List of usage examples for org.springframework.security.web.authentication WebAuthenticationDetailsSource WebAuthenticationDetailsSource
WebAuthenticationDetailsSource
From source file:com.ram.topup.api.ws.security.filter.AuthenticationTokenProcessingFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (!(request instanceof HttpServletRequest)) { throw new RuntimeException("Expecting a HTTP request"); }/*from w w w . ja va 2s . c o m*/ HttpServletRequest httpRequest = (HttpServletRequest) request; String authToken = httpRequest.getHeader("X-Auth-Token"); String userName = TokenUtils.getUserNameFromToken(authToken); if (userName != null) { UserDetails userDetails = this.userService.loadUserByUsername(userName); if (TokenUtils.validateToken(authToken, userDetails.getUsername(), userDetails.getPassword())) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails, null, userDetails.getAuthorities()); authentication.setDetails( new WebAuthenticationDetailsSource().buildDetails((HttpServletRequest) request)); SecurityContextHolder.getContext().setAuthentication(authentication); } } chain.doFilter(request, response); }
From source file:com.seyren.core.security.AuthenticationTokenFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (!seyrenConfig.isSecurityEnabled()) { SecurityContextHolder.getContext().setAuthentication(new SecurityDisabledAuthentication()); } else {/* www . jav a2 s . c o m*/ HttpServletRequest httpRequest = this.getAsHttpRequest(request); String authToken = this.extractAuthTokenFromRequest(httpRequest); String userName = Token.getUserNameFromToken(authToken); if (userName != null) { UserDetails userDetails = this.userService.loadUserByUsername(userName); if (Token.validateToken(authToken, userDetails)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails, null, userDetails.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest)); SecurityContextHolder.getContext().setAuthentication(authentication); } } } chain.doFilter(request, response); }
From source file:ru.codemine.ccms.api.security.ApiAuthenticationFilter.java
@Override public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletResponse responce = (HttpServletResponse) resp; HttpServletRequest request = (HttpServletRequest) req; String authToken = request.getHeader("X-Auth-Token"); String username = apiTokenUtils.getUsernameFromToken(authToken); if (username != null) { Employee employee = employeeService.getByUsername(username); if (apiTokenUtils.validateToken(authToken, employee)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( employee, null, employee.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authentication); }//from w w w . ja va2 s. c o m } chain.doFilter(req, resp); }
From source file:com.sg.rest.security.components.WebTokenProcessingFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException { HttpServletRequest httpRequest = this.getAsHttpRequest(request); String sToken = this.extractAuthTokenFromRequest(httpRequest); if (sToken != null) { long accountId = securityService.getAccountIdAndVerifyToken(sToken); GetAccountRolesOperation dto = new GetAccountRolesOperation(accountId); GetAccountRolesResponse rolesDto = handler.handle(dto); if (rolesDto.getStatus() == GetAccountRolesStatus.STATUS_ACCOUNT_NOT_FOUND) { throw new WebSecurityAccountNotFoundException(accountId); }/*from ww w . j av a 2s. c o m*/ SgRestUser userPrincipal = new SgRestUser(accountId); userPrincipal.setRoles(rolesDto.getData().getRoles()); UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userPrincipal, null, userPrincipal.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest)); SecurityContextHolder.getContext().setAuthentication(authentication); } chain.doFilter(request, response); }
From source file:com.jevontech.wabl.security.AuthenticationTokenFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //log.debug("doFilter"); HttpServletRequest httpRequest = (HttpServletRequest) request; String authToken = httpRequest.getHeader(this.tokenHeader); String username = this.tokenUtils.getUsernameFromToken(authToken); log.debug("doFilter: this.tokenHeader=" + this.tokenHeader); log.debug("doFilter: authToken=" + authToken + " , username=" + username); if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) { UserDetails userDetails = this.userDetailsService.loadUserByUsername(username); log.debug("doFilter: userDetails=" + userDetails.toString()); if (this.tokenUtils.validateToken(authToken, userDetails)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails, null, userDetails.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest)); SecurityContextHolder.getContext().setAuthentication(authentication); }//from w ww.ja v a2s . co m } chain.doFilter(request, response); }
