List of usage examples for org.springframework.security.core GrantedAuthority getAuthority
String getAuthority();
GrantedAuthority
can be represented as a String
and that String
is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String
. From source file:org.duracloud.account.security.vote.BaseAccessDecisionVoter.java
protected Collection<String> getUserRoles(Authentication authentication) { Set<String> roles = new HashSet<String>(); for (GrantedAuthority authority : authentication.getAuthorities()) { roles.add(authority.getAuthority()); }/*from www. j a va 2 s .c om*/ return roles; }
From source file:es.ucm.fdi.dalgs.user.service.UserService.java
@SuppressWarnings("unchecked") @PreAuthorize("hasRole('ROLE_USER')") @Transactional(readOnly = true)/* w ww . j a va2s . c om*/ public final boolean hasRole(User user, String role) { boolean hasRole = false; try { Collection<GrantedAuthority> authorities = (Collection<GrantedAuthority>) user.getAuthorities(); for (GrantedAuthority grantedAuthority : authorities) { hasRole = grantedAuthority.getAuthority().equals(role); if (hasRole) { break; } } } catch (NotFoundException nfe) { } return hasRole; }
From source file:org.cloudfoundry.identity.uaa.login.SamlRemoteUaaController.java
@Override protected Map<String, String> getLoginCredentials(Principal principal) { Map<String, String> login = new LinkedHashMap<String, String>(); Collection<? extends GrantedAuthority> authorities = null; if (principal instanceof ExpiringUsernameAuthenticationToken) { appendField(login, "username", ((SamlUserDetails) (((ExpiringUsernameAuthenticationToken) principal).getPrincipal())) .getUsername()); authorities = ((SamlUserDetails) (((ExpiringUsernameAuthenticationToken) principal).getPrincipal())) .getAuthorities();// w ww . j ava 2s . co m } else { appendField(login, "username", principal.getName()); } if (principal instanceof Authentication) { Object details = ((Authentication) principal).getPrincipal(); if (details instanceof SocialClientUserDetails) { SocialClientUserDetails user = (SocialClientUserDetails) details; appendField(login, "name", user.getName()); appendField(login, "external_id", user.getExternalId()); appendField(login, "email", user.getEmail()); } if (((Authentication) principal).getAuthorities() instanceof Collection<?>) { authorities = ((Authentication) principal).getAuthorities(); } } if (authorities != null && authorities.size() > 0) { Map<String, String> externalGroupMap = new HashMap<String, String>(); int i = 0; for (GrantedAuthority authority : authorities) { externalGroupMap.put("externalGroups." + i, authority.getAuthority()); i++; } ByteArrayOutputStream baos = new ByteArrayOutputStream(); try { mapper.writeValue(baos, externalGroupMap); appendField(login, "authorities", new String(baos.toByteArray())); } catch (Throwable t) { logger.error("Unable to convert external groups to be sent for authorization ", t); } } return login; }
From source file:eu.openanalytics.rsb.security.ApplicationPermissionEvaluator.java
private boolean isAuthenticationAuthorized(final Authentication authentication, final Set<String> authorizedPrincipals, final Set<String> authorizedRoles) { final String userName = getUserName(authentication); if ((StringUtils.isNotBlank(userName)) && (!CollectionUtils.isEmpty(authorizedPrincipals)) && (authorizedPrincipals.contains(userName))) { return true; }/*from w w w. j a va 2s .c o m*/ final Set<String> roles = new HashSet<String>(); for (final GrantedAuthority authority : authentication.getAuthorities()) { roles.add(authority.getAuthority()); } return CollectionUtils.containsAny(authorizedRoles, roles); }
From source file:org.vaadin.spring.security.AbstractVaadinSecurity.java
@Override public boolean hasAuthority(String authority) { final Authentication authentication = getAuthentication(); if (authentication == null || !authentication.isAuthenticated()) { return false; }//from w ww .j a va2s. c om for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) { if (authority.equals(grantedAuthority.getAuthority())) { return true; } } return false; }
