org.springframework.security.access.intercept.RunAsManagerImpl java code examples

Add the Codota plugin to your IDE and get smart completions

private void myMethod () {
 Connection c =DataSource dataSource;dataSource.getConnection()
String url;DriverManager.getConnection(url)
IdentityDatabaseUtil.getDBConnection()
Smart code suggestions by Tabnine
}

public Authentication buildRunAs(Authentication authentication, Object object,
    Collection<ConfigAttribute> attributes) {
  List<GrantedAuthority> newAuthorities = new ArrayList<>();
  for (ConfigAttribute attribute : attributes) {
    if (this.supports(attribute)) {
      GrantedAuthority extraAuthority = new SimpleGrantedAuthority(
          getRolePrefix() + attribute.getAttribute());
      newAuthorities.add(extraAuthority);
    }
  }
  if (newAuthorities.size() == 0) {
    return null;
  }
  // Add existing authorities
  newAuthorities.addAll(authentication.getAuthorities());
  return new RunAsUserToken(this.key, authentication.getPrincipal(),
      authentication.getCredentials(), newAuthorities,
      authentication.getClass());
}

@Test
public void testAlwaysSupportsClass() {
  RunAsManagerImpl runAs = new RunAsManagerImpl();
  assertThat(runAs.supports(String.class)).isTrue();
}

@Test
public void testStartupSuccessfulWithKey() throws Exception {
  RunAsManagerImpl runAs = new RunAsManagerImpl();
  runAs.setKey("hello_world");
  runAs.afterPropertiesSet();
  assertThat(runAs.getKey()).isEqualTo("hello_world");
}

  @Override
  protected RunAsManager runAsManager() {
    RunAsManagerImpl runAsManager = new RunAsManagerImpl();
    runAsManager.setKey("some key");
    return runAsManager;
  }
}

@Test
public void testDoesNotReturnAdditionalAuthoritiesIfCalledWithoutARunAsSetting()
    throws Exception {
  UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken(
      "Test", "Password",
      AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
  RunAsManagerImpl runAs = new RunAsManagerImpl();
  runAs.setKey("my_password");
  Authentication resultingToken = runAs.buildRunAs(inputToken, new Object(),
      SecurityConfig.createList("SOMETHING_WE_IGNORE"));
  assertThat(resultingToken).isNull();
}

@Test
public void testRespectsRolePrefix() throws Exception {
  UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken(
      "Test", "Password", AuthorityUtils.createAuthorityList("ONE", "TWO"));
  RunAsManagerImpl runAs = new RunAsManagerImpl();
  runAs.setKey("my_password");
  runAs.setRolePrefix("FOOBAR_");
  Authentication result = runAs.buildRunAs(inputToken, new Object(),
      SecurityConfig.createList("RUN_AS_SOMETHING"));
  assertThat(result instanceof RunAsUserToken).withFailMessage(
      "Should have returned a RunAsUserToken").isTrue();
  assertThat(result.getPrincipal()).isEqualTo(inputToken.getPrincipal());
  assertThat(result.getCredentials()).isEqualTo(inputToken.getCredentials());
  Set<String> authorities = AuthorityUtils.authorityListToSet(
      result.getAuthorities());
  assertThat(authorities.contains("FOOBAR_RUN_AS_SOMETHING")).isTrue();
  assertThat(authorities.contains("ONE")).isTrue();
  assertThat(authorities.contains("TWO")).isTrue();
  RunAsUserToken resultCast = (RunAsUserToken) result;
  assertThat(resultCast.getKeyHash()).isEqualTo("my_password".hashCode());
}

@Test
public void testStartupDetectsMissingKey() throws Exception {
  RunAsManagerImpl runAs = new RunAsManagerImpl();
  try {
    runAs.afterPropertiesSet();
    fail("Should have thrown IllegalArgumentException");
  }
  catch (IllegalArgumentException expected) {
  }
}

  @Test
  public void testSupports() throws Exception {
    RunAsManager runAs = new RunAsManagerImpl();
    assertThat(runAs.supports(new SecurityConfig("RUN_AS_SOMETHING"))).isTrue();
    assertThat(!runAs.supports(new SecurityConfig("ROLE_WHICH_IS_IGNORED"))).isTrue();
    assertThat(!runAs.supports(new SecurityConfig("role_LOWER_CASE_FAILS"))).isTrue();
  }
}

