List of usage examples for org.springframework.security.core.userdetails User getAuthorities
public Collection<GrantedAuthority> getAuthorities()
From source file:org.runway.utils.AuthenticationUtils.java
public static void autoLogin(User user, HttpServletRequest request, AuthenticationManager authenticationManager) { // GrantedAuthority[] grantedAuthorities = new GrantedAuthority[] { new GrantedAuthorityImpl( // user.getAuthority()) }; UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword(), user.getAuthorities()); // generate session if one doesn't exist HttpSession session = request.getSession(); token.setDetails(new WebAuthenticationDetails(request)); Authentication authenticatedUser = authenticationManager.authenticate(token); SecurityContextHolder.getContext().setAuthentication(authenticatedUser); // setting role to the session session.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext()); }
From source file:net.shibboleth.idp.oidc.client.userinfo.authn.SpringSecurityAuthenticationTokenFactory.java
/** * Build authentication authentication./* ww w.j a v a 2s . c o m*/ * * @param profileRequestContext the profile request context * @return the authentication */ public static Authentication buildAuthentication(final ProfileRequestContext profileRequestContext) { final SubjectContext principal = profileRequestContext.getSubcontext(SubjectContext.class); if (principal == null || principal.getPrincipalName() == null) { throw new OIDCException("No SubjectContext found in the profile request context"); } /** * Grab the authentication context class ref and classify it as an authority to be used later * by custom token services to generate acr and amr claims. * * MitreID connect can only work with SimpleGrantedAuthority. So here we are creating specific authority * instances first and then converting them to SimpleGrantedAuthority. The role could be parsed later to * locate and reconstruct the actual instance. */ final Set<GrantedAuthority> authorities = new LinkedHashSet<>(); authorities.add(new SimpleGrantedAuthority(OIDCConstants.ROLE_USER)); final AuthenticationContext authCtx = profileRequestContext.getSubcontext(AuthenticationContext.class); if (authCtx != null) { LOG.debug("Found an authentication context in the profile request context"); final RequestedPrincipalContext principalContext = authCtx .getSubcontext(RequestedPrincipalContext.class); if (principalContext != null && principalContext.getMatchingPrincipal() != null) { LOG.debug("Found requested principal context context with matching principal {}", principalContext.getMatchingPrincipal().getName()); final AuthenticationClassRefAuthority authority = new AuthenticationClassRefAuthority( principalContext.getMatchingPrincipal().getName()); LOG.debug("Adding authority {}", authority.getAuthority()); authorities.add(new SimpleGrantedAuthority(authority.toString())); } if (authCtx.getAuthenticationResult() != null) { final AuthenticationMethodRefAuthority authority = new AuthenticationMethodRefAuthority( authCtx.getAuthenticationResult().getAuthenticationFlowId()); LOG.debug("Adding authority {}", authority.getAuthority()); authorities.add(new SimpleGrantedAuthority(authority.toString())); } } /** * Note that Spring Security loses the details object when it attempts to grab onto the authentication * object that is combined, when codes are asking to create access tokens. */ final User user = new User(principal.getPrincipalName(), UUID.randomUUID().toString(), Collections.singleton(new SimpleGrantedAuthority(OIDCConstants.ROLE_USER))); LOG.debug("Created user details object for {} with authorities {}", user.getUsername(), user.getAuthorities()); final SpringSecurityAuthenticationToken authenticationToken = new SpringSecurityAuthenticationToken( profileRequestContext, authorities); LOG.debug("Final authentication token authorities are {}", authorities); authenticationToken.setAuthenticated(true); authenticationToken.setDetails(user); return authenticationToken; }
