org.acegisecurity.userdetails.UserDetails Java Examples
The following examples show how to use
Example #1
Source File: From rice with Educational Community License v2.0 | 6 votes |
/** * This overridden method is differs from the super method by * populating the user details by passing the full response * * @see org.acegisecurity.providers.cas.CasAuthenticationProvider#authenticateNow(Authentication authentication) */ private CasAuthenticationToken authenticateNow(Authentication authentication) throws AuthenticationException { // Validate KualiTicketResponse response = (KualiTicketResponse)this.getTicketValidator().confirmTicketValid(authentication.getCredentials().toString()); // Check proxy list is trusted this.getCasProxyDecider().confirmProxyListTrusted(response.getProxyList()); if (logger.isDebugEnabled()) { logger.debug("authenticationNOW:" + response); } // Lookup user details logger.debug("\n\npopulating authorities\n\n"); UserDetails userDetails = ((KualiCasAuthoritiesPopulator)this.getCasAuthoritiesPopulator()).getUserDetails(response); // Construct CasAuthenticationToken return new CasAuthenticationToken(this.getKey(), userDetails, authentication.getCredentials(), userDetails.getAuthorities(), userDetails, response.getProxyList(), response.getProxyGrantingTicketIou()); }
Example #2
Source File: From subsonic with GNU General Public License v3.0 | 6 votes |
/** * Locates the user based on the username. * * @param username The username presented to the {@link DaoAuthenticationProvider} * @return A fully populated user record (never <code>null</code>) * @throws UsernameNotFoundException if the user could not be found or the user has no GrantedAuthority. * @throws DataAccessException If user could not be found for a repository-specific reason. */ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { User user = getUserByName(username); if (user == null) { throw new UsernameNotFoundException("User \"" + username + "\" was not found."); } String[] roles = userDao.getRolesForUser(username); GrantedAuthority[] authorities = new GrantedAuthority[roles.length]; for (int i = 0; i < roles.length; i++) { authorities[i] = new GrantedAuthorityImpl("ROLE_" + roles[i].toUpperCase()); } // If user is LDAP authenticated, disable user. The proper authentication should in that case // be done by SubsonicLdapBindAuthenticator. boolean enabled = !user.isLdapAuthenticated(); return new org.acegisecurity.userdetails.User(username, user.getPassword(), enabled, true, true, true, authorities); }
Example #3
Source File: From webcurator with Apache License 2.0 | 6 votes |
@Override protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { Object salt = null; System.out.println("User pwd: "+userDetails.getPassword()); System.out.println("Auth pwd raw: "+authentication.getCredentials().toString()); if (getSaltSource() != null) { salt = getSaltSource().getSalt(userDetails); } System.out.println("Auth pwd: "+getPasswordEncoder().encodePassword(authentication.getCredentials().toString().trim(), salt)); System.out.println("Salt: "+salt); System.out.println("Encoder: "+getPasswordEncoder()); if (!getPasswordEncoder().isPasswordValid(userDetails.getPassword(), authentication.getCredentials().toString(), salt)) { throw new BadCredentialsException(messages.getMessage( "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), userDetails); } }
Example #4
Source File: From webcurator with Apache License 2.0 | 6 votes |
protected Object mapRow(ResultSet rs, int rownum) throws SQLException { String username = rs.getString(1); String password = rs.getString(2); boolean enabled = rs.getBoolean(3); boolean credentialsNonExpired = rs.getBoolean(4); if (password == null) { //set the password to blank for users authenticated by an external Authentication source password = ""; } UserDetails user = new User(username, password, enabled, true, !credentialsNonExpired, true, new GrantedAuthority[] {new GrantedAuthorityImpl("HOLDER")}); return user; }
Example #5
Source File: From ramus with GNU General Public License v3.0 | 6 votes |
@Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { user = getUserFactory().getUser(username); if (user == null) { throw new UsernameNotFoundException(MessageFormat.format( "User {0} not found", username)); } List<Group> list = user.getGroups(); GrantedAuthority[] arrayAuths = new GrantedAuthority[list.size() + 1]; for (int i = 0; i < list.size(); i++) { arrayAuths[i] = new GrantedAuthorityImpl("ROLE_" + list.get(i).getName().toUpperCase()); } arrayAuths[list.size()] = new GrantedAuthorityImpl("ROLE_USER"); return new User(user.getLogin(), user.getPassword(), true, true, true, true, arrayAuths); }
