org.eclipse.jetty.security.UserAuthentication Java Examples
The following examples show how to use
org.eclipse.jetty.security.UserAuthentication.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CustomAuthHttpServerTest.java From calcite-avatica with Apache License 2.0 | 6 votes |
@Override public RemoteUserExtractor getRemoteUserExtractor() { return new RemoteUserExtractor() { @Override public String extract(HttpServletRequest request) throws RemoteUserExtractionException { methodCallCounter3++; if (request instanceof Request) { Authentication authentication = ((Request) request).getAuthentication(); if (authentication instanceof UserAuthentication) { UserIdentity userIdentity = ((UserAuthentication) authentication).getUserIdentity(); return userIdentity.getUserPrincipal().getName(); } } throw new RemoteUserExtractionException("Request doesn't contain user credentials."); } }; }
Example #2
Source File: AuthenticationResourceFilter.java From emodb with Apache License 2.0 | 6 votes |
/** * Certain aspects of the container, such as logging, need the authentication information to behave properly. * This method updates the request with the necessary objects to recognize the authenticated user. */ private void setJettyAuthentication(Subject subject) { // In unit test environments there may not be a current connection. If any nulls are encountered // then, by definition, there is no container to update. HttpConnection connection = HttpConnection.getCurrentConnection(); if (connection == null) { return; } Request jettyRequest = connection.getHttpChannel().getRequest(); if (jettyRequest == null) { return; } // This cast down is safe; subject is always created with this type of principal PrincipalWithRoles principal = (PrincipalWithRoles) subject.getPrincipal(); UserIdentity identity = principal.toUserIdentity(); jettyRequest.setAuthentication(new UserAuthentication(SecurityContext.BASIC_AUTH, identity)); }
Example #3
Source File: JettyTokenAuthenticator.java From cloud-security-xsuaa-integration with Apache License 2.0 | 5 votes |
private Authentication createAuthentication(TokenAuthenticationResult tokenAuthentication) { Principal principal = tokenAuthentication.getPrincipal(); Set<Principal> principals = new HashSet<>(); principals.add(principal); Subject subject = new Subject(true, principals, new HashSet<>(), new HashSet<>()); String[] scopes = tokenAuthentication.getScopes().toArray(new String[0]); return new UserAuthentication(getAuthMethod(), new DefaultUserIdentity(subject, principal, scopes)); }
Example #4
Source File: JettyTokenAuthenticator.java From cloud-security-xsuaa-integration with Apache License 2.0 | 5 votes |
private Authentication createAuthentication(TokenAuthenticationResult tokenAuthentication) { Principal principal = tokenAuthentication.getPrincipal(); Set<Principal> principals = new HashSet<>(); principals.add(principal); Subject subject = new Subject(true, principals, new HashSet<>(), new HashSet<>()); String[] scopes = tokenAuthentication.getScopes().toArray(new String[0]); return new UserAuthentication(getAuthMethod(), new DefaultUserIdentity(subject, principal, scopes)); }
Example #5
Source File: JwtAuthenticatorTest.java From cruise-control with BSD 2-Clause "Simplified" License | 5 votes |
@Test public void testSuccessfulLogin() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[]{USER_ROLE}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER); JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null); Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class); expect(configuration.getLoginService()).andReturn(loginService); expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService()); expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true); Request request = niceMock(Request.class); expect(request.getMethod()).andReturn(HttpMethod.GET.asString()); expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null); request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token()); expectLastCall().andVoid(); expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys.token())}); expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token()); HttpServletResponse response = mock(HttpServletResponse.class); replay(configuration, request, response); JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN); authenticator.setConfiguration(configuration); UserAuthentication authentication = (UserAuthentication) authenticator.validateRequest(request, response, true); verify(configuration, request, response); assertNotNull(authentication); assertTrue(authentication.getUserIdentity().getUserPrincipal() instanceof JwtUserPrincipal); JwtUserPrincipal userPrincipal = (JwtUserPrincipal) authentication.getUserIdentity().getUserPrincipal(); assertEquals(TEST_USER, userPrincipal.getName()); assertEquals(tokenAndKeys.token(), userPrincipal.getSerializedToken()); }
Example #6
Source File: SpnegoTestUtil.java From calcite-avatica with Apache License 2.0 | 5 votes |
@Override public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { Authentication auth = baseRequest.getAuthentication(); if (Authentication.UNAUTHENTICATED == auth) { throw new AssertionError("Unauthenticated users should not reach here!"); } baseRequest.setHandled(true); UserAuthentication userAuth = (UserAuthentication) auth; UserIdentity userIdentity = userAuth.getUserIdentity(); Principal userPrincipal = userIdentity.getUserPrincipal(); response.getWriter().print("OK " + userPrincipal.getName()); response.setStatus(200); }