List of usage examples for org.springframework.security.core Authentication getDetails
Object getDetails();
From source file:at.ac.univie.isc.asio.security.HttpMethodRestrictionFilterTest.java
@Test public void should_keep_rememberme_type() throws Exception { final RememberMeAuthenticationToken token = new RememberMeAuthenticationToken("key", "principal", Collections.<GrantedAuthority>singletonList(Permission.INVOKE_UPDATE)); token.setDetails("details"); setAuthentication(token);//w w w . j av a 2s . c om request.setMethod(HttpMethod.GET.name()); subject.doFilter(request, response, chain); final Authentication filtered = getAuthentication(); assertThat(filtered, instanceOf(RememberMeAuthenticationToken.class)); assertThat(filtered.getPrincipal(), equalTo(token.getPrincipal())); assertThat(filtered.getDetails(), equalTo(token.getDetails())); }
From source file:net.firejack.platform.web.security.spring.AuthenticationManager.java
protected Authentication doAuthentication(Authentication authentication) throws AuthenticationException { if (authentication.getPrincipal() == null || authentication.getCredentials() == null || authentication.getDetails() == null) { String errorMessage = MessageResolver.messageFormatting("login.wrong.credentials", null); throw new BadCredentialsException(errorMessage); }/* ww w .jav a2 s. co m*/ String userName = authentication.getPrincipal().toString(); String password = authentication.getCredentials().toString(); HttpSession session = ((AuthenticationToken) authentication).getSession(); if (StringUtils.isNotBlank(userName) && StringUtils.isNotBlank(password)) { if (!getAuthenticators().isEmpty()) { AuthenticatorFactory authenticatorFactory = AuthenticatorFactory.getInstance(); IAuthenticationSource authenticationSource = authenticatorFactory .provideDefaultAuthenticationSource(userName, password); for (IAuthenticator authenticator : getAuthenticators()) { IAuthenticationDetails authenticationDetails = authenticator.authenticate(authenticationSource); if (authenticationDetails != null) { return generateDefaultToken(authenticationDetails, session); } } } } String errorMessage = MessageResolver.messageFormatting("login.authentication.failure", null); throw new BadCredentialsException(errorMessage); }
From source file:at.ac.univie.isc.asio.security.HttpMethodRestrictionFilterTest.java
@Test public void should_keep_other_token_properties() throws Exception { final TestingAuthenticationToken token = new TestingAuthenticationToken("user", "secret", Collections.<GrantedAuthority>singletonList(Permission.INVOKE_UPDATE)); token.setDetails("details"); setAuthentication(token);// www . ja v a 2 s.c o m request.setMethod(HttpMethod.GET.name()); subject.doFilter(request, response, chain); final Authentication filtered = getAuthentication(); assertThat(filtered.getPrincipal(), equalTo(token.getPrincipal())); assertThat(filtered.getCredentials(), equalTo(token.getCredentials())); assertThat(filtered.getDetails(), equalTo(token.getDetails())); }
From source file:com.haulmont.restapi.idp.IdpAuthLifecycleManager.java
protected IdpSessionStatus pingIdpSession(Authentication authentication) { if (authentication instanceof OAuth2Authentication) { Object details = authentication.getDetails(); String accessTokenId = ((OAuth2AuthenticationDetails) details).getTokenValue(); OAuth2AccessToken accessToken = tokenStore.readAccessToken(accessTokenId); if (accessToken == null) { return IdpSessionStatus.UNSUPPORTED; }// www .j av a 2s . c o m String idpSessionId = getIdpSessionId(accessToken); if (idpSessionId == null) { return IdpSessionStatus.UNSUPPORTED; } return pingIdpSessionServer(idpSessionId); } return IdpSessionStatus.UNSUPPORTED; }
From source file:eu.freme.broker.security.AuthenticationFilter.java
private void addSessionContextToLogging() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); String tokenValue = "EMPTY"; if (authentication != null && !Strings.isNullOrEmpty(authentication.getDetails().toString())) { MessageDigestPasswordEncoder encoder = new MessageDigestPasswordEncoder("SHA-1"); tokenValue = encoder.encodePassword(authentication.getDetails().toString(), "not_so_random_salt"); }// w ww .j a v a2 s. c o m MDC.put(TOKEN_SESSION_KEY, tokenValue); String userValue = "EMPTY"; if (authentication != null && !Strings.isNullOrEmpty(authentication.getPrincipal().toString())) { userValue = authentication.getPrincipal().toString(); } MDC.put(USER_SESSION_KEY, userValue); }