Example #6
Source File: From webcurator with Apache License 2.0 | 5 votes |
@SuppressWarnings("unchecked") @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { List users = usersByUsernameMapping.execute(username); if (users.size() == 0) { throw new UsernameNotFoundException("User not found"); } UserDetails user = (UserDetails) users.get(0); // contains no GrantedAuthority[] List dbAuths = authoritiesByUsernameMapping.execute(user.getUsername()); if (dbAuths.size() == 0) { throw new UsernameNotFoundException("User has no GrantedAuthority"); } GrantedAuthority[] arrayAuths = {}; addCustomAuthorities(user.getUsername(), dbAuths); arrayAuths = (GrantedAuthority[]) dbAuths.toArray(arrayAuths); String returnUsername = user.getUsername(); if (!isUsernameBasedPrimaryKey()) { returnUsername = username; } return new User(returnUsername, user.getPassword(), user.isEnabled(), true, true, true, arrayAuths); }
Example #7
Source File: From rice with Educational Community License v2.0 | 5 votes |
public UserDetails loadUserByUsername(String username) { LdapUserDetails ldapUserDetails = ldapUserSearch.searchForUser(username); GrantedAuthority[] authorities = ldapAuthoritiesPopulator.getGrantedAuthorities(ldapUserDetails); return new User(username, "empty_password", true, true, true, true, authorities); }
Example #8
Source File: From rice with Educational Community License v2.0 | 5 votes |
/** * This overridden method is used to pass the Distributed Session * Ticket around via the {@link KualiTicketResponse} * * @see */ public UserDetails getUserDetails(KualiTicketResponse response) throws AuthenticationException { if (logger.isDebugEnabled()) { logger.debug("getUserDetails(response)"); } return this.userDetailsService.loadUserByTicketResponse(response); }
Example #9
Source File: From rice with Educational Community License v2.0 | 5 votes |
/** * This overridden method should never be used but is required by the * UserDetails interface * * @see org.acegisecurity.providers.cas.CasAuthoritiesPopulator#getUserDetails(java.lang.String) */ public UserDetails getUserDetails(String casUserId) throws AuthenticationException { if (logger.isDebugEnabled()) { logger.debug("getUserDetails(userID)"); } return this.userDetailsService.loadUserByUsername(casUserId); }
Example #10
Source File: From rice with Educational Community License v2.0 | 5 votes |
/** * This method is necessary for loading users by the ticket response * * @param username * @param authorities * @return the UserDetails */ public UserDetails loadUserByUsernameAndAuthorities(String username, GrantedAuthority[] authorities) { if (logger.isDebugEnabled()) { logger.debug("loadUserByUsernameAndAuthorities"); } GrantedAuthority[] newAuthorities = new GrantedAuthority[authorities.length+1]; System.arraycopy(authorities, 0, newAuthorities, 0, authorities.length); newAuthorities[authorities.length]= new GrantedAuthorityImpl("ROLE_KUALI_USER"); logger.warn("setting granted authorities:" + newAuthorities.toString()); UserDetails user = new User(username, "empty_password", true, true, true, true, newAuthorities); return user; }
Example #11
Source File: From rice with Educational Community License v2.0 | 5 votes |
/** * This overridden method ... * * @see org.acegisecurity.userdetails.UserDetailsService#loadUserByUsername(java.lang.String) */ public UserDetails loadUserByUsername(String username) { if (logger.isDebugEnabled()) { logger.debug("loadUserByUsername"); } return loadUserByUsernameAndAuthorities(username, new GrantedAuthority[0]); }
Example #12
Source File: From rice with Educational Community License v2.0 | 5 votes |
/** * This overridden method appends the Distributed Session Ticket to the * granted authorities * * @see */ public UserDetails loadUserByTicketResponse(KualiTicketResponse response) { GrantedAuthority[] authorities = new GrantedAuthority[1]; authorities[0]= new GrantedAuthorityImpl(response.getDistributedSessionToken()); if (logger.isDebugEnabled()) { logger.debug("loadUserByTicketResponse:" + response.getDistributedSessionToken()); } return loadUserByUsernameAndAuthorities(response.getUser(), authorities); }
Example #13
Source File: From jenkins-datadog-plugin with MIT License | 5 votes |
