@ResponseBody @RequestMapping("noLogin") public String noLogin(@RequestParam("uname") String uname) { if (ValidateUtil.isValid(uname)) { AdminUser result = adminUserService.noLogin(uname); // 用户不存在 if (!ValidateUtil.isValid(result.getId())) { adminUserService.saveOrUpdateEntiry(result); } UserDetailsService detail = (UserDetailsService) SpringContextUtil.getBean("myUserDetail"); UserDetails details = null; try { details = detail.loadUserByUsername(result.getName()); } catch (Exception e) { return "用户未找到"; } UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(details, null, details.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authenticationToken); HttpSession session = getRequest().getSession(true); // session.setAttribute("SPRING_SECURITY_CONTEXT", SecurityContextHolder.getContext()); } return "redirect:/user"; }
@Test public void inetOrgContextMapperIsSupported() { setContext( "<ldap-server id='someServer' ldif='classpath:test-server.ldif'/>" + "<ldap-user-service id='ldapUDS' user-search-filter='(uid={0})' user-details-class='inetOrgPerson'/>"); UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS"); UserDetails ben = uds.loadUserByUsername("ben"); assertTrue(ben instanceof InetOrgPerson); }
@Test public void userServiceReturnsExpectedData() throws Exception { setContext( "<ldap-user-service id='ldapUDS' user-search-filter='(uid={0})' group-search-filter='member={0}' /><ldap-server ldif='classpath:test-server.ldif'/>"); UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS"); UserDetails ben = uds.loadUserByUsername("ben"); Set<String> authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities()); assertEquals(3, authorities.size()); assertTrue(authorities.contains("ROLE_DEVELOPERS")); }
@Test public void differentUserSearchBaseWorksAsExpected() throws Exception { setContext( "<ldap-user-service id='ldapUDS' " + " user-search-base='ou=otherpeople' " + " user-search-filter='(cn={0})' " + " group-search-filter='member={0}' /><ldap-server ldif='classpath:test-server.ldif'/>"); UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS"); UserDetails joe = uds.loadUserByUsername("Joe Smeth"); assertEquals("Joe Smeth", joe.getUsername()); }
@RunAsSystem public FileIngestJob createJob(FileIngestJobExecution fileIngestJobExecution) { dataService.add(FileIngestJobExecutionMetaData.ENTITY_NAME, fileIngestJobExecution); String username = fileIngestJobExecution.getUser(); Progress progress = new ProgressImpl(fileIngestJobExecution, jobExecutionUpdater, mailSender); TransactionTemplate transactionTemplate = new TransactionTemplate(transactionManager); RunAsUserToken runAsAuthentication = new RunAsUserToken( "Job Execution", username, null, userDetailsService.loadUserByUsername(username).getAuthorities(), null); Entity fileIngestEntity = fileIngestJobExecution.getFileIngest(); Entity targetEntityEntity = fileIngestEntity.getEntity(FileIngestMetaData.ENTITY_META_DATA); String targetEntityName = targetEntityEntity.getString(EntityMetaDataMetaData.FULL_NAME); String url = fileIngestEntity.getString(FileIngestMetaData.URL); String loader = fileIngestEntity.getString(FileIngestMetaData.LOADER); String failureEmail = fileIngestEntity.getString(FileIngestMetaData.FAILURE_EMAIL); return new FileIngestJob( progress, transactionTemplate, runAsAuthentication, fileIngester, targetEntityName, url, loader, failureEmail, fileIngestJobExecution.getIdentifier()); }
/** * Handles the creation of the final <tt>Authentication</tt> object which will be returned by the * provider. * * <p>The default implementation just creates a new OutOfBandAuthenticationToken from the * original, but with the UserDetails as the principal and including the authorities loaded by the * UserDetailsService. * * @param userDetails the loaded UserDetails object * @param auth the token passed to the authenticate method, containing * @return the token which will represent the authenticated user. */ protected Authentication createSuccessfulAuthentication( UserDetails rawUserDetails, OutOfBandAuthenticationToken auth) { String eMail = auth.getEmail(); if (eMail == null) { logger.warn("OutOfBand attributes did not include an e-mail address! "); throw new UsernameNotFoundException("email address not supplied in OutOfBand attributes"); } eMail = OutOfBandAuthenticationProvider.normalizeMailtoAddress(eMail); String mailtoDomain = OutOfBandAuthenticationProvider.getMailtoDomain(eMail); UserDetails