List of usage examples for org.springframework.security.core Authentication getAuthorities
Collection<? extends GrantedAuthority> getAuthorities();
AuthenticationManager to indicate the authorities that the principal has been granted. From source file:org.jamwiki.authentication.WikiUserDetails.java
/** * Utility method for converting a Spring Security <code>Authentication</code> * object into a <code>WikiUserDetails</code>. If the user is logged-in then the * <code>Authentication</code> object will have the <code>WikiUserDetails</code> * as its principal. If the user is not logged in then create an empty * <code>WikiUserDetails</code> object and assign it the same authorities as the * <code>Authentication</code> object. * * @param auth The Spring Security <code>Authentication</code> object that is being * converted into a <code>WikiUserDetails</code> object. * @return Returns a <code>WikiUserDetails</code> object that corresponds to the * Spring Security <code>Authentication</code> object. If the user is not currently * logged-in then an empty <code>WikiUserDetails</code> with the same authorities * as the <code>Authentication</code> object is returned. This method * will never return <code>null</code>. * @throws AuthenticationCredentialsNotFoundException If authentication * credentials are unavailable.//from w w w. jav a2 s . co m */ public static WikiUserDetails initWikiUserDetails(Authentication auth) throws AuthenticationCredentialsNotFoundException { if (auth == null) { throw new AuthenticationCredentialsNotFoundException("No authentication credential available"); } if (auth instanceof AnonymousAuthenticationToken || !(auth.getPrincipal() instanceof UserDetails)) { // anonymous user return new WikiUserDetails(ANONYMOUS_USER_USERNAME, "", true, true, true, true, auth.getAuthorities()); } // logged-in (or remembered) user if (auth.getPrincipal() instanceof WikiUserDetails) { return (WikiUserDetails) auth.getPrincipal(); } return new WikiUserDetails((UserDetails) auth.getPrincipal()); }
From source file:org.jwebsocket.plugins.system.SystemPlugIn.java
/** * Logon a user given the username and password by using the Spring Security module * * @param aConnector/*from ww w . ja va2s. c o m*/ * @param aToken The token with the username and password */ void logon(WebSocketConnector aConnector, Token aToken) { TokenServer lServer = getServer(); if (aConnector.getSession().isAuthenticated()) { lServer.sendToken(aConnector, lServer.createErrorToken(aToken, -1, "is authenticated")); return; } String lUsername = aToken.getString("username"); String lPassword = aToken.getString("password"); if (mLog.isDebugEnabled()) { mLog.debug("Starting authentication ..."); } Authentication lAuthRequest = new UsernamePasswordAuthenticationToken(lUsername, lPassword); Authentication lAuthResult; try { lAuthResult = getAuthProvMgr().authenticate(lAuthRequest); } catch (AuthenticationException ex) { String lMsg = ex.getClass().getSimpleName() + ": " + ex.getMessage(); Token lResponse = getServer().createErrorToken(aToken, -1, lMsg); lResponse.setString("username", lUsername); sendToken(aConnector, aConnector, lResponse); if (mLog.isDebugEnabled()) { mLog.debug(lMsg); } return; // stop the execution flow } if (mLog.isDebugEnabled()) { mLog.debug("Authentication successful. Updating the user session (id: " + (null != aConnector.getSession() ? aConnector.getSession().getSessionId() : "[null]") + ", storage: " + (null != aConnector.getSession() ? aConnector.getSession().getStorage() : "[null]") + ")..."); } // getting the session Map<String, Object> lSession = aConnector.getSession().getStorage(); // setting the is_authenticated flag lSession.put(IS_AUTHENTICATED, lAuthResult.isAuthenticated()); // setting the connector username aConnector.setUsername(lUsername); // setting the uuid String lUUID; Object lDetails = lAuthResult.getDetails(); if (null != lDetails && lDetails instanceof IUserUniqueIdentifierContainer) { lUUID = ((IUserUniqueIdentifierContainer) lDetails).getUUID(); } else { lUUID = lUsername; } lSession.put(UUID, lUUID); // setting the authorities String lAuthorities = ""; for (GrantedAuthority lGA : lAuthResult.getAuthorities()) { lAuthorities = lAuthorities.concat(lGA.getAuthority() + " "); } // storing the user authorities as a string to avoid serialization problems lSession.put(AUTHORITIES, lAuthorities); // creating the response Token lResponse = createResponse(aToken); lResponse.setString("uuid", lUUID); lResponse.setString("username", lUsername); lResponse.setList("authorities", Tools.parseStringArrayToList(lAuthorities.split(" "))); // sending the response to requester sendToken(aConnector, lResponse); // sending response to clients that share the requester session getServer().broadcastToSharedSession(aConnector.getId(), aConnector.getSession().getSessionId(), lResponse, false); if (mLog.isDebugEnabled()) { mLog.debug("Logon process finished successfully!"); } // if successfully logged in... if (lUsername != null) { // broadcast "login event" to other clients broadcastLoginEvent(aConnector); } }