From source file:jp.pigumer.security.ExampleAuthenticationProvider.java
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { PreAuthenticatedAuthenticationToken auth = (PreAuthenticatedAuthenticationToken) authentication; String username = (String) auth.getPrincipal(); LOG.debug("authenticate: " + Objects.toString(auth, "")); User user = userDetailsService.loadUser(username); ExampleAuthentication result = new ExampleAuthentication(user, user.getAuthorities()); result.setDetails(auth.getDetails()); LOG.debug("authenticate: " + Objects.toString(result, "")); return result; }
From source file:com.persistent.cloudninja.web.security.CloudNinjaUserDetailsService.java
public String createCookieValueFromUser(User user) { Collection<GrantedAuthority> authorities = user.getAuthorities(); int size = authorities.size(); String role = ""; StringBuffer sb = new StringBuffer(); int i = -1;/*from w w w .j a v a 2 s.c o m*/ for (GrantedAuthority grantedAuthority : authorities) { role = grantedAuthority.getAuthority(); i = i + 1; if (i == 0 & size > 1) { role = role + ","; } sb.append(role); } String newCookieValue = user.getUsername() + "!" + sb.toString(); return newCookieValue; }
From source file:com.artivisi.belajar.restful.ui.controller.HomepageController.java
@RequestMapping("/homepage/sessioninfo") @ResponseBody//from w w w . j a v a 2 s . c o m public List<Map<String, String>> sessionInfo() { List<Map<String, String>> userAktif = new ArrayList<Map<String, String>>(); for (Object object : sessionRegistry.getAllPrincipals()) { List<SessionInformation> info = sessionRegistry.getAllSessions(object, true); for (SessionInformation i : info) { Object p = i.getPrincipal(); if (p != null && User.class.isAssignableFrom(p.getClass())) { Map<String, String> usermap = new HashMap<String, String>(); User u = (User) p; usermap.put("username", u.getUsername()); usermap.put("permission", u.getAuthorities().toString()); usermap.put("sessionid", i.getSessionId()); usermap.put("status", i.isExpired() ? "Expired" : "Aktif"); userAktif.add(usermap); } } } return userAktif; }
From source file:com.gs.config.ItemIdBasedAuthenticationSuccessHandler.java
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { User user = (User) authentication.getPrincipal(); request.getSession().setAttribute("TOOLS", obtenerHerrDptosByUser.getDptoByUsername(user.getUsername())); for (Iterator iterator = user.getAuthorities().iterator(); iterator.hasNext();) { String autority = iterator.next().toString(); //Obtengo el contexto de la direccin IP y la agrego al objeto session request.getSession().setAttribute("ENVIRONMENT", request.getParameter("environment")); if (autority.equalsIgnoreCase("ROLE_COORDINADOR") || autority.equalsIgnoreCase("ROLE_TECNICO")) { //Agrego el nmero de mensajes nos ledos a un atributo sesin. String rol = (autority.equalsIgnoreCase("ROLE_COORDINADOR") ? "ROLE_COORDINADOR" : "ROLE_TECNICO"); request.getSession().setAttribute("NUM_MSJ_N_L", mensajesBandejaDaoImp.getMensajesNoLeidosUser(user.getUsername(), rol)); break; }/* w ww . ja v a2 s.c o m*/ } super.onAuthenticationSuccess(request, response, authentication); // String redirectUrl = request.getContextPath() + "/"; // System.out.println("-----------------------------INICIO DE SESIN EXTITOSO-----------------------------"); // System.out.println("informacin: " + authentication.getDetails().toString()); // response.sendRedirect(redirectUrl); }
From source file:org.springframework.security.jackson2.UserDeserializerTests.java
