private void loginUser(Authentication authentication) { if (authentication == null) return; if (!(authentication.getPrincipal() instanceof Person)) return; Person person = (Person) authentication.getPrincipal(); String username = person.getUsername(); String name = person.getName(); if (authentication.getDetails() instanceof WebAuthenticationDetails) { WebAuthenticationDetails details = (WebAuthenticationDetails) authentication.getDetails(); String ip = details.getRemoteAddress(); String sessionId = details.getSessionId(); if (onLineManager.getOnlineUser(sessionId) != null) return; onLineManager.loginUser(ip, sessionId, person); logManager.log(username, name, ip, "登录系统", ""); if (logger.isDebugEnabled()) logger.debug( "用户 {}[{}] 登录系统,登录IP:{},session:{}", new Object[] {name, username, ip, sessionId}); } }
@Override public UserProfile getUser(Authentication authentication) { Object userName = authentication.getPrincipal(); String login; User auth = null; if (userName instanceof String) login = (String) userName; else { login = ((User) authentication.getPrincipal()).getUsername(); auth = (User) authentication.getPrincipal(); } UserProfile userProfile = new UserProfile(); userProfile.setUserId(login); userProfile.setStatus("ENABLED"); if (auth != null && !auth.getAuthorities().isEmpty()) { for (GrantedAuthority grantedAuthority : auth.getAuthorities()) { userProfile.addUserRole(grantedAuthority.getAuthority()); } } if (auth != null) { SystemUser sysUser = systemUserService.findByLogin(login); if (sysUser != null) { userProfile.setApiKey(sysUser.getApiKey()); userProfile.setCompany(sysUser.getCompany().getName()); } } return userProfile; }
@RequestMapping(produces = "text/html") public String index(ModelMap model, HttpServletRequest request, HttpServletResponse response) { User usr = getCurrentUser(); HttpSession session = request.getSession(); if (usr != null) { model.addAttribute("user", usr); model.addAttribute("team", usr.team); model.addAttribute("username", usr.getUsername()); session.setAttribute("user", usr); session.setAttribute("team", usr.team); session.setAttribute("username", usr.getUsername()); } else { Authentication auth = getCurrentAuthentication(); model.addAttribute("username", auth.getPrincipal().toString()); session.setAttribute("username", auth.getPrincipal().toString()); } if (hasRole("ROLE_ADMIN")) { model.addAttribute("ROLE", "ROLE_ADMIN"); session.setAttribute("ROLE", "ROLE_ADMIN"); } else if (hasRole("ROLE_USER")) { model.addAttribute("ROLE", "ROLE_USER"); session.setAttribute("ROLE", "ROLE_USER"); } else { model.addAttribute("ROLE", "ROLE_VIEW"); session.setAttribute("ROLE", "ROLE_VIEW"); } return "index"; }
private StatusResponse createResponse( Authentication auth, HashMap<String, Connection<?>> connections, HttpSession session) { StatusResponse result = new StatusResponse(); result.getConnections().clear(); if (auth != null && auth.getPrincipal() != null && auth.getPrincipal() instanceof UserProfile) { UserProfile user = currentUser(); result.setLogged(true); result.setProfile(user); result.setToken((String) session.getAttribute("nquire-it-token")); for (Map.Entry<String, Connection<?>> entry : connections.entrySet()) { if (entry.getValue() != null) { StatusConnectionResponse scr = new StatusConnectionResponse(); scr.setProvider(entry.getKey()); scr.setProviderProfileUrl(entry.getValue().getProfileUrl()); result.getConnections().put(entry.getKey(), scr); } } } else { result.setLogged(false); result.setProfile(null); } return result; }
@Override public Authentication authenticate(final Authentication authentication) throws AuthenticationException { Optional<User> u = Optional.absent(); u = userManager.getInternalUser(authentication.getPrincipal().toString()); if (!u.isPresent()) { throw new UsernameNotFoundException( "user not found: " + authentication.getPrincipal().toString()); } boolean b = userManager.authenticate( authentication.getPrincipal().toString(), authentication.getCredentials().toString()); if (!b) { throw new BadCredentialsException("invalid credentials"); } List<GrantedAuthority> gaList = Lists.newArrayList(); for (String role : u.get().getRoles()) { GrantedAuthority ga = new SimpleGrantedAuthority(role); gaList.add(ga); } UsernamePasswordAuthenticationToken upt = new UsernamePasswordAuthenticationToken( authentication.getPrincipal().toString(), authentication.getCredentials().toString(), gaList); return upt; }