From source file:be.bittich.quote.security.AuthenticationTokenProcessingFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = this.getAsHttpRequest(request); String authToken = extractAuthTokenFromRequest(httpRequest); String username = tokenService.getUsernameFromToken(authToken); if (username != null) { UserDetails userDetails = this.userService.loadUserByUsername(username); if (tokenService.validateToken(authToken, request.getRemoteAddr(), userDetails)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails.getUsername(), userDetails.getPassword(), userDetails.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest)); SecurityContextHolder.getContext().setAuthentication(authentication); }/*from w w w . j av a2 s . c o m*/ } chain.doFilter(request, response); }
From source file:com.javiermoreno.springboot.rest.AuthenticationTokenProcessingFilter.java
@Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; String encryptedToken = request.getHeader("X-Auth-Token"); if (SecurityContextHolder.getContext().getAuthentication() == null && encryptedToken != null) { Token token = new Token(cryptoService, encryptedToken); String ip = request.getHeader("X-Forwarded-For"); if (ip == null) { ip = request.getRemoteAddr(); }//from w ww . ja va2 s . co m if (ip.equals(token.getIp()) == true && token.isExpired() == false) { UserDetails userDetails = userDetailsService.loadUserByUsername(token.getUsername()); UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails.getUsername(), userDetails.getPassword()); authentication.setDetails( new WebAuthenticationDetailsSource().buildDetails((HttpServletRequest) request)); SecurityContextHolder.getContext() .setAuthentication(authenticationManager.authenticate(authentication)); } } chain.doFilter(req, res); }
From source file:org.oncoblocks.centromere.web.security.AuthenticationTokenProcessingFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (!(request instanceof HttpServletRequest)) { throw new RuntimeException("Expecting an HTTP request."); }/*from w ww.j a v a2 s. co m*/ HttpServletRequest httpRequest = (HttpServletRequest) request; String authToken = httpRequest.getHeader("X-Auth-Token"); if (authToken == null) { authToken = httpRequest.getParameter("token"); } String username = tokenOperations.getUserNameFromToken(authToken); if (username != null) { UserDetails userDetails = userDetailsService.loadUserByUsername(username); if (tokenOperations.validateToken(authToken, userDetails)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails, null, userDetails.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest)); SecurityContextHolder.getContext().setAuthentication(authentication); } } chain.doFilter(request, response); }
From source file:org.openwms.client.security.AuthenticationTokenProcessingFilter.java
/** * {@inheritDoc}//from w w w . j a v a2 s . c o m * * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, * javax.servlet.ServletResponse, javax.servlet.FilterChain) */ @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (!(request instanceof HttpServletRequest)) { throw new RuntimeException("Expecting a http servlet request"); } HttpServletRequest httpRequest = (HttpServletRequest) request; String authToken = httpRequest.getHeader(AUTH_TOKEN); String userName = TokenUtils.getUserNameFromToken(authToken); if (userName != null) { // The returned UserDetails object has credentials encoded, we rely // on two AuthenticationProviders here to // come around this issue, one with PasswordEncoder and one without UserDetails userDetails = this.userService.loadUserByUsername(userName); if (TokenUtils.validateToken(authToken, userDetails)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails.getUsername(), userDetails.getPassword()); authentication.setDetails( new WebAuthenticationDetailsSource().buildDetails((HttpServletRequest) request)); SecurityContextHolder.getContext() .setAuthentication(this.authenticationManager.authenticate(authentication)); } } chain.doFilter(request, response); SecurityContextHolder.clearContext(); }
From source file:ch.ge.ve.protopoc.jwt.JwtAuthenticationTokenFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; String authToken = httpRequest.getHeader(this.tokenHeader); String username = jwtTokenUtil.getUsernameFromToken(authToken); if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) { UserDetails userDetails = this.userDetailsService.loadUserByUsername(username); if (jwtTokenUtil.validateToken(authToken, userDetails)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( userDetails, null, userDetails.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest)); SecurityContextHolder.getContext().setAuthentication(authentication); }/*from w ww. jav a2 s. c o m*/ } chain.doFilter(request, response); }