Examples of org.springframework.security.core.Authentication

• org.springframework.security.core.Authentication
  Represents the token for an authentication request or for an authenticated principal once the request has been processed by the {@link AuthenticationManager#authenticate(Authentication)} method.

  Once the request has been authenticated, the Authentication will usually be stored in a thread-local SecurityContext managed by the {@link SecurityContextHolder} by the authentication mechanism which isbeing used. An explicit authentication can be achieved, without using one of Spring Security's authentication mechanisms, by creating an Authentication instance and using the code:

   SecurityContextHolder.getContext().setAuthentication(anAuthentication); 

  Note that unless the Authentication has the authenticated property set to true, it will still be authenticated by any security interceptor (for method or web invocations) which encounters it.

  In most cases, the framework transparently takes care of managing the security context and authentication objects for you. @author Ben Alex

    private String extractUser() throws IOException, ServletException {
        filter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain() {
            @Override
            public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
                Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
                username = authentication == null ? null : authentication.getName();
            }
        });
        return username;
    }

            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;

        if (SecurityContextHolder.getContext().getAuthentication() == null) {
            Authentication rememberMeAuth = rememberMeServices.autoLogin(request, response);

            if (rememberMeAuth != null) {
                // Attempt authenticaton via AuthenticationManager
                try {
                    rememberMeAuth = authenticationManager.authenticate(rememberMeAuth);

        UsernamePasswordAuthenticationToken token =
            new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATEFUL_IDENTIFIER, "ST-123");
        token.setDetails("details");

        Authentication result = cap.authenticate(token);

        // Confirm ST-123 was NOT added to the cache
        assertTrue(cache.getByTicketId("ST-456") == null);

        if (!(result instanceof CasAuthenticationToken)) {
            fail("Should have returned a CasAuthenticationToken");
        }

        CasAuthenticationToken casResult = (CasAuthenticationToken) result;
        assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casResult.getPrincipal());
        assertEquals("ST-123", casResult.getCredentials());
        assertTrue(casResult.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_A")));
        assertTrue(casResult.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_B")));
        assertEquals(cap.getKey().hashCode(), casResult.getKeyHash());
        assertEquals("details", casResult.getDetails());

        // Now confirm the CasAuthenticationToken is automatically re-accepted.
        // To ensure TicketValidator not called again, set it to deliver an exception...
        cap.setTicketValidator(new MockTicketValidator(false));

        Authentication laterResult = cap.authenticate(result);
        assertEquals(result, laterResult);
    }

        UsernamePasswordAuthenticationToken token =
            new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER, "ST-456");
        token.setDetails("details");

        Authentication result = cap.authenticate(token);

        // Confirm ST-456 was added to the cache
        assertTrue(cache.getByTicketId("ST-456") != null);

        if (!(result instanceof CasAuthenticationToken)) {
            fail("Should have returned a CasAuthenticationToken");
        }

        assertEquals(makeUserDetailsFromAuthoritiesPopulator(), result.getPrincipal());
        assertEquals("ST-456", result.getCredentials());
        assertEquals("details", result.getDetails());

        // Now try to authenticate again. To ensure TicketValidator not
        // called again, set it to deliver an exception...
        cap.setTicketValidator(new MockTicketValidator(false));

        // Previously created UsernamePasswordAuthenticationToken is OK
        Authentication newResult = cap.authenticate(token);
        assertEquals(makeUserDetailsFromAuthoritiesPopulator(), newResult.getPrincipal());
        assertEquals("ST-456", newResult.getCredentials());
    }

        String ticket = "ST-456";
        UsernamePasswordAuthenticationToken token =
            new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER, ticket);

        Authentication result = cap.authenticate(token);
    }

        String ticket = "ST-456";
        UsernamePasswordAuthenticationToken token =
            new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER, ticket);

        Authentication result = cap.authenticate(token);
        verify(validator).validate(ticket, serviceProperties.getService());

        serviceProperties.setAuthenticateAllArtifacts(true);
        result = cap.authenticate(token);
        verify(validator,times(2)).validate(ticket, serviceProperties.getService());

    /**
     * Determines if a user is already authenticated.
     * @return
     */
    private boolean authenticated() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication != null && authentication.isAuthenticated() && !(authentication instanceof AnonymousAuthenticationToken);
    }

    /**
     * Do the actual authentication for a pre-authenticated user.
     */
    private void doAuthenticate(HttpServletRequest request, HttpServletResponse response) {
        Authentication authResult;

        Object principal = getPreAuthenticatedPrincipal(request);
        Object credentials = getPreAuthenticatedCredentials(request);

        if (principal == null) {

            }
        }
    }

    private boolean requiresAuthentication(HttpServletRequest request) {
        Authentication currentUser = SecurityContextHolder.getContext().getAuthentication();

        if (currentUser == null) {
            return true;
        }

        if (!checkForPrincipalChanges) {
            return false;
        }

        Object principal = getPreAuthenticatedPrincipal(request);

        if (currentUser.getName().equals(principal)) {
            return false;
        }

        logger.debug("Pre-authenticated principal has changed to " + principal + " and will be reauthenticated");

            }
        });

        assertTrue(filter.requiresAuthentication(request, new MockHttpServletResponse()));

        Authentication result = filter.attemptAuthentication(request, new MockHttpServletResponse());
        assertTrue(result != null);
    }