@Override public boolean hasPermission( Authentication authentication, Object targetDomainObject, Object permission) { if (targetDomainObject != null) { if (targetDomainObject instanceof UserAuthorizationRequest) { return ((UserAuthorizationRequest) targetDomainObject) .isLoggedIn(permission, authentication); } if (targetDomainObject instanceof UserKnowsPasswordAuthorizationRequest) { return ((UserKnowsPasswordAuthorizationRequest) targetDomainObject) .isLoggedInAndKnowsPassword(permission, authentication); } if (targetDomainObject instanceof AuthorizationRequest) { return ((AuthorizationRequest) targetDomainObject) .hasPermission(permission, authentication); } if (targetDomainObject instanceof UserSecurityResponseForResetPasswordRequest && permission instanceof ResetPasswordRequest) { return ((UserSecurityResponseForResetPasswordRequest) targetDomainObject) .isSecurityResponseValid((ResetPasswordRequest) permission); } if (targetDomainObject instanceof IpRangeActivationAuthorizationRequest && authentication.getDetails() instanceof HttpProxyAwareAuthenticationDetails) { return ((IpRangeActivationAuthorizationRequest) targetDomainObject) .withinClientAllowedRange( permission.toString(), (HttpProxyAwareAuthenticationDetails) authentication.getDetails()); } if (targetDomainObject instanceof IpRangeResetAuthorizationRequest && authentication.getDetails() instanceof HttpProxyAwareAuthenticationDetails) { return ((IpRangeResetAuthorizationRequest) targetDomainObject) .withinClientAllowedRange( permission.toString(), (HttpProxyAwareAuthenticationDetails) authentication.getDetails()); } if (targetDomainObject instanceof IpRangeValidateEmailAuthorizationRequest && authentication.getDetails() instanceof HttpProxyAwareAuthenticationDetails) { return ((IpRangeValidateEmailAuthorizationRequest) targetDomainObject) .withinClientAllowedRange( permission.toString(), (HttpProxyAwareAuthenticationDetails) authentication.getDetails()); } if (targetDomainObject instanceof IpRangeAuthorizationRequest) { IpRangeAuthorizationRequest ipRangeAuthorizationRequest = (IpRangeAuthorizationRequest) targetDomainObject; if (authentication.getPrincipal() instanceof UserClient) { if (authentication.getDetails() instanceof HttpProxyAwareAuthenticationDetails) { return ipRangeAuthorizationRequest.withinClientAllowedRange( (UserClient) authentication.getPrincipal(), (HttpProxyAwareAuthenticationDetails) authentication.getDetails()); } else { // don't check ip unless the details are specific return true; } } } } return super.hasPermission(authentication, targetDomainObject, permission); }
/** * Return the current user, or throws an exception, if the user is not authenticated yet. * * @return the current user */ public static CustomUserDetails getCurrentUser() { SecurityContext securityContext = SecurityContextHolder.getContext(); Authentication authentication = securityContext.getAuthentication(); if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails) { return (CustomUserDetails) authentication.getPrincipal(); } throw new IllegalStateException("User not found!"); }
/** Retrieve the current UserDetails bound to the current thread by Spring Security, if any. */ public static UserDetails getUserDetails() { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if ((auth != null) && (auth.getPrincipal() instanceof UserDetails)) { return ((UserDetails) auth.getPrincipal()); } return null; }
/** * If the current user has a specific authority (security role). * * <p>The name of this method comes from the isUserInRole() method in the Servlet API */ public static boolean isUserInRole(String authority) { SecurityContext securityContext = SecurityContextHolder.getContext(); Authentication authentication = securityContext.getAuthentication(); if (authentication != null && authentication.getPrincipal() instanceof UserDetails) { UserDetails springSecurityUser = (UserDetails) authentication.getPrincipal(); return springSecurityUser.getAuthorities().contains(new SimpleGrantedAuthority(authority)); } return false; }