From source file:org.xaloon.wicket.security.spring.SpringSecurityFacade.java
@Override public boolean hasAny(String... roles) { boolean result = false; Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { return result; }/*from www .ja va2 s . c o m*/ for (String role : roles) { for (GrantedAuthority authority : authentication.getAuthorities()) { if (authority.getAuthority().equalsIgnoreCase(role)) { result = true; break; } } } return result; }
From source file:com.cloudseal.spring.client.userdetails.CloudSealUserAttributesTest.java
@Test public void rolesFromSingleAttributeValue() { final GrantedAuthority role = new GrantedAuthorityImpl("USER"); setStringAttributes(ROLES, role.getAuthority()); assertThat(new CloudsealUserAttributes(credential).getRoles(), hasSameOrder(asList(role))); }
From source file:com.bisone.saiku.security.replace.SecurityAwareConnectionManager.java
private List<String> getSpringRoles() { //System.out.println(this.sessionService.getSession().getAttribute("SPRING_SECURITY_CONTEXT")); List<String> roles = new ArrayList<String>(); if (SecurityContextHolder.getContext() != null && SecurityContextHolder.getContext().getAuthentication() != null) { Collection<? extends GrantedAuthority> auths = SecurityContextHolder.getContext().getAuthentication() .getAuthorities();/* w w w . j a v a 2 s . c om*/ for (GrantedAuthority a : auths) { roles.add(a.getAuthority()); } } return roles; }
From source file:com.bisone.saiku.security.replace.SessionService.java
private void createSession(Authentication auth, String username, String password) { if (auth == null || !auth.isAuthenticated()) { return;// w ww.ja v a2 s . com } boolean isAnonymousUser = (auth instanceof AnonymousAuthenticationToken); Object p = auth.getPrincipal(); String authUser = getUsername(p); boolean isAnonymous = (isAnonymousUser || StringUtils.equals("anonymousUser", authUser)); boolean isAnonOk = (!isAnonymous || (isAnonymous && anonymous)); if (isAnonOk && auth.isAuthenticated() && p != null && !sessionHolder.containsKey(p)) { Map<String, Object> session = new HashMap<String, Object>(); if (isAnonymous) { log.debug("Creating Session for Anonymous User"); } if (StringUtils.isNotBlank(username)) { session.put("username", username); } else { session.put("username", authUser); } if (StringUtils.isNotBlank(password)) { session.put("password", password); } session.put("sessionid", UUID.randomUUID().toString()); session.put("authid", RequestContextHolder.currentRequestAttributes().getSessionId()); List<String> roles = new ArrayList<String>(); for (GrantedAuthority ga : SecurityContextHolder.getContext().getAuthentication().getAuthorities()) { roles.add(ga.getAuthority()); } session.put("roles", roles); sessionHolder.put(p, session); } }
From source file:org.vaadin.spring.security.Security.java
/** * Checks if the current user has the specified authority. This method works with static authorities (such as roles). * If you need more dynamic authorization (such as ACLs or EL expressions), use {@link #hasAccessToObject(Object, String...)}. * * @param authority the authority to check, must not be {@code null}. * @return true if the current {@link org.springframework.security.core.context.SecurityContext} contains an authenticated {@link org.springframework.security.core.Authentication} * token that has a {@link org.springframework.security.core.GrantedAuthority} whose string representation matches the specified {@code authority}. * @see org.springframework.security.core.Authentication#getAuthorities() * @see org.springframework.security.core.GrantedAuthority#getAuthority() *//*from w w w .j a v a 2s .c o m*/ public boolean hasAuthority(String authority) { final Authentication authentication = getAuthentication(); if (authentication == null || !authentication.isAuthenticated()) { return false; } for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) { if (authority.equals(grantedAuthority.getAuthority())) { return true; } } return false; }