示例#1
0
  private Authentication fresh(Authentication authentication, ServletRequest req) {
    HttpServletRequest request = (HttpServletRequest) req;

    HttpSession session = request.getSession(false);

    if (session != null) {
      SessionRegistry sessionRegistry =
          (SessionRegistry) SpringBeanUtil.getBeanByName("sessionRegistry");
      SessionInformation info = sessionRegistry.getSessionInformation(session.getId());

      if (info != null) {
        // Non-expired - update last request date/time
        Object principal = info.getPrincipal();
        if (principal instanceof org.springframework.security.core.userdetails.User) {
          org.springframework.security.core.userdetails.User userRefresh =
              (org.springframework.security.core.userdetails.User) principal;
          ServletContext sc = session.getServletContext();
          HashSet<String> unrgas = springSecurityService.getUsersNeedRefreshGrantedAuthorities();
          if (unrgas.size() > 0) {
            HashSet<String> loginedUsernames = new HashSet<String>();

            List<Object> loggedUsers = sessionRegistry.getAllPrincipals();
            for (Object lUser : loggedUsers) {
              if (lUser instanceof org.springframework.security.core.userdetails.User) {
                org.springframework.security.core.userdetails.User u =
                    (org.springframework.security.core.userdetails.User) lUser;
                loginedUsernames.add(u.getUsername());
              }
            }
            // 清除已经下线的但需要刷新的username
            for (Iterator iterator = unrgas.iterator(); iterator.hasNext(); ) {
              String unrgs = (String) iterator.next();
              if (!loginedUsernames.contains(unrgs)) {
                iterator.remove();
              }
            }
            if (unrgas.contains(userRefresh.getUsername())) {
              // 如果需要刷新权限的列表中有当前的用户,刷新登录用户权限
              // FIXME:与springSecurityServiceImpl中的功能,相重复,需重构此方法和springSecurityServiceImpl
              MyJdbcUserDetailsManager mdudm =
                  (MyJdbcUserDetailsManager)
                      SpringBeanUtil.getBeanByType(MyJdbcUserDetailsManager.class);
              SecurityContextHolder.getContext()
                  .setAuthentication(
                      new UsernamePasswordAuthenticationToken(
                          userRefresh,
                          userRefresh.getPassword(),
                          mdudm.getUserAuthorities(userRefresh.getUsername())));
              session.setAttribute(
                  HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
                  SecurityContextHolder.getContext());
              unrgas.remove(userRefresh.getUsername());
              return SecurityContextHolder.getContext().getAuthentication();
            }
          }
        }
      }
    }
    return authentication;
  }
 @RequestMapping(value = "/home/luis", method = RequestMethod.GET)
 public String luis(Model model) {
   Util.loginUsuario("*****@*****.**", "garbage1");
   User user = Util.getUserLogged();
   model.addAttribute("usuario", user.getUsername());
   model.addAttribute("password", user.getPassword());
   return "home";
 }
  /** Simply selects the home view to render by returning its name. */
  @RequestMapping(value = "/home/client", method = RequestMethod.GET)
  public String home(Locale locale, Model model) {

    Date date = new Date();
    DateFormat dateFormat =
        DateFormat.getDateTimeInstance(DateFormat.LONG, DateFormat.LONG, locale);

    String formattedDate = dateFormat.format(date);

    User user = Util.getUserLogged();

    logger.info("usuario " + user.getUsername());
    logger.info("password " + user.getPassword());

    model.addAttribute("usuario", user.getUsername());
    model.addAttribute("password", user.getPassword());
    model.addAttribute("serverTime", formattedDate);

    return "home";
  }
 /**
  * Turns the users password, granted authorities and enabled state into a property file value
  *
  * @param user
  * @return
  */
 String serializeUser(User user) {
   StringBuffer sb = new StringBuffer();
   sb.append(user.getPassword());
   sb.append(",");
   for (GrantedAuthority ga : user.getAuthorities()) {
     sb.append(ga.getAuthority());
     sb.append(",");
   }
   sb.append(user.isEnabled() ? "enabled" : "disabled");
   return sb.toString();
 }
 /**
  * Login a user manually/programmatically.
  *
  * @param user the user' object
  */
 @Transactional
 public void login(User user) {
   org.springframework.security.core.userdetails.User authUser =
       new org.springframework.security.core.userdetails.User(
           user.getUsername(),
           user.getPassword(),
           AuthorityUtils.createAuthorityList("ROLE_USER"));
   Authentication auth =
       new UsernamePasswordAuthenticationToken(
           authUser, authUser.getPassword(), authUser.getAuthorities());
   SecurityContextHolder.getContext().setAuthentication(auth);
   LOGGER.info("Programmatically logged in user={}", user);
 }
示例#6
0
 public AppUser(
     final Office office,
     final User user,
     final Set<Role> roles,
     final String email,
     final String firstname,
     final String lastname) {
   this.office = office;
   this.email = email.trim();
   this.username = user.getUsername().trim();
   this.firstname = firstname.trim();
   this.lastname = lastname.trim();
   this.password = user.getPassword().trim();
   this.accountNonExpired = user.isAccountNonExpired();
   this.accountNonLocked = user.isAccountNonLocked();
   this.credentialsNonExpired = user.isCredentialsNonExpired();
   this.enabled = user.isEnabled();
   this.roles = roles;
   this.firstTimeLoginRemaining = true;
 }
 public AuthenticationUserDetails(User user) {
   this.login = user.getUsername();
   this.passwordHash = user.getPassword();
   this.enabled = user.isEnabled();
   this.grantedAuthorities.addAll(user.getAuthorities());
 }