@Override protected void authenticated(@Nonnull UserDetails details) { try { final boolean emitSystemEvents = DatadogUtilities.getDatadogGlobalDescriptor().isEmitSecurityEvents(); if (!emitSystemEvents) { return; } logger.fine("Start DatadogSecurityListener#authenticated"); // Get Datadog Client Instance DatadogClient client = ClientFactory.getClient(); // Get the list of global tags to apply Map<String, Set<String>> tags = DatadogUtilities.getTagsFromGlobalTags(); // Send event DatadogEvent event = new UserAuthenticationEventImpl(details.getUsername(), UserAuthenticationEventImpl.LOGIN, tags); client.event(event); // Submit counter String hostname = DatadogUtilities.getHostname("null"); client.incrementCounter("jenkins.user.authenticated", hostname, tags); logger.fine("End DatadogSecurityListener#authenticated"); } catch (Exception e) { logger.warning("Unexpected exception occurred - " + e.getMessage()); } }
Example #14
Source File: From jenkins-test-harness with MIT License | 5 votes |
@Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>(); auths.add(AUTHENTICATED_AUTHORITY); Set<String> groups = groupsByUser.get(username); if (groups != null) { for (String g : groups) { auths.add(new GrantedAuthorityImpl(g)); } } return new org.acegisecurity.userdetails.User(username,"",true,true,true,true, auths.toArray(new GrantedAuthority[0])); }
Example #15
Source File: From oic-auth-plugin with MIT License | 5 votes |
@Override public SecurityComponents createSecurityComponents() { return new SecurityComponents( new AuthenticationManager() { public Authentication authenticate(Authentication authentication) throws AuthenticationException { if (authentication instanceof AnonymousAuthenticationToken) return authentication; throw new BadCredentialsException("Unexpected authentication type: " + authentication); } }, new UserDetailsService() { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { // Retrieve the OicUserProperty to get the list of groups that has to be set in the OicUserDetails object. LOGGER.fine("loadUserByUsername in createSecurityComponents called, username: " + username); User u = User.get(username, false, Collections.emptyMap()); if (u == null) { LOGGER.fine("loadUserByUsername in createSecurityComponents called, no user '" + username + "' found"); throw new UsernameNotFoundException(username); } LOGGER.fine("loadUserByUsername in createSecurityComponents called, user: " + u); List<UserProperty> props = u.getAllProperties(); LOGGER.fine("loadUserByUsername in createSecurityComponents called, number of props: " + props.size()); GrantedAuthority[] auths = new GrantedAuthority[0]; for (UserProperty prop: props) { LOGGER.fine("loadUserByUsername in createSecurityComponents called, prop of type: " + prop.getClass().toString()); if (prop instanceof OicUserProperty) { OicUserProperty oicProp = (OicUserProperty) prop; LOGGER.fine("loadUserByUsername in createSecurityComponents called, oic prop found with username: " + oicProp.getUserName()); auths = oicProp.getAuthoritiesAsGrantedAuthorities(); LOGGER.fine("loadUserByUsername in createSecurityComponents called, oic prop with auths size: " + auths.length); } } return new OicUserDetails(username, auths); } } ); }
Example #16
Source File: From gitlab-oauth-plugin with MIT License | 5 votes |
@Override public SecurityComponents createSecurityComponents() { return new SecurityComponents(new AuthenticationManager() { @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { if (authentication instanceof GitLabAuthenticationToken) { return authentication; } if (authentication instanceof UsernamePasswordAuthenticationToken) { try { UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication; GitLabAuthenticationToken gitlab = new GitLabAuthenticationToken(token.getCredentials().toString(), getGitlabApiUri(), TokenType.PRIVATE_TOKEN); SecurityContextHolder.getContext().setAuthentication(gitlab); return gitlab; } catch (IOException e) { throw new RuntimeException(e); } } throw new BadCredentialsException("Unexpected authentication type: " + authentication); } }, new UserDetailsService() { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { return GitLabSecurityRealm.this.loadUserByUsername(username); } }); }
Example #17
Source File: From blueocean-plugin with MIT License | 5 votes |
@Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>(); auths.add(AUTHENTICATED_AUTHORITY); Set<String> groups = groupsByUser.get(username); if (groups != null) { for (String g : groups) { auths.add(new GrantedAuthorityImpl(g)); } } return new org.acegisecurity.userdetails.User(username,"",true,true,true,true, auths.toArray(new GrantedAuthority[auths.size()])); }
Example #18
Source File: From blueocean-plugin with MIT License | 5 votes |
public JwtAuthentication(String subject) { User user = User.get(subject, false, Collections.emptyMap()); if (user == null) { throw new ServiceException.UnauthorizedException("Invalid JWT token: subject " + subject + " not found"); } //TODO: UserDetails call is expensive, encode it in token and create UserDetails from it UserDetails d = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(user.getId()); this.grantedAuthorities = d.getAuthorities(); = subject; super.setAuthenticated(true); }