@Override public UserInfo getAuthenticatedUserInfo() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.getPrincipal() != null) { User user = (User) authentication.getPrincipal(); return userService.findByUsername(user.getUsername()); } return null; }
public User getCurrentUser() throws SQLException, NothingWasFoundException, NotLoggedInException { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth.getPrincipal().equals("anonymousUser")) { throw new NotLoggedInException("You are not logged in."); } return this.get((String) auth.getPrincipal()); }
@Override public User getCurrentSignedUser() { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth != null && auth.getPrincipal() instanceof User) { return (User) auth.getPrincipal(); } return null; }
/** * Return the current user, or throws an exception, if the user is not authenticated yet. * * @return the current user */ public static User getCurrentUser() { SecurityContext securityContext = SecurityContextHolder.getContext(); Authentication authentication = securityContext.getAuthentication(); if (authentication != null) { if (authentication.getPrincipal() instanceof User) { return (User) authentication.getPrincipal(); } } throw new IllegalStateException("User not found!"); }
/** {@inheritDoc} */ @Override public void attributeReplaced(HttpSessionBindingEvent event) { if (event.getName().equals(EVENT_KEY) && !isAnonymous()) { Authentication auth = ((SecurityContext) event.getValue()).getAuthentication(); if (auth != null && auth.getPrincipal() instanceof User) { addUser((User) auth.getPrincipal(), event.getSession().getServletContext()); } } }
@Override public boolean isLogin() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication.getPrincipal() instanceof String) { String principal = (String) authentication.getPrincipal(); if (principal.equals("anonymousUser")) { return false; } } return true; }
public String getCurrentUsername() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null || authentication.getPrincipal() instanceof String) { // Usuario anónimo return null; } UserDetails u = (UserDetails) (authentication == null ? null : authentication.getPrincipal()); if (u != null) { return u.getUsername(); } return null; }
private void init() { SecurityContext context = SecurityContextHolder.getContext(); if (context instanceof SecurityContext) { Authentication authentication = context.getAuthentication(); if (authentication instanceof Authentication) { if (!authentication.getPrincipal().equals("anonymousUser")) { this.setMatriculaUser(((User) authentication.getPrincipal()).getUsername()); logger.info("Login: " + this.getMatriculaUser()); } } } }
/** Get the login of the current user. */ public static String getCurrentUserLogin() { SecurityContext securityContext = SecurityContextHolder.getContext(); Authentication authentication = securityContext.getAuthentication(); String userName = null; if (authentication != null) { if (authentication.getPrincipal() instanceof UserDetails) { UserDetails springSecurityUser = (UserDetails) authentication.getPrincipal(); userName = springSecurityUser.getUsername(); } else if (authentication.getPrincipal() instanceof String) { userName = (String) authentication.getPrincipal(); } } return userName; }
/** * @param permission * @return * @throws AccessDeniedException */ public boolean hasPermission(String permission) throws AccessDeniedException { final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (!(authentication.getPrincipal() instanceof User)) { return false; } final User user = (User) authentication.getPrincipal(); for (Permissao systemRole : user.getProfile().getPermissaos()) { if (systemRole.getName().equals(permission)) { return true; } } return false; }
