Package org.uberfire.security.auth

Examples of org.uberfire.security.auth.Principal


    public void challengeClient( final SecurityContext context ) {
    }

    public Credential buildCredential( final SecurityContext context ) {
        final HttpSecurityContext httpSecurityContext = checkInstanceOf( "context", context, HttpSecurityContext.class );
        final Principal principal = cookieStorage.load( httpSecurityContext );

        if ( principal == null ) {
            return null;
        }

        return new RememberMeCredential( TRUE.toString(), principal.getName() );
    }
View Full Code Here


    @Override
    public Subject authenticate( final SecurityContext context ) throws AuthenticationException {
        final HttpSecurityContext httpContext = checkInstanceOf( "context", context, HttpSecurityContext.class );

        Principal principal = null;
        for ( final AuthenticatedStorageProvider storeProvider : authStorageProviders ) {
            principal = storeProvider.load( httpContext );
            if ( principal != null ) {
                break;
            }
        }

        if ( principal != null && principal instanceof Subject ) {
            return (Subject) principal;
        }

        boolean isRememberOp = principal != null;

        final boolean requiresAuthentication = resourceManager.requiresAuthentication( httpContext.getResource() );

        if ( principal == null ) {
            for ( final AuthenticationScheme authScheme : authSchemes ) {
                if ( authScheme.isAuthenticationRequest( httpContext ) ) {
                    break;
                } else if ( requiresAuthentication ) {
                    if ( !requestCache.containsKey( httpContext.getRequest().getSession().getId() ) ) {

                        String preservedQueryStr = httpContext.getRequest().getQueryString();

                        if ( preservedQueryStr == null ) {
                            preservedQueryStr = "";
                        } else {
                            preservedQueryStr = "?" + preservedQueryStr;
                        }

                        // this is for the benefit of dev mode logins: the uf_security_check form
                        // won't have the gwt.codeserver parameter on it, but the referer will
                        String referer = httpContext.getRequest().getHeader( "Referer" );
                        if ( preservedQueryStr.equals( "" ) && referer != null && referer.indexOf( '?' ) >= 0 ) {
                            preservedQueryStr = referer.substring( referer.indexOf( '?' ) );
                        }

                        if ( forceURL != null ) {

                            // prepend context path for context-relative forceURLs
                            String contextPrefix = "";
                            if ( forceURL.startsWith( "/" ) ) {
                                contextPrefix = httpContext.getRequest().getContextPath();
                            }

                            requestCache.put( httpContext.getRequest().getSession().getId(), contextPrefix + forceURL + preservedQueryStr );
                        } else {
                            requestCache.put( httpContext.getRequest().getSession().getId(), httpContext.getRequest().getRequestURI() + preservedQueryStr );
                        }
                    }
                    authScheme.challengeClient( httpContext );
                }
            }

            if ( !requiresAuthentication ) {
                return null;
            }

            all_auth:
            for ( final AuthenticationScheme authScheme : authSchemes ) {
                final Credential credential = authScheme.buildCredential( httpContext );

                if ( credential == null ) {
                    continue;
                }

                for ( final AuthenticationProvider authProvider : authProviders ) {
                    final AuthenticationResult result = authProvider.authenticate( credential, context );
                    if ( result.getStatus().equals( FAILED ) ) {
                        authScheme.challengeClient( httpContext );
                        throw new AuthenticationException( "Invalid credentials." );
                    } else if ( result.getStatus().equals( SUCCESS ) ) {
                        principal = result.getPrincipal();
                        break all_auth;
                    }
                }
            }
        }

        if ( principal == null ) {
            throw new AuthenticationException( "Invalid credentials." );
        }

        final List<Role> roles = new ArrayList<Role>();
        if ( isRememberOp ) {
            roles.add( new RoleImpl( ROLE_REMEMBER_ME ) );
        }

        for ( final RoleProvider roleProvider : roleProviders ) {
            roles.addAll( roleProvider.loadRoles( principal, context ) );
        }

        final Map<String, String> properties = new HashMap<String, String>();
        for ( final SubjectPropertiesProvider propertiesProvider : subjectPropertiesProviders ) {
            properties.putAll( propertiesProvider.loadProperties( principal ) );
        }

        final String name = principal.getName();
        final Subject result = new IdentityImpl( name, roles, properties );

        for ( final AuthenticatedStorageProvider storeProvider : authStorageProviders ) {
            storeProvider.store( httpContext, result );
        }
View Full Code Here

    @Override
    public Subject authenticate( final SecurityContext context ) throws AuthenticationException {
        final UserPassSecurityContext userPassContext = checkInstanceOf( "context", context, UserPassSecurityContext.class );

        final Principal principal;

        final Credential credential = scheme.buildCredential( userPassContext );

        if ( credential == null ) {
            throw new AuthenticationException( "Invalid credentials." );
        }

        final AuthenticationResult authResult = authProvider.authenticate( credential, context );

        if ( authResult.getStatus().equals( SUCCESS ) ) {
            principal = authResult.getPrincipal();
        } else {
            principal = null;
        }

        if ( principal == null ) {
            throw new AuthenticationException( "Invalid credentials." );
        }

        final List<Role> roles = new ArrayList<Role>();

        if ( roleProvider != null ) {
            roles.addAll( roleProvider.loadRoles( principal, context ) );
        }

        final Map<String, String> properties = new HashMap<String, String>() {{
            if ( propertiesProvider != null ) {
                putAll( propertiesProvider.loadProperties( principal ) );
            }
        }};

        return new IdentityImpl( principal.getName(), roles, properties );
    }
View Full Code Here

TOP

Related Classes of org.uberfire.security.auth.Principal

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.