? ACCESS_GRANTED : ACCESS_DENIED;
}

From source file:de.blizzy.documentr.access.DocumentrPermissionEvaluator.java

public boolean hasAnyBranchPermission(Authentication authentication, String projectName,
        Permission permission) {//ww  w  . ja  v a2s  .  co m
    String targetIdPrefix = projectName + "/"; //$NON-NLS-1$
    for (GrantedAuthority authority : authentication.getAuthorities()) {
        if (authority instanceof PermissionGrantedAuthority) {
            PermissionGrantedAuthority pga = (PermissionGrantedAuthority) authority;
            GrantedAuthorityTarget target = pga.getTarget();
            Type type = target.getType();
            String id = target.getTargetId();
            if ((type == Type.BRANCH) && id.startsWith(targetIdPrefix) && hasPermission(pga, permission)) {

                return true;
            }
        }
    }
    return hasProjectPermission(authentication, projectName, permission);
}

From source file:at.ac.univie.isc.asio.security.HttpMethodRestrictionFilter.java

@Override
public void doFilter(final ServletRequest servletRequest, final ServletResponse response,
        final FilterChain chain) throws IOException, ServletException {
    final HttpServletRequest request = (HttpServletRequest) servletRequest;
    final Authentication authentication = org.springframework.security.core.context.SecurityContextHolder
            .getContext().getAuthentication();
    if (authentication != null && HttpMethod.GET.name().equalsIgnoreCase(request.getMethod())) {
        logger.debug("applying " + RESTRICTION + " to " + authentication);
        Set<GrantedAuthority> restricted = RESTRICTION.mapAuthorities(authentication.getAuthorities());
        if (restricted.isEmpty()) { // anonymous and remember me tokens require at least one authority
            restricted = Collections.<GrantedAuthority>singleton(Role.NONE);
        }/*  ww  w.  j a v  a  2s  .co m*/
        if (!restricted.containsAll(authentication.getAuthorities())) {
            final AbstractAuthenticationToken replacement = copy(authentication, restricted);
            replacement.setDetails(authentication.getDetails());
            logger.debug("injecting " + replacement);
            org.springframework.security.core.context.SecurityContextHolder.getContext()
                    .setAuthentication(replacement);
        } else {
            logger.debug("skip restricting " + authentication + " as it contains no restricted authorities");
        }
    } else {
        logger.debug("skip restricting " + authentication + " on HTTP method " + request.getMethod());
    }
    chain.doFilter(request, response);
}