@RequestMapping( value = {"/pay_success_url"}, method = RequestMethod.POST) public void successURL( @RequestParam(value = "OutSum", required = true) String outSum, @RequestParam(value = "InvId", required = true) String invId, @RequestParam(value = "SignatureValue", required = true) String signatureValue, @RequestParam(value = "Culture", required = false) String culture) throws Exception { double _money = Double.parseDouble(outSum); long _id = Long.parseLong(invId); String md5String = md5SignatureValue(_money, _id, password2, ":Shp_item=" + shp_item); Authentication auth = SecurityContextHolder.getContext().getAuthentication(); UserDetails userDetail = (UserDetails) auth.getPrincipal(); Users u = userService.getRepository().findUsersByLogin(userDetail.getUsername()); PaymentSystems ps = (PaymentSystems) paymentService.getRepository().findPaymentSystemsByUserId(u.getId()); if (md5String.equals(ps.getKey())) { u.setSummaryCash(u.getSummaryCash() + _money); userService.getRepository().save(u); } HttpGet method = new HttpGet(url.concat("?OK").concat(invId)); HttpClient client = new DefaultHttpClient(); client.execute(method); }
@Override public void savePayrolls(EmployeePayrollList payrolls) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); User user = (User) auth.getPrincipal(); String savePayrollsQuery = "insert into employee_payroll(reg_no, emp_name, date, basic_salary, gross_pay, loan_deduction, other_deduction, created_by, created_on, net_salary, last_updated_by, last_updated_on) values(?,?,?,?,?,?,?,?,?,?,?,?)"; System.out.println(payrolls.getMonth() + " " + payrolls.getYear()); for (int i = 0; i < payrolls.getPayrolls().size(); i++) { EmployeePayroll payroll = payrolls.getPayrolls().get(i); jdbcTemplate.update( savePayrollsQuery, new Object[] { payroll.getRegNum(), payroll.getName(), payrolls.getMonth() + " " + payrolls.getYear(), payroll.getBasicSalary(), payroll.getGrossPay(), payroll.getLoanDeduction(), payroll.getOtherDeduction(), payroll.getCreatedBy(), payroll.getCreatedOn(), payroll.getNetSalary(), user.getUsername(), user.getUsername() }); } }
@BeforeClass public void setUpBeforeClass() { AUTHENTICATION_PREVIOUS = SecurityContextHolder.getContext().getAuthentication(); authentication = mock(Authentication.class); when(authentication.getPrincipal()).thenReturn(USERNAME_USER); SecurityContextHolder.getContext().setAuthentication(authentication); }
@Override public Authentication authenticate(Authentication a) throws AuthenticationException { FacebookUserDTO fud = (FacebookUserDTO) a.getPrincipal(); String credentials = (String) a.getCredentials(); // fetch user from our DB FacebookUser user = usersService.getByFacebookId(fud.getFacebookProfileId()); // checking according to spring security documentation if (user.isDisabled()) { logger.info("Account disabled: " + user); throw new DisabledException("Konto wyłączone"); } if (user.isLocked()) { logger.info("Account locked: " + user); throw new LockedException("Konto zablokowane"); } // if user is allowed to access - allow him :) List<GrantedAuthority> authorities = usersService.getUsersAuthorities(user); logger.info("User granted authorities=" + authorities); // fetch profile of logged user and fill information from his profile Facebook facebook = new FacebookTemplate(fud.getAccessToken()); FacebookProfile facebookProfile = facebook.userOperations().getUserProfile(); fillUserData(user, facebookProfile); user.setAccessToken(fud.getAccessToken()); Authentication auth = new UsernamePasswordAuthenticationToken(user, credentials, authorities); logger.info("Authentication completed: " + auth); return auth; }
public static UserAccount getPrincipal() { UserAccount result; SecurityContext context; Authentication authentication; Object principal; // If the asserts in this method fail, then you're // likely to have your Tomcat's working directory // corrupt. Please, clear your browser's cache, stop // Tomcat, update your Maven's project configuration, // clean your project, clean Tomcat's working directory, // republish your project, and start it over. context = SecurityContextHolder.getContext(); Assert.notNull(context); authentication = context.getAuthentication(); Assert.notNull(authentication); principal = authentication.getPrincipal(); Assert.isTrue(principal instanceof UserAccount); result = (UserAccount) principal; Assert.notNull(result); Assert.isTrue(result.getId() != 0); return result; }
