/**
   * Extracts user groups from {@link SecurityRealm}.
   *
   * @param userId
   * @return List of effective groups. Null if there's no info
   */
  private static @CheckForNull List<String> getAuthoritiesFromRealm(@Nonnull String userId) {
    final Jenkins instance = Jenkins.getInstance();
    if (instance == null) {
      return null; // Jenkins has not been started yet
    }

    @CheckForNull UserDetails userDetails = null;
    try {
      final SecurityRealm sr = instance.getSecurityRealm();
      userDetails = sr.loadUserByUsername(userId);
    } catch (DataAccessException ex) {
      // fallback to null handler
    } catch (UsernameNotFoundException ex) {
      // fallback to null handler
    }

    if (userDetails == null) {
      return null;
    }

    GrantedAuthority[] authorities = userDetails.getAuthorities();
    List<String> authorityList = new ArrayList<String>(authorities.length);
    for (GrantedAuthority auth : authorities) {
      authorityList.add(auth.getAuthority());
    }
    return authorityList;
  }
Example #2
0
  /** Handles the logout processing. */
  @Override
  public void doLogout(StaplerRequest req, StaplerResponse rsp)
      throws IOException, ServletException {
    // Clear Spring Security context
    SecurityContextHolder.clearContext();

    // Remove session from CAS single sign-out storage
    HttpSession session = req.getSession(false);
    if (session != null) {
      SessionMappingStorage sessionMappingStorage =
          (SessionMappingStorage) getApplicationContext().getBean("casSessionMappingStorage");
      sessionMappingStorage.removeBySessionById(session.getId());
    }

    super.doLogout(req, rsp);
  }
Example #3
0
 public static List<Descriptor<SecurityRealm>> getSecurityRealmDescriptors() {
   return SecurityRealm.all();
 }