Example usage for org.springframework.security.ldap.userdetails InetOrgPerson getAuthorities

List of usage examples for org.springframework.security.ldap.userdetails InetOrgPerson getAuthorities

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.ldap.userdetails.*
  5. InetOrgPerson
  6. getAuthorities

Introduction

In this page you can find the example usage for org.springframework.security.ldap.userdetails InetOrgPerson getAuthorities.

Prototype

@Override
    public Collection<GrantedAuthority> getAuthorities()

Source Link

Usage

From source file:net.maritimecloud.identityregistry.utils.AccessControlUtil.java

public static boolean hasPermission(String permission) {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth instanceof KeycloakAuthenticationToken) {
        log.debug("OIDC permission lookup");
        // Keycloak authentication
        KeycloakAuthenticationToken kat = (KeycloakAuthenticationToken) auth;
        KeycloakSecurityContext ksc = (KeycloakSecurityContext) kat.getCredentials();
        Map<String, Object> otherClaims = ksc.getToken().getOtherClaims();
        if (otherClaims.containsKey(AccessControlUtil.PERMISSIONS_PROPERTY_NAME)) {
            String usersPermissions = (String) otherClaims.get(AccessControlUtil.PERMISSIONS_PROPERTY_NAME);
            String[] permissionList = usersPermissions.split(",");
            for (String per : permissionList) {
                if (per.equalsIgnoreCase(permission)) {
                    return true;
                }//www  . ja  v a2s.  c om
            }
        }
    } else if (auth instanceof PreAuthenticatedAuthenticationToken) {
        log.debug("Certificate permission lookup");
        // Certificate authentication
        PreAuthenticatedAuthenticationToken token = (PreAuthenticatedAuthenticationToken) auth;
        // Check that the permission is granted to this user
        InetOrgPerson person = ((InetOrgPerson) token.getPrincipal());
        Collection<GrantedAuthority> authorities = person.getAuthorities();
        for (GrantedAuthority authority : authorities) {
            String usersPermissions = authority.getAuthority();
            String[] permissionList = usersPermissions.split(",");
            for (String per : permissionList) {
                if (per.equalsIgnoreCase(permission)) {
                    return true;
                }
            }
        }
    } else {
        if (auth != null) {
            log.debug("Unknown authentication method: " + auth.getClass());
        }
    }
    return false;
}

From source file:org.meruvian.yama.security.UserService.java

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
        Authentication authentication) throws IOException, ServletException {

    String username = null;/*  w ww . j a  va  2 s  . co m*/
    String authority = null;

    if (authentication.getPrincipal() instanceof User) {
        User u = (User) authentication.getPrincipal();
        username = u.getUsername();
    } else if (authentication.getPrincipal() instanceof InetOrgPerson) {
        InetOrgPerson person = (InetOrgPerson) authentication.getPrincipal();
        username = person.getUsername();
        authority = person.getAuthorities().isEmpty() ? null
                : person.getAuthorities().iterator().next().getAuthority();
    }

    net.bogor.itu.entity.admin.User us = userService.findByUsername(username);
    BackendUser user = us.getUser();
    if (authority != null)
        user.setRole(authority);

    request.getSession().setAttribute(SessionCredentials.YAMA_SECURITY_USER, user);
    request.getSession().setAttribute(SessionCredentials.YAMA_SECURITY_USER_DETAIL, us);

    if (StringUtils.isBlank(request.getParameter("redirectUri"))) {
        super.onAuthenticationSuccess(request, response, authentication);
    } else {
        setTargetUrlParameter("redirectUri");
        handle(request, response, authentication);
    }
}