@RequestMapping( value = {"/", "/welcome**"}, method = RequestMethod.GET) public ModelAndView defaultPage() { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); ModelAndView model = new ModelAndView(); if (!(auth instanceof AnonymousAuthenticationToken)) { UserDetails userDetail = (UserDetails) auth.getPrincipal(); model.addObject("nextBeers", nextBeerDAO.getBeers(userDetail.getUsername())); model.addObject( "hasBeersWithoutDate", nextBeerDAO.hasBeersWithoutDate(userDetail.getUsername())); model.setViewName("homeLogged"); } else { model.setViewName("home"); } NextBeer nextestBeer = nextBeerDAO.getNextBeer(); Calendar today = Calendar.getInstance(); today.set(Calendar.HOUR_OF_DAY, 23); today.set(Calendar.MINUTE, 59); if (nextestBeer != null && today.before(nextestBeer.getDateToPay())) { model.addObject("dateToPayNextBeers", nextestBeer.getDateToPay()); } model.addObject("allNextBeers", nextBeerDAO.getAllNextBeers()); return model; }
@RequestMapping("/reminder") public String displayPage() { System.out.println("getting reminder page"); Authentication auth = SecurityContextHolder.getContext().getAuthentication(); CurrentUser currentUser = (CurrentUser) auth.getPrincipal(); // get user id return "redirect:/a/" + currentUser.getId() + "/reminder"; }
// 커뮤니티 상세보기의 정보 수정 @RequestMapping(value = "/insertUserComtBasicInfo") public void setInsertUserComtBasicInfo( @RequestParam Map<String, Object> paramMap, HttpServletResponse response, Authentication authentication) throws IOException { // Spring Security의 Authentication 객를 주입 MemberInfo memberInfo = (MemberInfo) authentication.getPrincipal(); paramMap.put("compId", memberInfo.getCompId()); paramMap.put("userId", memberInfo.getUserId()); String txtMastGubun = (String) paramMap.get("txtMastGubun"); String[] mg_arr = ((String) paramMap.get("txtMastGubun")).split(","); int rows = 0; int cntRw = 0; cntRw = communityService.getInserComtBasicInfoNm(paramMap); if (cntRw > 0) { rows = 99; } else { rows = communityService.setInsertUserComtBasicInfo(paramMap); } try { ObjectMapper mapper = new ObjectMapper(); response.setContentType("application/json"); mapper.writeValue(response.getOutputStream(), rows); } catch (Exception e) { throw e; } }
@RequestMapping(value = "/comtMain") public String getCumtMain( @RequestParam Map<String, Object> paramMap, ModelMap model, Authentication authentication) throws Throwable { // Spring Security의 Authentication 객를 주입 MemberInfo memberInfo = (MemberInfo) authentication.getPrincipal(); // cumt left 메뉴 조회 List<ComtVo> list = getCumntUserJoinList(memberInfo); model.addAttribute("comtlist", list); model.addAttribute("memberInfo", memberInfo); model.put("compId", memberInfo.getCompId()); // 커뮤니티내의 게시글 조회(전체) paramMap.put("allYn", ""); paramMap.put("compId", memberInfo.getCompId()); int total = 0; List<ComtBoardVo> boardList = communityService.getComtBoardNewList(paramMap); if (boardList != null && boardList.size() > 0) { total = boardList.size(); } model.put("comtBdList", boardList); model.put("total", total); return "/cumtMainLayout/left_community/comtMain"; }
@RequestMapping(value = "/group/create/invite", method = RequestMethod.POST) public String grpCrtInvite( @ModelAttribute("rootData") RootBean bean, Model model, Principal principal) throws Exception { initilize.exec(); // ログインアカウントのUserNameを取得 Authentication authentication = (Authentication) principal; UserDetails userDetails = (UserDetails) authentication.getPrincipal(); String userName = userDetails.getUsername(); /*グループを新規作成(MEMBERには、ログインアカウントのみをセット)し、 ログインアカウント以外のーザを取得*/ grpCrtInviteCommand.preProc(bean); grpCrtInviteCommand.exec(userName); this.bean = grpCrtInviteCommand.postProc(); // ログインアカウント以外のユーザを画面にセット model.addAttribute("rootData", bean); finalize.exec(bean, CommonConstants.VIEW_INVITE_MEMBER); return "groupInviteMember"; }
protected org.springframework.security.core.Authentication getAuthentification( javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) { Authentication auth = mock(Authentication.class); when(auth.getPrincipal()).thenReturn(new SecuredUser(getTestUser(), null)); return auth; };