From source file:nl.surfnet.coin.api.saml.SAMLAuthenticationManager.java
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { final SAMLAuthenticationToken newAuthenticationToken = new SAMLAuthenticationToken( authentication.getPrincipal(), authentication.getAuthorities()); newAuthenticationToken.setAuthenticated(true); newAuthenticationToken.setDetails(authentication.getDetails()); return newAuthenticationToken; }
From source file:nl.surfnet.coin.api.basic.MockBasicAuthenticationManager.java
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( authentication.getPrincipal(), authentication.getCredentials(), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"))); token.setDetails(authentication.getDetails()); return token; }
From source file:fr.xebia.monitoring.demo.payment.CreditCardServiceAuditingImpl.java
@Override public PaymentTransaction purchase(MonetaryAmount total, Order order, String requestId) { StringBuilder auditMessage = new StringBuilder("creditcardservice.purchase(" + requestId + ", " + order.getAccount().getEmail() + ", " + total + ") by "); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { auditMessage.append("anonymous"); } else {/*w w w . j a va 2s.c om*/ auditMessage.append(authentication.getName()); if (authentication.getDetails() instanceof WebAuthenticationDetails) { WebAuthenticationDetails details = (WebAuthenticationDetails) authentication.getDetails(); auditMessage.append(" coming from " + details.getRemoteAddress()); } } long nanosBefore = System.nanoTime(); try { PaymentTransaction paymentTransaction = creditCardService.purchase(total, order, requestId); auditMessage.append(" SUCCESS ").append(paymentTransaction.getTransactionId()); auditMessage.append(" in ") .append(TimeUnit.MILLISECONDS.convert(System.nanoTime() - nanosBefore, TimeUnit.NANOSECONDS)) .append(" ms"); auditLogger.info(auditMessage.toString()); return paymentTransaction; } catch (RuntimeException e) { auditMessage.append(" FAILURE ").append(Joiner.on(", ").join(Throwables.getCausalChain(e))); auditMessage.append(" in ") .append(TimeUnit.MILLISECONDS.convert(System.nanoTime() - nanosBefore, TimeUnit.NANOSECONDS)) .append(" ms"); auditLogger.warn(auditMessage.toString()); throw e; } }
From source file:fr.gael.dhus.spring.security.authentication.DefaultAuthenticationProvider.java
@Override @Transactional(propagation = Propagation.REQUIRED) public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = (String) authentication.getPrincipal(); String password = (String) authentication.getCredentials(); String ip = "unknown"; if (authentication.getDetails() instanceof WebAuthenticationDetails) { ip = ((WebAuthenticationDetails) authentication.getDetails()).getRemoteAddress(); }/*ww w .j a va 2 s . co m*/ LOGGER.info("Connection attempted by '" + authentication.getName() + "' from " + ip); arwDao.loginStart(username); User user = userService.getUserNoCheck(username); if (user == null || user.isDeleted()) { throw new BadCredentialsException(errorMessage); } PasswordEncryption encryption = user.getPasswordEncryption(); if (!encryption.equals(PasswordEncryption.NONE)) { MessageDigest md; try { md = MessageDigest.getInstance(encryption.getAlgorithmKey()); password = new String(Hex.encode(md.digest(password.getBytes("UTF-8")))); } catch (NoSuchAlgorithmException | UnsupportedEncodingException e) { arwDao.loginEnd(user, false); throw new BadCredentialsException("Authentication process failed", e); } } if (!user.getPassword().equals(password)) { LOGGER.warn(new Message(MessageType.USER, "Connection refused for '" + username + "' from " + ip + " : error in login/password combination")); arwDao.loginEnd(user, false); throw new BadCredentialsException(errorMessage); } for (AccessRestriction restriction : user.getRestrictions()) { LOGGER.warn("Connection refused for '" + username + "' from " + ip + " : account is locked (" + restriction.getBlockingReason() + ")"); arwDao.loginEnd(user, false); throw new LockedException(restriction.getBlockingReason()); } LOGGER.info("Connection success for '" + username + "' from " + ip); arwDao.loginEnd(user, true); return new ValidityAuthentication(user, user.getAuthorities()); }
From source file:oauth2.authentication.UserAuthenticationProvider.java
protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, Collection<GrantedAuthority> authorities) { UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(principal, authentication.getCredentials(), authorities); result.setDetails(authentication.getDetails()); return result; }