List of usage examples for org.springframework.security.authentication AbstractAuthenticationToken getCredentials
Object getCredentials();
From source file:de.hybris.platform.acceleratorstorefrontcommons.security.AbstractAcceleratorAuthenticationProvider.java
/** * @see de.hybris.platform.spring.security.CoreAuthenticationProvider#additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails, * org.springframework.security.authentication.AbstractAuthenticationToken) *//*from w ww. j a v a 2 s.c o m*/ @Override protected void additionalAuthenticationChecks(final UserDetails details, final AbstractAuthenticationToken authentication) throws AuthenticationException { super.additionalAuthenticationChecks(details, authentication); // Check if user has supplied no password if (StringUtils.isEmpty((String) authentication.getCredentials())) { throw new BadCredentialsException("Login without password"); } }
From source file:com.acc.storefront.security.AcceleratorAuthenticationProvider.java
/** * @see de.hybris.platform.spring.security.CoreAuthenticationProvider#additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails, * org.springframework.security.authentication.AbstractAuthenticationToken) *///from w ww.j a v a 2s . c om @Override protected void additionalAuthenticationChecks(final UserDetails details, final AbstractAuthenticationToken authentication) throws AuthenticationException { super.additionalAuthenticationChecks(details, authentication); // Check if user has supplied no password if (StringUtils.isEmpty((String) authentication.getCredentials())) { throw new BadCredentialsException("Login without password"); } // Check if the user is in role admingroup if (getAdminAuthority() != null && details.getAuthorities().contains(getAdminAuthority())) { throw new LockedException("Login attempt as " + Constants.USER.ADMIN_USERGROUP + " is rejected"); } }
From source file:com.katsu.springframework.security.authentication.HtmlAuthenticationProvider.java
private Authentication createSuccessAuthentication(AbstractAuthenticationToken upat, Collection<? extends GrantedAuthority> roles) { UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(upat.getPrincipal(), upat.getCredentials(), roles); result.setDetails(upat.getDetails()); return result; }
From source file:com.exxonmobile.ace.hybris.storefront.security.AcceleratorAuthenticationProvider.java
/** * @see de.hybris.platform.spring.security.CoreAuthenticationProvider#additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails, * org.springframework.security.authentication.AbstractAuthenticationToken) *///from www. j a va 2s.c om @Override protected void additionalAuthenticationChecks(final UserDetails details, final AbstractAuthenticationToken authentication) throws AuthenticationException { super.additionalAuthenticationChecks(details, authentication); // Check if user has supplied no password if (StringUtils.isEmpty((String) authentication.getCredentials())) { throw new BadCredentialsException("Login without password"); } // Check if the user is in role admingroup if (getAdminAuthority() != null && details.getAuthorities().contains(getAdminAuthority())) { throw new LockedException("Login attempt as " + Constants.USER.ADMIN_USERGROUP + " is rejected"); } // Check if the customer is B2B type if (!getB2bUserGroupProvider().isUserAuthorized(details.getUsername())) { throw new InsufficientAuthenticationException( messages.getMessage("checkout.error.invalid.accountType", "You are not allowed to login")); } if (!getB2bUserGroupProvider().isUserEnabled(details.getUsername())) { throw new DisabledException("User " + details.getUsername() + " is disabled... " + messages.getMessage("text.company.manage.units.disabled")); } }
From source file:com.katsu.springframework.security.authentication.HtmlAuthenticationProvider.java
private Collection<? extends GrantedAuthority> doLogin(AbstractAuthenticationToken upat) throws Exception { DefaultHttpClient httpclient = new DefaultHttpClient(); HttpGet httpget = null;//from w ww . ja v a2s. c o m HttpResponse httpResponse = null; HttpEntity entity = null; try { // httpclient.getCredentialsProvider().setCredentials( // new AuthScope(AuthScope.ANY), // new UsernamePasswordCredentials(upat.getPrincipal().toString(), upat.getCredentials().toString())); httpget = new HttpGet(url.toURI().toASCIIString()); httpget.setHeader("Authorization", getAuthString(upat.getPrincipal().toString(), upat.getCredentials().toString())); httpResponse = httpclient.execute(httpget); entity = httpResponse.getEntity(); if (httpResponse.getStatusLine().getStatusCode() == HttpStatus.SC_OK) { logger.trace(httpResponse.getStatusLine().toString()); String body = new java.util.Scanner(new InputStreamReader(entity.getContent())).useDelimiter("\\A") .next(); List<? extends GrantedAuthority> roles = json.deserialize(body, new TypeToken<List<Role>>() { }.getType()); if (roles != null && roles.size() > 0 && roles.get(0).getAuthority() == null) { roles = json.deserialize(body, new TypeToken<List<Role1>>() { }.getType()); } return roles; } else { throw new Exception(httpResponse.getStatusLine().getStatusCode() + " Http code response."); } } catch (Exception e) { if (entity != null) { logger.error(log(entity.getContent()), e); } else { logger.error(e); } throw e; } finally { httpclient.getConnectionManager().shutdown(); } }