Example #19
Source File: From jenkins-test-harness with MIT License | 4 votes |
@Override protected UserDetails authenticate(String username, String password) throws AuthenticationException { if (username.equals(password)) return loadUserByUsername(username); throw new BadCredentialsException(username); }
Example #20
Source File: From subsonic with GNU General Public License v3.0 | 4 votes |
public GrantedAuthority[] getGrantedAuthorities(LdapUserDetails userDetails) throws LdapDataAccessException { UserDetails details = userDetailsService.loadUserByUsername(userDetails.getUsername()); return details.getAuthorities(); }
Example #21
Source File: From blueocean-plugin with MIT License | 4 votes |
@Override protected UserDetails authenticate(String username, String password) throws AuthenticationException { if (username.equals(password)) return loadUserByUsername(username); throw new BadCredentialsException(username); }
Example #22
Source File: From blueocean-plugin with MIT License | 4 votes |
protected User login(String userId, String fullName, String email) throws IOException { j.jenkins.setSecurityRealm(j.createDummySecurityRealm()); hudson.model.User bob = User.get(userId); bob.setFullName(fullName); if(email != null ) { bob.addProperty(new Mailer.UserProperty(email)); } UserDetails d = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(bob.getId()); SecurityContextHolder.getContext().setAuthentication(new PrincipalAcegiUserToken(bob.getId(),bob.getId(),bob.getId(), d.getAuthorities(), bob.getId())); return bob; }
Example #23
Source File: From blueocean-plugin with MIT License | 4 votes |
@Test public void testPermissionOfOtherUser() throws IOException { j.jenkins.setSecurityRealm(j.createDummySecurityRealm()); hudson.model.User alice = User.get("alice"); alice.setFullName("Alice Cooper"); alice.addProperty(new Mailer.UserProperty("")); hudson.model.User bob = User.get("bob"); bob.setFullName("Bob Cooper"); bob.addProperty(new Mailer.UserProperty("")); UserDetails d = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(bob.getId()); SecurityContextHolder.getContext().setAuthentication(new PrincipalAcegiUserToken(bob.getId(),bob.getId(),bob.getId(), d.getAuthorities(), bob.getId())); Assert.assertNull(new UserImpl(Iterables.getFirst(OrganizationFactory.getInstance().list(), null), alice).getPermission()); }
Example #24
Source File: From blueocean-plugin with MIT License | 3 votes |
protected User login(String userId, String fullName, String email) throws IOException { j.jenkins.setSecurityRealm(j.createDummySecurityRealm()); hudson.model.User bob = User.get(userId); bob.setFullName(fullName); bob.addProperty(new Mailer.UserProperty(email)); UserDetails d = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(bob.getId()); SecurityContextHolder.getContext().setAuthentication(new PrincipalAcegiUserToken(bob.getId(),bob.getId(),bob.getId(), d.getAuthorities(), bob.getId())); return bob; }
Example #25
Source File: From rice with Educational Community License v2.0 | 2 votes |
/** * Obtains the granted authorities for the specified user.<P>May throw any * <code>AuthenticationException</code> or return <code>null</code> if the authorities are unavailable.</p> * * @param casUserId as obtained from the CAS validation service * * @return the details of the indicated user (at minimum the granted authorities and the username) * * @throws AuthenticationException DOCUMENT ME! */ UserDetails getUserDetails(KualiTicketResponse response) throws AuthenticationException;
Example #26
Source File: From rice with Educational Community License v2.0 | 2 votes |
/** * Locates the user based on the response. In the actual implementation, the search may possibly be case * insensitive, or case insensitive depending on how the implementaion instance is configured. In this case, the * <code>UserDetails</code> object that comes back may have a username that is of a different case than what was * actually requested. Also populates the <code>Authentication Source</code> as a <code>GrantedAuthority</code> * * @param response the reponse from the TicketValidator presented to the {@link DaoAuthenticationProvider} * * @return a fully populated user record (never <code>null</code>) * * @throws UsernameNotFoundException if the user could not be found or the user has no GrantedAuthority * @throws DataAccessException if user could not be found for a repository-specific reason */ UserDetails loadUserByTicketResponse(KualiTicketResponse response) throws UsernameNotFoundException, DataAccessException;