List of usage examples for org.springframework.security.authentication AuthenticationProvider AuthenticationProvider
AuthenticationProvider
From source file:se.kth.csc.config.MockAuthConfig.java
@Bean @Autowired/* w w w. j a v a 2 s .c o m*/ public AuthenticationProvider authenticationProvider( final AuthenticationUserDetailsService<Authentication> authenticationUserDetailsService) { return new AuthenticationProvider() { @Override public Authentication authenticate(final Authentication authentication) throws AuthenticationException { final UserDetails userDetails = authenticationUserDetailsService.loadUserDetails(authentication); return new Authentication() { @Override public Collection<? extends GrantedAuthority> getAuthorities() { return userDetails.getAuthorities(); } @Override public Object getCredentials() { return authentication.getCredentials(); } @Override public Object getDetails() { return authentication.getDetails(); } public UserDetails getUserDetails() { return userDetails; } @Override public Object getPrincipal() { return userDetails; } @Override public boolean isAuthenticated() { return authentication.isAuthenticated(); } @Override public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException { authentication.setAuthenticated(isAuthenticated); } @Override public String getName() { return authentication.getName(); } }; } @Override public boolean supports(Class<?> authentication) { return true; } }; }
From source file:eu.supersede.fe.security.SecurityConfiguration.java
@Bean
AuthenticationProvider customAuthenticationProvider() {
return new AuthenticationProvider() {
private final Logger log = LoggerFactory.getLogger(this.getClass());
@Override/*from w w w .j a v a 2 s. com*/
@Transactional
public Authentication authenticate(Authentication auth) throws AuthenticationException {
String username = (String) auth.getPrincipal();
String password = (String) auth.getCredentials();
ServletRequestAttributes attr = (ServletRequestAttributes) RequestContextHolder
.currentRequestAttributes();
HttpServletRequest req = attr.getRequest();
String tenantId = req.getHeader("TenantId");
if (tenantId == null) {
log.error("Tenant provided");
throw new BadCredentialsException("Invalid login request: missing tenant");
}
AuthorizationToken token = getAuthToken(username, password, tenantId);
User user = users.findByUsername(username);
if (user == null) {
log.error("Username not found in Database");
throw new BadCredentialsException("Invalid login request: user " + username + " not found");
}
// get authorities from profiles
List<Profile> profiles = user.getProfiles();
String[] authorities = new String[profiles.size()];
for (int i = 0; i < profiles.size(); i++) {
authorities[i] = "ROLE_" + profiles.get(i).getName();
}
log.debug("User has " + authorities.length + " authorities");
List<GrantedAuthority> permissions = AuthorityUtils.createAuthorityList(authorities);
DatabaseUser dbUser = new DatabaseUser(user.getUserId(),
user.getFirstName() + " " + user.getLastName(), user.getEmail(), password, token, true,
true, true, true, permissions, user.getLocale());
return new UsernamePasswordAuthenticationToken(dbUser, password, permissions);// AUTHORITIES
}
private AuthorizationToken getAuthToken(String username, String password, String tenantId) {
AuthorizationToken token = null;
if (AUTH_MANAGER_ENABLED) {
try {
token = proxy.getIFAuthenticationManager(tenantId).getAuthorizationToken(username, password,
tenantId);
} catch (HttpClientErrorException e) {
log.error("Invalid username and password.");
} catch (NullPointerException e1) {
log.error("Authorization token is null, check your if.properties file in the conf/ folder");
} catch (Exception e2) {
e2.printStackTrace();
}
if (token == null || token.getAccessToken() == null) {
log.error("Supersede integration token is null");
throw new BadCredentialsException(
"Invalid login request: authentication manager token is null");
}
} else {
log.warn("IF Authentication Manager disable, user token is NULL");
}
return token;
}
@Override
@SuppressWarnings("rawtypes")
public boolean supports(Class authentication) {
return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
}
};
}