Package org.springframework.security.core

Examples of org.springframework.security.core.Authentication


    @Test
    public void testDoFilterAuthenticateAll() throws Exception {
        AuthenticationSuccessHandler successHandler = mock(AuthenticationSuccessHandler.class);
        AuthenticationManager manager = mock(AuthenticationManager.class);
        Authentication authentication = new TestingAuthenticationToken("un", "pwd","ROLE_USER");
        when(manager.authenticate(any(Authentication.class))).thenReturn(authentication);
        ServiceProperties serviceProperties = new ServiceProperties();
        serviceProperties.setAuthenticateAllArtifacts(true);
        MockHttpServletRequest request = new MockHttpServletRequest();
        request.setParameter("ticket", "ST-1-123");
View Full Code Here


            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;

        if (requiresLogout(request, response)) {
            Authentication auth = SecurityContextHolder.getContext().getAuthentication();

            if (logger.isDebugEnabled()) {
                logger.debug("Logging out user '" + auth + "' and transferring to logout destination");
            }
View Full Code Here

        // check for switch or exit request
        if (requiresSwitchUser(request)) {
            // if set, attempt switch and store original
            try {
                Authentication targetUser = attemptSwitchUser(request);

                // update the current context to the new target user
                SecurityContextHolder.getContext().setAuthentication(targetUser);

                // redirect to target url
                successHandler.onAuthenticationSuccess(request, response, targetUser);
            } catch (AuthenticationException e) {
                logger.debug("Switch User failed", e);
                failureHandler.onAuthenticationFailure(request, response, e);
            }

            return;
        } else if (requiresExitUser(request)) {
            // get the original authentication object (if exists)
            Authentication originalUser = attemptExitUser(request);

            // update the current context back to the original user
            SecurityContextHolder.getContext().setAuthentication(originalUser);

            // redirect to target url
View Full Code Here

     *         request.
     */
    protected Authentication attemptExitUser(HttpServletRequest request)
            throws AuthenticationCredentialsNotFoundException {
        // need to check to see if the current user has a SwitchUserGrantedAuthority
        Authentication current = SecurityContextHolder.getContext().getAuthentication();

        if (null == current) {
            throw new AuthenticationCredentialsNotFoundException(messages.getMessage(
                    "SwitchUserFilter.noCurrentUser", "No current user associated with this request"));
        }

        // check to see if the current user did actual switch to another user
        // if so, get the original source user so we can switch back
        Authentication original = getSourceAuthentication(current);

        if (original == null) {
            logger.debug("Could not find original user Authentication object!");
            throw new AuthenticationCredentialsNotFoundException(messages.getMessage(
                    "SwitchUserFilter.noOriginalAuthentication",
                    "Could not find original Authentication object"));
        }

        // get the source user details
        UserDetails originalUser = null;
        Object obj = original.getPrincipal();

        if ((obj != null) && obj instanceof UserDetails) {
            originalUser = (UserDetails) obj;
        }

View Full Code Here

        UsernamePasswordAuthenticationToken targetUserRequest;

        // grant an additional authority that contains the original Authentication object
        // which will be used to 'exit' from the current switched user.

        Authentication currentAuth;

        try {
            // SEC-1763. Check first if we are already switched.
            currentAuth = attemptExitUser(request);
        } catch (AuthenticationCredentialsNotFoundException e) {
View Full Code Here

     * @param current The current  <code>Authentication</code> object
     *
     * @return The source user <code>Authentication</code> object or <code>null</code> otherwise.
     */
    private Authentication getSourceAuthentication(Authentication current) {
        Authentication original = null;

        // iterate over granted authorities and find the 'switch user' authority
        Collection<? extends GrantedAuthority> authorities = current.getAuthorities();

        for (GrantedAuthority auth : authorities) {
View Full Code Here

     */
    private void createSampleData(String username, String password) {
        Assert.notNull(documentDao, "DocumentDao required");
        Assert.hasText(username, "Username required");

        Authentication auth = new UsernamePasswordAuthenticationToken(username, password);

        try {
            // Set the SecurityContextHolder ThreadLocal so any subclasses
            // automatically know which user is operating
            SecurityContextHolder.getContext().setAuthentication(auth);
View Full Code Here

        String userName = wasHelper.getCurrentUserName();
        if (logger.isDebugEnabled()) { logger.debug("Creating authentication request for user "+userName); }
        PreAuthenticatedAuthenticationToken authRequest = new PreAuthenticatedAuthenticationToken(userName, "N/A");
        authRequest.setDetails(authenticationDetailsSource.buildDetails(null));
        if (logger.isDebugEnabled()) { logger.debug("Authentication request for user "+userName+": "+authRequest); }
        Authentication authResponse = authenticationManager.authenticate(authRequest);
        if (logger.isDebugEnabled()) { logger.debug("Authentication response for user "+userName+": "+authResponse); }
        SecurityContextHolder.getContext().setAuthentication(authResponse);
    }
View Full Code Here

            // Of course they have access to a null object!
            return evalBody();
        }

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            if (logger.isDebugEnabled()) {
                logger.debug(
                    "SecurityContextHolder did not return a non-null Authentication object, so skipping tag body");
            }
View Full Code Here

    private final static class UserDetailsRequestPostProcessor implements
            RequestPostProcessor {
        private final RequestPostProcessor delegate;

        public UserDetailsRequestPostProcessor(UserDetails user) {
            Authentication token = new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities());

            delegate = new AuthenticationRequestPostProcessor(token);
        }
View Full Code Here

TOP

Related Classes of org.springframework.security.core.Authentication

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.