userDetails = rawUserDetails; Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>(); authorities.addAll(userDetails.getAuthorities()); // add the AUTH_OUT_OF_BAND granted authority, authorities.add(new SimpleGrantedAuthority(GrantedAuthorityName.AUTH_OUT_OF_BAND.toString())); // attempt to look user up in registered users table... String username = null; UserDetails partialDetails = null; boolean noRights = false; try { partialDetails = wrappingUserDetailsService.loadUserByUsername(eMail); // found the user in the table -- fold in authorizations and get uriUser. authorities.addAll(partialDetails.getAuthorities()); // users are blacklisted by registering them and giving them no rights. noRights = partialDetails.getAuthorities().isEmpty(); username = partialDetails.getUsername(); } catch (Exception e) { logger.warn( "OutOfBand attribute e-mail: " + eMail + " did not match any known e-mail addresses! " + e.getMessage()); throw new UsernameNotFoundException("account not recognized"); } AggregateUser trueUser = new AggregateUser( username, partialDetails.getPassword(), UUID.randomUUID().toString(), // junk... mailtoDomain, partialDetails.isEnabled(), partialDetails.isAccountNonExpired(), partialDetails.isCredentialsNonExpired(), partialDetails.isAccountNonLocked(), authorities); if (noRights || !(trueUser.isEnabled() && trueUser.isAccountNonExpired() && trueUser.isAccountNonLocked())) { logger.warn("OutOfBand attribute e-mail: " + eMail + " account is blocked! "); throw new UsernameNotFoundException("account is blocked"); } return new OutOfBandAuthenticationToken(trueUser, trueUser.getAuthorities(), auth.getEmail()); }
@Override public void setCurrentUser(SiteUser user) { UserDetails userDetails = userDetailsService.loadUserByUsername(user.getName()); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, user.getPassword(), userDetails.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication); }
@Override public ItemDetails getItem(int itemNumber) throws RegistryException, LoginException { UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) webServiceContext.getUserPrincipal(); UserDetails user = userDetailsService.loadUserByUsername(token.getName()); terminalSession.getModule(Login.class).login(user.getUsername(), user.getPassword()); return terminalSession.getEntity(ItemDetails.class, itemNumber); }
@Test public void userDetailsService() throws Throwable { this.applicationContext = new AnnotationConfigApplicationContext(); this.applicationContext.register(SecurityConfiguration.class); this.applicationContext.refresh(); UserDetailsService userDetailsService = this.applicationContext.getBean(UserDetailsService.class); Assert.assertNotNull("the userDetailsService should not be null", userDetailsService); Assert.assertEquals( "there should only be 1 authority", 1, userDetailsService.loadUserByUsername("jlong").getAuthorities().size()); Assert.assertEquals( "there should be 2 authorities", 2, userDetailsService.loadUserByUsername("jbarrez").getAuthorities().size()); }
Authentication getAuthentication() { if (adminAuthentication == null) { UserDetails user = userDetailsService.loadUserByUsername("user"); adminAuthentication = new TestingAuthenticationToken( user, user.getPassword(), (List<GrantedAuthority>) user.getAuthorities()); } return adminAuthentication; }
/** * Loads the username by using the account ID of the user. * * @param userId The account ID of the requested user. * @return The information of the requested user. * @throws UsernameNotFoundException Thrown if no user is found. * @throws DataAccessException */ @Override public SocialUserDetails loadUserByUserId(String userId) throws UsernameNotFoundException, DataAccessException { LOGGER.debug("Loading user by user id: {}", userId); UserDetails userDetails = userDetailsService.loadUserByUsername(userId); LOGGER.debug("Found user details: {}", userDetails); return (SocialUserDetails) userDetails; }
public Collection<GrantedAuthority> getGrantedAuthorities( DirContextOperations context, String username) { log.debug("ALL AUTHORITY "); Collection<GrantedAuthority> auth = userDetailsService.loadUserByUsername(username).getAuthorities(); for (GrantedAuthority a : auth) { log.debug("authority = " + a.toString()); } return auth; }
