private List<String> getGroupsFromCurrentUser() { List<String> groups = new ArrayList<>(); Collection<? extends GrantedAuthority> authorities = SecurityContextHolder.getContext().getAuthentication() .getAuthorities(); for (GrantedAuthority auth : authorities) { groups.add(auth.getAuthority()); } return groups; }
@Secured("IS_AUTHENTICATED_FULLY") @RequestMapping(path = "/whoami/roles", method = RequestMethod.GET) public List<String> user() { UserDetails userDetails = (UserDetails) SecurityContextHolder.getContext(). getAuthentication().getPrincipal(); return userDetails.getAuthorities().stream().map(ga -> ga.getAuthority()).collect(Collectors.toList()); } }
@Override public User authenticateUser(String username, String password, Exchange exchange) { try { Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password)); SecurityContextHolder.getContext().setAuthentication(authentication); User user = new User(username, password); authentication.getAuthorities().stream().map(a -> a.getAuthority()).forEach(user::addRole); return user; } catch (AuthenticationException e) { throw SpongeUtils.wrapException("authenticateUser", e); } }
private void insertUserAuthorities(UserDetails user) { for (GrantedAuthority auth : user.getAuthorities()) { getJdbcTemplate().update(createAuthoritySql, user.getUsername(), auth.getAuthority()); } }
public static boolean hasRole(Authentication auth, String role) { for (GrantedAuthority grantedAuthority : auth.getAuthorities()) { if (grantedAuthority.getAuthority().equals(role)) { return true; } } return false; }
import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; protected boolean hasRole(String role) { // get security context from thread local SecurityContext context = SecurityContextHolder.getContext(); if (context == null) return false; Authentication authentication = context.getAuthentication(); if (authentication == null) return false; for (GrantedAuthority auth : authentication.getAuthorities()) { if (role.equals(auth.getAuthority())) return true; } return false; }
/** * Write the changes to persistant storage. This should happen automatically when changes are * made, so no code outside of this class should need to call this method. * * @throws ConfigurationException if the user configuration file does not exist and cannot be * created * @throws IOException if an error occurs while opening the user configuration file */ private void syncChanges() throws IOException, ConfigurationException { Properties prop = new Properties(); for (UserDetails details : myDetailStorage.values()) { String key = details.getUsername(); String value = details.getPassword(); for (GrantedAuthority auth : details.getAuthorities()) { value += "," + auth.getAuthority(); } if (!details.isEnabled()) { value += ",disabled"; } prop.setProperty(key, value); } OutputStream os = new BufferedOutputStream(getUserFile().out()); prop.store( os, "Geoserver user data. Format is username=password,role1,role2,...[enabled|disabled]"); }
private Map<String, Boolean> createRoleMap(UserDetails userDetails) { Map<String, Boolean> roles = new HashMap<String, Boolean>(); for (GrantedAuthority authority : userDetails.getAuthorities()) { roles.put(authority.getAuthority(), Boolean.TRUE); } return roles; } }
@Test public void allAttributesSupported() { UserDetails userDetails = new UserDetailsManagerConfigurer<AuthenticationManagerBuilder, InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder>>(userDetailsManager) .withUser("user") .password("password") .roles("USER") .disabled(true) .accountExpired(true) .accountLocked(true) .credentialsExpired(true) .build(); assertThat(userDetails.getUsername()).isEqualTo("user"); assertThat(userDetails.getPassword()).isEqualTo("password"); assertThat(userDetails.getAuthorities().stream().findFirst().get().getAuthority()).isEqualTo("ROLE_USER"); assertThat(userDetails.isAccountNonExpired()).isFalse(); assertThat(userDetails.isAccountNonLocked()).isFalse(); assertThat(userDetails.isCredentialsNonExpired()).isFalse(); assertThat(userDetails.isEnabled()).isFalse(); }
/** * Checks if the specified authentication contains the specified role. * * If the current {@link HttpServletRequest} has security disabled, * this method always returns <code>true</code>. * * @return <code>true</code> if the authenticated contains the role, otherwise <code>false</false> */ public boolean checkAuthenticationForRole(Authentication auth, GeoServerRole role) { if (GeoServerSecurityFilterChainProxy.isSecurityEnabledForCurrentRequest() == false) return true; // No security means any role is granted if (auth == null || !auth.isAuthenticated()) { return false; } for (GrantedAuthority authority : auth.getAuthorities()) { if (role.getAuthority().equals(authority.getAuthority())) { return true; } } return false; }