@Test public void deserializeUserWithClassIdInAuthoritiesTest() throws IOException { String userJson = "{\"@class\": \"org.springframework.security.core.userdetails.User\", " + "\"username\": \"user\", \"password\": \"pass\", \"accountNonExpired\": true, " + "\"accountNonLocked\": true, \"credentialsNonExpired\": true, \"enabled\": true, " + "\"authorities\": [\"java.util.Collections$UnmodifiableSet\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"role\": \"ROLE_USER\"}]]}"; User user = buildObjectMapper().readValue(userJson, User.class); assertThat(user).isNotNull();/* ww w.jav a 2 s.c o m*/ assertThat(user.getUsername()).isEqualTo("user"); assertThat(user.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); }
From source file:com.netflix.genie.web.security.saml.SAMLUserDetailsServiceImplUnitTests.java
/** * Make sure if no groups are found but a user id is that the user logs in but only gets role user. *///w ww. ja v a2 s.c om @Test public void canLoadUserWithoutGroups() { final SAMLCredential credential = Mockito.mock(SAMLCredential.class); Mockito.when(credential.getAttributeAsString(Mockito.eq(USER_ATTRIBUTE_NAME))).thenReturn(USER_ID); Mockito.when(credential.getAttributeAsStringArray(Mockito.eq(GROUP_ATTRIBUTE_NAME))).thenReturn(null); final Object result = this.service.loadUserBySAML(credential); Assert.assertThat(result, Matchers.notNullValue()); Assert.assertTrue(result instanceof User); final User user = (User) result; Assert.assertThat(user.getUsername(), Matchers.is(USER_ID)); Assert.assertThat(user.getAuthorities(), Matchers.contains(new SimpleGrantedAuthority("ROLE_USER"))); Mockito.verify(this.loadAuthenticationTimer, Mockito.times(1)).record(Mockito.anyLong(), Mockito.eq(TimeUnit.NANOSECONDS)); }
From source file:com.netflix.genie.web.security.saml.SAMLUserDetailsServiceImplUnitTests.java
/** * Make sure if user logs in and has admin group they get admin rights. */// ww w. j av a 2 s.c o m @Test public void canLoadUserWithAdminGroup() { final SAMLCredential credential = Mockito.mock(SAMLCredential.class); Mockito.when(credential.getAttributeAsString(Mockito.eq(USER_ATTRIBUTE_NAME))).thenReturn(USER_ID); Mockito.when(credential.getAttributeAsStringArray(Mockito.eq(GROUP_ATTRIBUTE_NAME))).thenReturn(GROUPS); final Object result = this.service.loadUserBySAML(credential); Assert.assertThat(result, Matchers.notNullValue()); Assert.assertTrue(result instanceof User); final User user = (User) result; Assert.assertThat(user.getUsername(), Matchers.is(USER_ID)); Assert.assertThat(user.getAuthorities(), Matchers.hasItems(new SimpleGrantedAuthority("ROLE_USER"), new SimpleGrantedAuthority("ROLE_ADMIN"))); Mockito.verify(this.loadAuthenticationTimer, Mockito.times(1)).record(Mockito.anyLong(), Mockito.eq(TimeUnit.NANOSECONDS)); }
From source file:com.netflix.genie.web.security.saml.SAMLUserDetailsServiceImplUnitTests.java
/** * Make sure if user logs in and doesn't have admin group user only gets user role. *//*from ww w . j a va 2s . co m*/ @Test public void canLoadUserWithoutAdminGroup() { final SAMLCredential credential = Mockito.mock(SAMLCredential.class); Mockito.when(credential.getAttributeAsString(Mockito.eq(USER_ATTRIBUTE_NAME))).thenReturn(USER_ID); Mockito.when(credential.getAttributeAsStringArray(Mockito.eq(GROUP_ATTRIBUTE_NAME))) .thenReturn(new String[] { UUID.randomUUID().toString(), UUID.randomUUID().toString() }); final Object result = this.service.loadUserBySAML(credential); Assert.assertThat(result, Matchers.notNullValue()); Assert.assertTrue(result instanceof User); final User user = (User) result; Assert.assertThat(user.getUsername(), Matchers.is(USER_ID)); Assert.assertThat(user.getAuthorities(), Matchers.contains(new SimpleGrantedAuthority("ROLE_USER"))); Assert.assertThat(user.getAuthorities().size(), Matchers.is(1)); Mockito.verify(this.loadAuthenticationTimer, Mockito.times(1)).record(Mockito.anyLong(), Mockito.eq(TimeUnit.NANOSECONDS)); }