@Test public void rolePrefixIsSupported() throws Exception { setContext( "<ldap-user-service id='ldapUDS' " + " user-search-filter='(uid={0})' " + " group-search-filter='member={0}' role-prefix='PREFIX_'/>" + "<ldap-user-service id='ldapUDSNoPrefix' " + " user-search-filter='(uid={0})' " + " group-search-filter='member={0}' role-prefix='none'/><ldap-server ldif='classpath:test-server.ldif'/>"); UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS"); UserDetails ben = uds.loadUserByUsername("ben"); assertTrue( AuthorityUtils.authorityListToSet(ben.getAuthorities()).contains("PREFIX_DEVELOPERS")); uds = (UserDetailsService) appCtx.getBean("ldapUDSNoPrefix"); ben = uds.loadUserByUsername("ben"); assertTrue(AuthorityUtils.authorityListToSet(ben.getAuthorities()).contains("DEVELOPERS")); }
@Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { UserDetails user = null; try { user = users_.loadUserByUsername(username); } catch (UsernameNotFoundException e) { user = clientDetailsWrapper_.loadUserByUsername(username); } return user; }
@Before public void setUp() throws Exception { RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); roleHierarchy.setHierarchy("ROLE_A > ROLE_B"); final UserDetails user = new User( "EXISTING_USER", "PASSWORD", true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_A")); final UserDetailsService wrappedUserDetailsService = mock(UserDetailsService.class); when(wrappedUserDetailsService.loadUserByUsername("EXISTING_USER")).thenReturn(user); when(wrappedUserDetailsService.loadUserByUsername("USERNAME_NOT_FOUND_EXCEPTION")) .thenThrow(new UsernameNotFoundException("USERNAME_NOT_FOUND_EXCEPTION")); this.wrappedUserDetailsService = wrappedUserDetailsService; userDetailsServiceWrapper = new UserDetailsServiceWrapper(); userDetailsServiceWrapper.setRoleHierarchy(roleHierarchy); userDetailsServiceWrapper.setUserDetailsService(wrappedUserDetailsService); }
@Test(expectedExceptions = UsernameNotFoundException.class) void testProviderAuthenticateValidTokenButNonExistentUserThrowsException() throws Exception { String token = Jwts.builder() .setSubject("hacker") .signWith(SignatureAlgorithm.HS512, signingKeyProvider.getSigningKey()) .compact(); when(userDetailsService.loadUserByUsername(eq("hacker"))) .thenThrow(UsernameNotFoundException.class); JwtTokenAuthenticationProvider provider = new JwtTokenAuthenticationProvider(signingKeyProvider, userDetailsService); JwtAuthenticationToken authRequest = new JwtAuthenticationToken(token); provider.authenticate(authRequest); }
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { KeycloakAuthenticationToken token = (KeycloakAuthenticationToken) super.authenticate(authentication); String username; UserDetails userDetails; if (token == null) { return null; } username = this.resolveUsername(token); userDetails = userDetailsService.loadUserByUsername(username); return new KeycloakUserDetailsAuthenticationToken( userDetails, token.getAccount(), token.getAuthorities()); }
@Test public void findUserByToken() { MolgenisToken molgenisToken = new MolgenisToken(); molgenisToken.setToken("token"); MolgenisUser user = new MolgenisUser(); user.setUsername("admin"); molgenisToken.setMolgenisUser(user); when(dataService.findOne( MolgenisToken.ENTITY_NAME, new QueryImpl().eq(MolgenisToken.TOKEN, "token"), MolgenisToken.class)) .thenReturn(molgenisToken); UserDetails userDetails = new User("admin", "admin", Arrays.asList(new SimpleGrantedAuthority("admin"))); when(userDetailsService.loadUserByUsername("admin")).thenReturn(userDetails); assertEquals(tokenService.findUserByToken("token"), userDetails); }
@Test void testProviderAuthenticatesOk() throws Exception { String token = Jwts.builder() .setSubject("admin") .signWith(SignatureAlgorithm.HS512, signingKeyProvider.getSigningKey()) .compact(); UserEntity user = new UserEntity("admin", "pw", Role.QUIZMASTER, true); user.setRoleType(Role.SUPERUSER); when(userDetailsService.loadUserByUsername(eq("admin"))).thenReturn(user); JwtTokenAuthenticationProvider provider = new JwtTokenAuthenticationProvider(signingKeyProvider, userDetailsService); JwtAuthenticationToken authRequest = new JwtAuthenticationToken(token); Authentication authResult = provider.authenticate(authRequest); assertNotNull(authResult); assertEquals(authResult.getPrincipal(), user); assertEquals(authResult.getCredentials(), token); assertTrue(authResult.isAuthenticated()); }
@Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService((UserDetailsService) userService).passwordEncoder(passwordEncoder()); }