From source file:org.ligoj.app.http.security.TrustedAuthenticationProvider.java
@Override public Authentication authenticate(final Authentication authentication) { final String userName = StringUtils.lowerCase(authentication.getPrincipal().toString()); return new UsernamePasswordAuthenticationToken(userName, "N/A", authentication.getAuthorities()); }
From source file:org.mrgeo.services.SecurityUtils.java
public static Properties getProviderProperties() { Properties providerProperties = null; SecurityContext secCtx = SecurityContextHolder.getContext(); if (secCtx != null) { Authentication a = secCtx.getAuthentication(); if (a != null) { providerProperties = new Properties(); java.util.Collection<? extends GrantedAuthority> auths = a.getAuthorities(); String[] roles = new String[auths.size()]; int i = 0; for (GrantedAuthority auth : auths) { roles[i] = auth.getAuthority(); i++;/*from ww w . ja v a 2 s . c om*/ } DataProviderFactory.setProviderProperty(DataProviderFactory.PROVIDER_PROPERTY_USER_NAME, a.getName(), providerProperties); DataProviderFactory.setProviderProperty(DataProviderFactory.PROVIDER_PROPERTY_USER_ROLES, StringUtils.join(roles, ","), providerProperties); } } return providerProperties; }
From source file:org.mskcc.cbio.portal.util.CancerStudyPermissionEvaluator.java
private Set<String> getGrantedAuthorities(Authentication authentication) { String appName = GlobalProperties.getAppName().toUpperCase(); Set<String> allAuthorities = AuthorityUtils.authorityListToSet(authentication.getAuthorities()); Set<String> grantedAuthorities = new HashSet<>(); if (GlobalProperties.filterGroupsByAppName()) { for (String au : allAuthorities) { if (au.toUpperCase().startsWith(appName + ":")) { grantedAuthorities.add(au.substring(appName.length() + 1)); }//from www . j a v a 2s.c om } } else { grantedAuthorities = allAuthorities; } // all users are allowed access to PUBLIC studies if (AccessControl.PUBLIC_CANCER_STUDIES_GROUP != null) { grantedAuthorities.add(AccessControl.PUBLIC_CANCER_STUDIES_GROUP.toUpperCase()); } return grantedAuthorities; }
From source file:org.ojbc.web.security.SecurityContextUtils.java
public static boolean hasAuthority(Authentication authentication, Authorities authority) { for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) { if (grantedAuthority.getAuthority().equals(authority.name())) return true; }/*from w ww.java 2 s.c o m*/ return false; }
From source file:org.opendatakit.common.security.spring.UserServiceImpl.java
@Override public User getCurrentUser() { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); return internalGetUser(auth.getName(), auth.getAuthorities()); }
From source file:org.orcid.core.manager.impl.OrcidProfileManagerReadOnlyImpl.java
protected boolean haveSystemRole() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null) { Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); if (authorities != null) { return authorities.contains(new SimpleGrantedAuthority("ROLE_SYSTEM")); }// w ww . ja v a2 s. c o m } return false; }
From source file:org.orcid.core.security.DefaultPermissionChecker.java
/** * Obtain the current users' permission and return the * {@link org.orcid.jaxb.model.message.Visibility} array containing those * // w w w. j ava2 s .c o m * @param authentication * the object containing the user's security information * @return the {@alink Visibility} array of the current user */ @Override public Set<Visibility> obtainVisibilitiesForAuthentication(Authentication authentication, ScopePathType requiredScope, OrcidMessage orcidMessage) { Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); if (authoritiesHasRole(authorities, "ROLE_SYSTEM")) { return new HashSet<Visibility>(Arrays.asList(Visibility.SYSTEM)); } else if (OrcidOAuth2Authentication.class.isAssignableFrom(authentication.getClass())) { OrcidOAuth2Authentication auth2Authentication = (OrcidOAuth2Authentication) authentication; Set<Visibility> visibilities = getVisibilitiesForOauth2Authentication(auth2Authentication, orcidMessage, requiredScope); return visibilities; } else { throw new IllegalArgumentException("Cannot obtain authentication details from " + authentication); } }
From source file:org.orcid.core.security.DefaultPermissionChecker.java
private void performPermissionChecks(Authentication authentication, ScopePathType requiredScope, String orcid, OrcidMessage orcidMessage) {// w w w . j ava 2 s. co m // We can trust that this will return a not-null Authentication object Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); if (authoritiesHasRole(authorities, "ROLE_SYSTEM")) { return; } else if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) { OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) authentication; checkScopes(oAuth2Authentication, requiredScope); performSecurityChecks(oAuth2Authentication, requiredScope, orcidMessage, orcid); } else { throw new AccessControlException( "Cannot access method with authentication type " + authentication != null ? authentication.toString() : ", as it's null!"); } }