@Test
public void testReturnsAdditionalGrantedAuthorities() throws Exception {
  UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken(
      "Test", "Password",
      AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
  RunAsManagerImpl runAs = new RunAsManagerImpl();
  runAs.setKey("my_password");
  Authentication result = runAs.buildRunAs(inputToken, new Object(),
      SecurityConfig.createList("RUN_AS_SOMETHING"));
  if (!(result instanceof RunAsUserToken)) {
    fail("Should have returned a RunAsUserToken");
  }
  assertThat(result.getPrincipal()).isEqualTo(inputToken.getPrincipal());
  assertThat(result.getCredentials()).isEqualTo(inputToken.getCredentials());
  Set<String> authorities = AuthorityUtils.authorityListToSet(
      result.getAuthorities());
  assertThat(authorities.contains("ROLE_RUN_AS_SOMETHING")).isTrue();
  assertThat(authorities.contains("ROLE_ONE")).isTrue();
  assertThat(authorities.contains("ROLE_TWO")).isTrue();
  RunAsUserToken resultCast = (RunAsUserToken) result;
  assertThat(resultCast.getKeyHash()).isEqualTo("my_password".hashCode());
}

public Authentication buildRunAs(Authentication authentication, Object object,
    Collection<ConfigAttribute> attributes) {
  List<GrantedAuthority> newAuthorities = new ArrayList<>();
  for (ConfigAttribute attribute : attributes) {
    if (this.supports(attribute)) {
      GrantedAuthority extraAuthority = new SimpleGrantedAuthority(
          getRolePrefix() + attribute.getAttribute());
      newAuthorities.add(extraAuthority);
    }
  }
  if (newAuthorities.size() == 0) {
    return null;
  }
  // Add existing authorities
  newAuthorities.addAll(authentication.getAuthorities());
  return new RunAsUserToken(this.key, authentication.getPrincipal(),
      authentication.getCredentials(), newAuthorities,
      authentication.getClass());
}

public Authentication buildRunAs(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
  List<GrantedAuthority> newAuthorities = new ArrayList<GrantedAuthority>();
  for (ConfigAttribute attribute : attributes) {
    if (this.supports(attribute)) {
      GrantedAuthority extraAuthority = new SimpleGrantedAuthority(getRolePrefix() + attribute.getAttribute());
      newAuthorities.add(extraAuthority);
    }
  }
  if (newAuthorities.size() == 0) {
    return null;
  }
  // Add existing authorities
  newAuthorities.addAll(authentication.getAuthorities());
  return new RunAsUserToken(this.key, authentication.getPrincipal(), authentication.getCredentials(),
      newAuthorities, authentication.getClass());
}

public Authentication buildRunAs(Authentication authentication, Object object,
    Collection<ConfigAttribute> attributes) {
  List<GrantedAuthority> newAuthorities = new ArrayList<>();
  for (ConfigAttribute attribute : attributes) {
    if (this.supports(attribute)) {
      GrantedAuthority extraAuthority = new SimpleGrantedAuthority(
          getRolePrefix() + attribute.getAttribute());
      newAuthorities.add(extraAuthority);
    }
  }
  if (newAuthorities.size() == 0) {
    return null;
  }
  // Add existing authorities
  newAuthorities.addAll(authentication.getAuthorities());
  return new RunAsUserToken(this.key, authentication.getPrincipal(),
      authentication.getCredentials(), newAuthorities,
      authentication.getClass());
}

Javadoc

Basic concrete implementation of a RunAsManager.

Is activated if any ConfigAttribute#getAttribute() is prefixed with RUN_AS_. If found, it generates a new RunAsUserToken containing the same principal, credentials and granted authorities as the original Authentication object, along with SimpleGrantedAuthoritys for each RUN_AS_ indicated. The created SimpleGrantedAuthoritys will be prefixed with a special prefix indicating that it is a role (default prefix value is ROLE_), and then the remainder of the RUN_AS_ keyword. For example, RUN_AS_FOO will result in the creation of a granted authority of ROLE_RUN_AS_FOO.

The role prefix may be overridden from the default, to match that used elsewhere, for example when using an existing role database with another prefix. An empty role prefix may also be specified. Note however that there are potential issues with using an empty role prefix since different categories of ConfigAttribute can not be properly discerned based on the prefix, with possible consequences when performing voting and other actions. However, this option may be of some use when using pre-existing role names without a prefix, and no ability exists to prefix them with a role prefix on reading them in, such as provided for example in org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl.

Most used methods

supports
getRolePrefix
<init>
setKey
afterPropertiesSet
buildRunAs
getKey
setRolePrefix
Allows the default role prefix of ROLE_ to be overridden. May be set to an empty value, although thi

Popular in Java

Parsing JSON documents to java classes using gson
addToBackStack (FragmentTransaction)
runOnUiThread (Activity)
notifyDataSetChanged (ArrayAdapter)
Kernel (java.awt.image)
IOException (java.io)
Signals a general, I/O-related error. Error details may be specified when calling the constructor, a
SecureRandom (java.security)
This class generates cryptographically secure pseudo-random numbers. It is best to invoke SecureRand
ResourceBundle (java.util)
ResourceBundle is an abstract class which is the superclass of classes which provide Locale-specifi
Collectors (java.util.stream)
FileUtils (org.apache.commons.io)
General file manipulation utilities. Facilities are provided in the following areas: * writing to a

How to useRunAsManagerImpl in org.springframework.security.access.intercept

Best Java code snippets using org.springframework.security.access.intercept.RunAsManagerImpl (Showing top 12 results out of 315)

How to use
RunAsManagerImpl
in
org.springframework.security.access.intercept