for (GrantedAuthority authority : authentication.getAuthorities()) { authorities.add(authority.getAuthority()); UaaPrincipal principal = (UaaPrincipal) authentication.getPrincipal(); Attribute emailAttribute = buildStringAttribute("email", Collections.singletonList(principal.getEmail())); attributeStatement.getAttributes().add(emailAttribute);
String username = ((UserDetails)authentication.getPrincipal()).getUsername(); List<GrantedAuthority> authorities = (List<GrantedAuthority>) ((UserDetails)authentication.getPrincipal()).getAuthorities(); List<String> list = new ArrayList<>(); for(GrantedAuthority g : authorities){ list.add(g.getAuthority());
public int compare(GrantedAuthority g1, GrantedAuthority g2) { // Neither should ever be null as each entry is checked before adding it to // the set. // If the authority is null, it is a custom authority and should precede // others. if (g2.getAuthority() == null) { return -1; } if (g1.getAuthority() == null) { return 1; } return g1.getAuthority().compareTo(g2.getAuthority()); } }
int result = ACCESS_ABSTAIN; if (authentication.getDetails() instanceof OAuthAuthenticationDetails) { OAuthAuthenticationDetails details = (OAuthAuthenticationDetails) authentication.getDetails(); for (Object configAttribute : configAttributes) { ConfigAttribute attribute = (ConfigAttribute) configAttribute; if (authorities != null) { for (GrantedAuthority authority : authorities) { if (authority.getAuthority().equals(config.getAttribute())) { return ACCESS_GRANTED;
@GetMapping("/{id}") public User findById(@PathVariable Long id) { Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); if (principal instanceof UserDetails) { UserDetails user = (UserDetails) principal; Collection<? extends GrantedAuthority> collection = user.getAuthorities(); for (GrantedAuthority c : collection) { // 打印当前登录用户的信息 UserController.LOGGER.info("当前用户是{},角色是{}", user.getUsername(), c.getAuthority()); } } else { // do other things } User findOne = this.userRepository.findOne(id); return findOne; } }
@Override public User authenticateUser(String username, String password, Exchange exchange) { try { Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password)); SecurityContextHolder.getContext().setAuthentication(authentication); User user = new User(username, password); authentication.getAuthorities().stream().map(a -> a.getAuthority()).forEach(user::addRole); return user; } catch (AuthenticationException e) { throw SpongeUtils.wrapException("authenticateUser", e); } }
private void insertUserAuthorities(UserDetails user) { for (GrantedAuthority auth : user.getAuthorities()) { getJdbcTemplate().update(createAuthoritySql, user.getUsername(), auth.getAuthority()); } }
protected boolean hasReadOnlyAuthority(String zoneId, Authentication authentication) { boolean hasRead = false; boolean doesNotHaveAdmin = true; String adminScope = ZoneManagementScopes.ZONES_ZONE_ID_PREFIX + zoneId + ".admin"; String readScope = ZoneManagementScopes.ZONES_ZONE_ID_PREFIX + zoneId + ".read"; for (GrantedAuthority a : authentication.getAuthorities()) { if (adminScope.equals(a.getAuthority())) { doesNotHaveAdmin = false; } else if (readScope.equals(a.getAuthority())) { hasRead = true; } } return hasRead && doesNotHaveAdmin; }
if (roleNameSubstitutions.containsKey(authority.getAuthority())) { String[] roles = roleNameSubstitutions.get(authority.getAuthority()); for (String role : roles) { newAuthorities.add(new SimpleGrantedAuthority(role.trim())); String password = userDetails.getPassword(); if (password == null) { password = userDetails.getUsername(); BroadleafExternalAuthenticationUserDetails broadleafUser = new BroadleafExternalAuthenticationUserDetails(userDetails.getUsername(), password, userDetails.getAuthorities()); broadleafUser.setFirstName((String)ctx.getObjectAttribute("givenName")); broadleafUser.setLastName((String)ctx.getObjectAttribute("sn"));
List<String> getAllUserAuthorities() throws IOException { List<String> all = new ArrayList<>(); for (UserDetails user : userService.listUsers()) { for (GrantedAuthority auth : user.getAuthorities()) { if (!all.contains(auth.getAuthority())) { all.add(auth.getAuthority()); } } } return all; }