Example usage for org.springframework.security.core Authentication getAuthorities

List of usage examples for org.springframework.security.core Authentication getAuthorities

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.core.*
  5. Authentication
  6. getAuthorities

Introduction

In this page you can find the example usage for org.springframework.security.core Authentication getAuthorities.

Prototype

Collection<? extends GrantedAuthority> getAuthorities();

Source Link

Document

Set by an AuthenticationManager to indicate the authorities that the principal has been granted.

Usage

From source file:waffle.spring.NegotiateSecurityFilterTests.java

/**
 * Test negotiate./*from   w w  w .ja v a2 s  .  c o m*/
 *
 * @throws IOException
 *             Signals that an I/O exception has occurred.
 * @throws ServletException
 *             the servlet exception
 */
@Test
public void testNegotiate() throws IOException, ServletException {
    final String securityPackage = "Negotiate";
    final SimpleFilterChain filterChain = new SimpleFilterChain();
    final SimpleHttpRequest request = new SimpleHttpRequest();

    final String clientToken = BaseEncoding.base64()
            .encode(WindowsAccountImpl.getCurrentUsername().getBytes(Charsets.UTF_8));
    request.addHeader("Authorization", securityPackage + " " + clientToken);

    final SimpleHttpResponse response = new SimpleHttpResponse();
    this.filter.doFilter(request, response, filterChain);

    final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    Assert.assertNotNull(auth);
    final Collection<? extends GrantedAuthority> authorities = auth.getAuthorities();
    Assert.assertNotNull(authorities);
    Assert.assertEquals(3, authorities.size());
    final Iterator<? extends GrantedAuthority> authoritiesIterator = authorities.iterator();

    final List<String> list = new ArrayList<>();
    while (authoritiesIterator.hasNext()) {
        list.add(authoritiesIterator.next().getAuthority());
    }
    Collections.sort(list);
    Assert.assertEquals("ROLE_EVERYONE", list.get(0));
    Assert.assertEquals("ROLE_USER", list.get(1));
    Assert.assertEquals("ROLE_USERS", list.get(2));
    Assert.assertEquals(0, response.getHeaderNamesSize());
}

From source file:com.netflix.genie.web.security.oauth2.pingfederate.PingFederateUserAuthenticationConverterUnitTests.java

/**
 * Make sure that with all the require elements we can authenticate.
 *//*from   www  .j av a  2s . c o m*/
@Test
public void canAuthenticateUser() {
    final String clientId = UUID.randomUUID().toString();
    final Set<String> scopes = Sets.newHashSet(PingFederateUserAuthenticationConverter.GENIE_PREFIX + "user");
    this.map.put(PingFederateUserAuthenticationConverter.CLIENT_ID_KEY, clientId);
    this.map.put(PingFederateUserAuthenticationConverter.SCOPE_KEY, scopes);
    final Authentication authentication = this.converter.extractAuthentication(this.map);

    Assert.assertTrue(authentication instanceof UsernamePasswordAuthenticationToken);
    Assert.assertThat(authentication.getPrincipal(), Matchers.is(clientId));
    Assert.assertThat(authentication.getAuthorities().size(), Matchers.is(1));
    Assert.assertThat(authentication.getAuthorities(),
            Matchers.contains(new SimpleGrantedAuthority("ROLE_USER")));
}

From source file:com.netflix.genie.web.security.oauth2.pingfederate.PingFederateUserAuthenticationConverterUnitTests.java

/**
 * Make sure that with all the require elements we can authenticate an admin.
 *///from  w  ww .  j av a  2s  . co m
@Test
public void canAuthenticateAdmin() {
    final String clientId = UUID.randomUUID().toString();
    final Set<String> scopes = Sets.newHashSet(PingFederateUserAuthenticationConverter.GENIE_PREFIX + "admin");
    this.map.put(PingFederateUserAuthenticationConverter.CLIENT_ID_KEY, clientId);
    this.map.put(PingFederateUserAuthenticationConverter.SCOPE_KEY, scopes);
    final Authentication authentication = this.converter.extractAuthentication(this.map);

    Assert.assertTrue(authentication instanceof UsernamePasswordAuthenticationToken);
    Assert.assertThat(authentication.getPrincipal(), Matchers.is(clientId));
    Assert.assertThat(authentication.getAuthorities().size(), Matchers.is(2));
    Assert.assertThat(authentication.getAuthorities(), Matchers.containsInAnyOrder(
            new SimpleGrantedAuthority("ROLE_ADMIN"), new SimpleGrantedAuthority("ROLE_USER")));
}

From source file:org.openlmis.fulfillment.security.CustomUserAuthenticationConverterTest.java

@Test
public void shouldExtractAuthenticationWithPrincipalAndCollectionAuthorities() {
    Authentication authentication = userAuthenticationConverter
            .extractAuthentication(ImmutableMap.of(REFERENCE_DATA_USER_ID, userId.toString(),
                    UserAuthenticationConverter.AUTHORITIES, Arrays.asList("one", "two")));

    checkAuthentication(userId, authentication);
    assertEquals(2, authentication.getAuthorities().size());
}

