Examples of org.beangle.security.core.Authentication

org.beangle.security.core.Authentication

    if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) { return "failure"; }
    username = username.trim();
    HttpServletRequest request = getRequest();
    UsernamePasswordAuthentication auth = new UsernamePasswordAuthentication(username, password);
    auth.setDetails(authenticationDetailsSource.buildDetails(request));
    Authentication authRequest = auth;
    try {
      authRequest = authenticationManager.authenticate(authRequest);
      sessionRegistry.register(authRequest, request.getSession().getId());
      SecurityContextHolder.getContext().setAuthentication(authRequest);
    } catch (AuthenticationException e) {

View Full Code Here

public final class SecurityUtils {


  private static ThreadLocal<String> resource = new ThreadLocal<String>();


  private static UserToken getPrincipal() {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (null == auth) throw new AuthenticationException();
    UserToken user = (UserToken) auth.getPrincipal();
    if (null == user.getId()) throw new AuthenticationException();
    return user;
  }

View Full Code Here

  }


  public void testNormalOperation() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/demo/any-path");
    request.addParameter("ticket", "ST-0-ER94xMJmn6pha35CQRoZ");
    Authentication result = filter.getPreauthAuthentication(request, new MockHttpServletResponse());
    assertTrue(result != null);
  }

View Full Code Here


  @Test
  public void statefulAuthenticationIsSuccessful() throws Exception {
    CasAuthentication token = new CasAuthentication(CasAuthentication.STATEFUL_ID, "ST-123", null);
    token.setDetails("details");
    Authentication result = cap.authenticate(token);


    // Confirm ST-123 was NOT added to the cache
    assertTrue(cache.get("ST-456") == null);
    if (!(result instanceof CasAuthentication)) {
      fail("Should have returned a CasAuthentication");
    }
    CasAuthentication casResult = (CasAuthentication) result;
    assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal());
    assertEquals("ST-123", casResult.getCredentials());
    assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityBean("ROLE_A")));
    assertTrue(casResult.getAuthorities().contains(new GrantedAuthorityBean("ROLE_B")));
    assertEquals(cap.getKey().hashCode(), casResult.getKeyHash());
    assertEquals("details", casResult.getDetails());


    // Now confirm the CasAuthentication is automatically re-accepted.
    // To ensure TicketValidator not called again, set it to deliver an
    // exception...
    cap.setTicketValidator(new MockTicketValidator(false));


    Authentication laterResult = cap.authenticate(result);
    assertEquals(result, laterResult);
  }

View Full Code Here


  @Test
  public void statelessAuthenticationIsSuccessful() throws Exception {
    CasAuthentication token = new CasAuthentication(CasAuthentication.STATELESS_ID, "ST-456", null);
    token.setDetails("details");
    Authentication result = cap.authenticate(token);
    // Confirm ST-456 was added to the cache
    assertTrue(cache.get("ST-456") != null);


    if (!(result instanceof CasAuthentication)) {
      fail("Should have returned a CasAuthentication");
    }


    assertEquals(makeUserDetailsFromAuthoritiesPopulator(), result.getPrincipal());
    assertEquals("ST-456", result.getCredentials());
    assertEquals("details", result.getDetails());


    // Now try to authenticate again. To ensure TicketValidator not
    // called again, set it to deliver an exception...
    cap.setTicketValidator(new MockTicketValidator(false));


    // Previously created UsernamePasswordAuthenticationToken is OK
    Authentication newResult = cap.authenticate(token);
    assertEquals(makeUserDetailsFromAuthoritiesPopulator(), newResult.getPrincipal());
    assertEquals("ST-456", newResult.getCredentials());
  }

View Full Code Here

  public void onApplicationEvent(BusinessEvent event) {
    BusinessLogBean log = new BusinessLogBean();
    log.setOperateAt(event.getIssueAt());
    log.setOperation(StringUtils.defaultIfBlank(event.getDescription(), "  "));
    log.setResource(StringUtils.defaultIfBlank(event.getResource(), "  "));
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (null == auth) return;
    log.setOperater(auth.getName());
    Object details = auth.getDetails();
    if ((details instanceof WebAuthenticationDetails)) {
      WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;
      log.setIp(webDetails.getAgent().getIp());
      log.setAgent(webDetails.getAgent().getOs()+" "+webDetails.getAgent().getBrowser());
      log.setEntry(sessionRegistry.getResource(webDetails.getSessionId()));

View Full Code Here

  protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
      throws IOException, ServletException {
    boolean addedToken = false;


    if (applyAnonymousForThisRequest(request)) {
      Authentication auth = SecurityContextHolder.getContext().getAuthentication();
      if (auth == null) {
        auth = createAuthentication(request);
        SecurityContextHolder.getContext().setAuthentication(auth);
        addedToken = true;
        logger.debug("Populated SecurityContextHolder with anonymous token: '{}'", auth);

View Full Code Here

    if (!getSecureObjectClass().isAssignableFrom(object.getClass())) { throw new IllegalArgumentException(
        "Security invocation attempted for object "
            + object.getClass().getName()
            + " but AbstractSecurityInterceptor only configured to support secure objects of type: "
            + getSecureObjectClass()); }
    Authentication authenticated = authenticateIfRequired();


    // Attempt authorization
    if (!authorityManager.isAuthorized(authenticated, object)) { throw new AccessDeniedException(object,
        "access denied"); }
    logger.debug("Authorization successful");

View Full Code Here

   * to true.
   * 
   * @return an authenticated <tt>Authentication</tt> object.
   */
  private Authentication authenticateIfRequired() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if(null==authentication){
      throw new AuthenticationException();
    }
    if (authentication.isAuthenticated() && !alwaysReauthenticate) {
      logger.debug("Previously Authenticated: {}", authentication);
      return authentication;
    }
    authentication = authenticationManager.authenticate(authentication);
    SecurityContextHolder.getContext().setAuthentication(authentication);

View Full Code Here


  public void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
      throws IOException, ServletException {
    if (requiresAuthentication(request, response)) {
      logger.debug("Request is to process authentication");
      Authentication authResult;
      try {
        authResult = attemptAuthentication(request);
        if (null == authResult) { return; }
        sessionRegistry.register(authResult, request.getSession().getId());
      } catch (AuthenticationException failed) {

View Full Code Here

0 1 2 3 4

TOP

Related Classes of org.beangle.security.core.Authentication

org.beangle.ems.log.service.BusinessEventLogger

org.beangle.ems.portal.action.LoginAction

org.beangle.ems.security.SecurityUtils

org.beangle.ems.web.action.LogoutAction

org.beangle.emsapp.portal.action.LoginAction

org.beangle.security.access.intercept.AbstractSecurityInterceptor

org.beangle.security.auth.AbstractAuthenticationManager

org.beangle.security.auth.ProviderManager

org.beangle.security.cas.auth.CasAuthenticationProviderTest

org.beangle.security.cas.web.CasPreauthFilterTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.