Examples of org.acegisecurity.Authentication

• org.acegisecurity.Authentication
  Represents an authentication request.

  An Authentication object is not considered authenticated until it is processed by an {@link AuthenticationManager}.

  Stored in a request {@link org.acegisecurity.context.SecurityContext}.

  @author Ben Alex @version $Id: Authentication.java 1784 2007-02-24 21:00:24Z luke_t $

 */
public class AcegiWorkflowContextHandlerInterceptorDifferentProviderTests extends AbstractWorkflowContextHandlerInterceptorTests {


  protected MockHttpServletRequest getMockRequest(String userName) {
    Authentication auth = new AnonymousAuthenticationToken(userName, userName, new GrantedAuthority[]{ new GrantedAuthorityImpl(userName) });
    SecurityContext context = new SecurityContextImpl();
    context.setAuthentication(auth);
    SecurityContextHolder.setContext(context);

    return new MockHttpServletRequest();

public class AcegiWorkflowContextHandlerInterceptorTests extends AbstractWorkflowContextHandlerInterceptorTests {


  protected MockHttpServletRequest getMockRequest(String userName) {
    User user = new User(userName, "dummy", true, true, true, true, new GrantedAuthority[]{});
    Authentication auth = new UsernamePasswordAuthenticationToken(user, null);
    SecurityContext context = new SecurityContextImpl();
    context.setAuthentication(auth);
    SecurityContextHolder.setContext(context);

    return new MockHttpServletRequest();

    protected Object doGetResult(Object target) {

        Object role = getArguments()[0].getResult(target);

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return Boolean.FALSE;
        }

        GrantedAuthority[] authorities = authentication.getAuthorities();

        for (int i = 0; i < authorities.length; i++) {
            if (authorities[i].getAuthority().equals(role)) {
                return Boolean.TRUE;
            }

public class AcegiRoleConditionTests extends TestCase {

  public void setUp() {
    GrantedAuthority[] roles = new GrantedAuthority[]{new GrantedAuthorityImpl("manager"), new GrantedAuthorityImpl("vp")};

    Authentication authentication = new UsernamePasswordAuthenticationToken(new Object(), new Object(), roles);

    SecurityContext context = new SecurityContextImpl();
    context.setAuthentication(authentication);

    SecurityContextHolder.setContext(context);

  @Resource
  private LoginService loginService;

  public String setMyVisitInfo() {
    ActionContext.getContext().getSession().put("ctx", ServletActionContext. getRequest().getContextPath());
    Authentication au = null;
    if (SecurityContextHolder.getContext() != null)
      au = SecurityContextHolder.getContext().getAuthentication();
    if (au == null || au.getName() == null || au.getName().length() == 0) {
      SecurityContextHolder.clearContext();
      return "error";
    } else {
      MyVisit myVisit = new MyVisit();
      myVisit.setLoginInfoMap(this.loginService.saveLoginInfo(au.getName(), ServletActionContext. getRequest().getRemoteAddr()));
      ActionContext.getContext().getSession().put("myVisit",myVisit);
      ActionContext.getContext().getSession().put(Constants_core.LOGIN_IP, ServletActionContext. getRequest().getRemoteAddr());
//      ServletActionContext. getRequest().getSession().setAttribute("myVisit",myVisit);
//      ServletActionContext. getRequest().getSession().setAttribute(Constants_core.LOGIN_IP, ServletActionContext. getRequest().getRemoteAddr());
      List<Map> listXTGN = getListXTGN(myVisit);

    if (url.indexOf("/") == 0) {  // 数据库中的功能地址不能以“/”开头
      url_C = url_C.substring(1);
    }
    url_C = this.dbUrlSourceManager.convertUrl(url_C);
    if (showProtectedResource) {
      Authentication au = SecurityContextHolder.getContext().getAuthentication();
      if (au != null) {
        System.out.println("acegi_au:au.getName()=" + au.getName());
        System.out.println("acegi_au:au.getAuthorities().length=" + au.getAuthorities().length);
        for (int i = 0; i < au.getAuthorities().length; i++) {
          System.out.println("acegi_au:au.getAuthorities()[" + i + "].getAuthority()=" + au.getAuthorities()[i].getAuthority());
        }
        System.out.println("acegi_au:(String)au.getCredentials()=" + (String) au.getCredentials());
        System.out.println("acegi_au:au.getDetails()[org.acegisecurity.ui.WebAuthenticationDetails]=" + au.getDetails().toString());
        System.out.println("acegi_au:au.getPrincipal()[org.acegisecurity.userdetails.User]=" + au.getPrincipal());
      }
    }
    return (ConfigAttributeDefinition) this.dbUrlSourceManager.getUrlMap().get(url_C);
  }

    /**
     * Lets the current user silently login as the given user and report back accordingly.
     */
    private void loginAndTakeBack(StaplerRequest req, StaplerResponse rsp, User u) throws ServletException, IOException {
        // ... and let him login
        Authentication a = new UsernamePasswordAuthenticationToken(u.getId(),req.getParameter("password1"));
        a = this.getSecurityComponents().manager.authenticate(a);
        SecurityContextHolder.getContext().setAuthentication(a);

        // then back to top
        req.getView(this,"success.jelly").forward(req,rsp);

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpSession session = ((HttpServletRequest) req).getSession(false);
        if(session!=null) {
            SecurityContext o = (SecurityContext)session.getAttribute(ACEGI_SECURITY_CONTEXT_KEY);
            if(o!=null) {
                Authentication a = o.getAuthentication();
                if(a!=null) {
                    if (a.getPrincipal() instanceof InvalidatableUserDetails) {
                        InvalidatableUserDetails ud = (InvalidatableUserDetails) a.getPrincipal();
                        if(ud.isInvalid())
                            // don't let Acegi see invalid security context
                            session.setAttribute(ACEGI_SECURITY_CONTEXT_KEY,null);
                    }
                }

        registerOptionHandlers();
        CmdLineParser p = new CmdLineParser(this);

        // add options from the authenticator
        SecurityContext sc = SecurityContextHolder.getContext();
        Authentication old = sc.getAuthentication();

        CliAuthenticator authenticator = Jenkins.getInstance().getSecurityRealm().createCliAuthenticator(this);
        new ClassParser().parse(authenticator,p);

        try {
            p.parseArgument(args.toArray(new String[args.size()]));
            Authentication auth = authenticator.authenticate();
            if (auth==Jenkins.ANONYMOUS)
                auth = loadStoredAuthentication();
            sc.setAuthentication(auth); // run the CLI with the right credential
            if (!(this instanceof LoginCommand || this instanceof HelpCommand))
                Jenkins.getInstance().checkPermission(Jenkins.READ);

     *
     * <p>
     * If the transport doesn't do authentication, this method returns {@link jenkins.model.Jenkins#ANONYMOUS}.
     */
    public Authentication getTransportAuthentication() {
        Authentication a = transportAuth;
        if (a==null)    a = Jenkins.ANONYMOUS;
        return a;
    }