From source file:waffle.spring.WindowsAuthenticationProviderTests.java

/**
 * Test authenticate.//w w w.  ja  va2  s  .  c  o  m
 */
@Test
public void testAuthenticate() {
    final MockWindowsIdentity mockIdentity = new MockWindowsIdentity(WindowsAccountImpl.getCurrentUsername(),
            new ArrayList<String>());
    final WindowsPrincipal principal = new WindowsPrincipal(mockIdentity);
    final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
            principal, "password");
    final Authentication authenticated = this.provider.authenticate(authentication);
    Assert.assertNotNull(authenticated);
    Assert.assertTrue(authenticated.isAuthenticated());
    final Collection<? extends GrantedAuthority> authorities = authenticated.getAuthorities();
    final Iterator<? extends GrantedAuthority> authoritiesIterator = authorities.iterator();
    Assert.assertEquals(3, authorities.size());

    final List<String> list = new ArrayList<>();
    while (authoritiesIterator.hasNext()) {
        list.add(authoritiesIterator.next().getAuthority());
    }
    Collections.sort(list);
    Assert.assertEquals("ROLE_EVERYONE", list.get(0));
    Assert.assertEquals("ROLE_USER", list.get(1));
    Assert.assertEquals("ROLE_USERS", list.get(2));
    Assert.assertTrue(authenticated.getPrincipal() instanceof WindowsPrincipal);
}

From source file:waffle.spring.WindowsAuthenticationProviderTests.java

/**
 * Test authenticate with custom granted authority factory.
 *//*from   w w  w. j  a v  a2s  .  co m*/
@Test
public void testAuthenticateWithCustomGrantedAuthorityFactory() {
    this.provider.setDefaultGrantedAuthority(null);
    this.provider.setGrantedAuthorityFactory(new FqnGrantedAuthorityFactory(null, false));

    final MockWindowsIdentity mockIdentity = new MockWindowsIdentity(WindowsAccountImpl.getCurrentUsername(),
            new ArrayList<String>());
    final WindowsPrincipal principal = new WindowsPrincipal(mockIdentity);
    final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
            principal, "password");

    final Authentication authenticated = this.provider.authenticate(authentication);
    Assert.assertNotNull(authenticated);
    Assert.assertTrue(authenticated.isAuthenticated());
    final Collection<? extends GrantedAuthority> authorities = authenticated.getAuthorities();
    final Iterator<? extends GrantedAuthority> authoritiesIterator = authorities.iterator();
    Assert.assertEquals(2, authorities.size());

    final List<String> list = new ArrayList<>();
    while (authoritiesIterator.hasNext()) {
        list.add(authoritiesIterator.next().getAuthority());
    }
    Collections.sort(list);
    Assert.assertEquals("Everyone", list.get(0));
    Assert.assertEquals("Users", list.get(1));
    Assert.assertTrue(authenticated.getPrincipal() instanceof WindowsPrincipal);
}

From source file:com.devnexus.ting.security.RoleAwareSimpleUrlAuthenticationSuccessHandler.java

@Override
protected void handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
        throws IOException, ServletException {
    String targetUrl = determineTargetUrl(request, response);

    if (response.isCommitted()) {
        logger.debug("Response has already been committed. Unable to redirect to " + targetUrl);
        return;/*  w w w  .j ava 2s  . c om*/
    }

    final Collection<? extends GrantedAuthority> auths = authentication.getAuthorities();

    if (auths.size() == 1 && auths.contains("ROLE_APP_USER")) {
        super.getRedirectStrategy().sendRedirect(request, response, "/s/cfp/index");
    }

    super.getRedirectStrategy().sendRedirect(request, response, targetUrl);
}

From source file:de.blizzy.documentr.access.DocumentrPermissionEvaluator.java

public boolean hasProjectPermission(Authentication authentication, String projectName, Permission permission) {
    for (GrantedAuthority authority : authentication.getAuthorities()) {
        if (authority instanceof PermissionGrantedAuthority) {
            PermissionGrantedAuthority pga = (PermissionGrantedAuthority) authority;
            GrantedAuthorityTarget target = pga.getTarget();
            Type type = target.getType();
            String id = target.getTargetId();
            if ((type == Type.PROJECT) && id.equals(projectName) && hasPermission(pga, permission)) {

                return true;
            }/*w ww . j  a  va2s .co  m*/
        }
    }
    return hasApplicationPermission(authentication, permission);
}

From source file:org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements.java

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {

    try {// w ww . j  ava 2  s.com
        Authentication currentAuth = SecurityContextHolder.getContext().getAuthentication();
        if (currentAuth == null) {
            chain.doFilter(request, response);
            return;
        }

        final Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
        if (currentAuth.getAuthorities() != null) {
            authorities.addAll(currentAuth.getAuthorities());
        }

        Iterator<? extends GrantedAuthority> authIt = currentAuth.getAuthorities().iterator();
        while (authIt.hasNext()) {
            GrantedAuthority ga = authIt.next();
            String roleName = ga.getAuthority();

            try {
                Role role = roleDAO.getRole(roleName.substring(5), Arrays.asList("all"));
                for (Entitlement e : role.getEntitlements()) {
                    authorities.add(new SimpleGrantedAuthority(e.getName()));
                }
            } catch (Exception ex) {
                LOG.error("Role '" + roleName + "' not found");
            }
        }

        if (LOG.isDebugEnabled()) {
            LOG.debug(authorities.toString());
        }
        UsernamePasswordAuthenticationToken enrichedAuthentication = new UsernamePasswordAuthenticationToken(
                currentAuth.getName(), currentAuth.getCredentials(), authorities);
        enrichedAuthentication.setDetails(currentAuth.getDetails());

        SecurityContextHolder.getContext().setAuthentication(enrichedAuthentication);
        LOG.info("Enriched AuthenticationToken added");

    } catch (Exception ex) {
        LOG.error("Failed to enrich security context with entitlements", ex);
    }

    chain.doFilter(request, response);
}

From source file:org.vaadin.spring.security.AbstractVaadinSecurity.java

@Override
public boolean hasAuthority(String authority) {
    final Authentication authentication = getAuthentication();
    if (authentication == null || !authentication.isAuthenticated()) {
        return false;
    }//from  w  ww  .j a  v  a2s .  c  om

    for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
        if (authority.equals(grantedAuthority.getAuthority())) {
            return true;
        }
    }

    return false;
}