/** * There's no group. */ @Override public GroupDetails loadGroupByGroupname(String groupname) throws UsernameNotFoundException, DataAccessException { throw new UsernameNotFoundException(groupname); }
/** * Shortcut for {@link UserDetailsService#loadUserByUsername(String)}. * * @throws UserMayOrMayNotExistException * If the security realm cannot even tell if the user exists or not. * @return * never null. */ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { return getSecurityComponents().userDetails.loadUserByUsername(username); }
@Override protected void authenticated(@Nonnull UserDetails details) { putUserSeedInSession(details.getUsername()); }
/** * Creates an {@link Authentication} object that represents this user using the given userDetails * * @param userDetails Provided by {@link #getUserDetailsForImpersonation()}. * @see #getUserDetailsForImpersonation() */ @Restricted(NoExternalUse.class) public @Nonnull Authentication impersonate(@Nonnull UserDetails userDetails) { return new UsernamePasswordAuthenticationToken(userDetails.getUsername(), "", userDetails.getAuthorities()); }
protected UserDetails attemptToImpersonate(String username, RuntimeException e) { // this backend cannot tell if the user name exists or not. so substitute by what we know User u = User.getById(username, false); if (u!=null) { LastGrantedAuthoritiesProperty p = u.getProperty(LastGrantedAuthoritiesProperty.class); if (p!=null) return new org.acegisecurity.userdetails.User(username,"",true,true,true,true, p.getAuthorities()); } throw e; } }
public Authentication authenticate() throws AuthenticationException, IOException, InterruptedException { if (userName==null) return command.getTransportAuthentication(); // no authentication parameter. fallback to the transport if (passwordFile!=null) try { password = new FilePath(command.checkChannel(), passwordFile).readToString().trim(); } catch (IOException e) { throw new BadCredentialsException("Failed to read "+passwordFile,e); } if (password==null) password = command.checkChannel().call(new InteractivelyAskForPassword()); if (password==null) throw new BadCredentialsException("No password specified"); UserDetails d = doAuthenticate(userName, password); return new UsernamePasswordAuthenticationToken(d, password, d.getAuthorities()); } };
/** * This implementation doesn't support groups. */ @Override public GroupDetails loadGroupByGroupname(String groupname) throws UsernameNotFoundException, DataAccessException { throw new UsernameNotFoundException(groupname); }
/** @since 1.569 */ public static void fireAuthenticated(@Nonnull UserDetails details) { if (LOGGER.isLoggable(Level.FINE)) { List<String> groups = new ArrayList<String>(); for (GrantedAuthority auth : details.getAuthorities()) { if (!auth.equals(SecurityRealm.AUTHENTICATED_AUTHORITY)) { groups.add(auth.getAuthority()); } } LOGGER.log(Level.FINE, "authenticated: {0} {1}", new Object[] {details.getUsername(), groups}); } for (SecurityListener l : all()) { l.authenticated(details); } }
@Override public String resolveCanonicalId(String idOrFullName, Map<String, ?> context) { User existing = getById(idOrFullName, false); if (existing != null) { return existing.getId(); } if (SECURITY_243_FULL_DEFENSE) { if (!resolving.get()) { resolving.set(true); try { UserDetails userDetails = UserDetailsCache.get().loadUserByUsername(idOrFullName); return userDetails.getUsername(); } catch (UsernameNotFoundException x) { LOGGER.log(Level.FINE, "not sure whether " + idOrFullName + " is a valid username or not", x); } catch (DataAccessException | ExecutionException x) { LOGGER.log(Level.FINE, "could not look up " + idOrFullName, x); } finally { resolving.set(false); } } } return null; }
@Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { try { return base.loadUserByUsername(username); } catch (UserMayOrMayNotExistException e) { return attemptToImpersonate(username, e); } catch (DataAccessException e) { return attemptToImpersonate(username, e); } }
/** * Call this method to authenticate the user when you confirmed (via your protocol specific work) that * the current HTTP request indeed owns this identifier. * * <p> * This method will locate the user who owns this identifier, associate the credential with * the current session. IOW, it signs in the user. * * @throws UnclaimedIdentityException * If this identifier is not claimed by anyone. If you just let this exception propagate * to the caller of your "doXyz" method, it will either render an error page or initiate * a user registration session (provided that {@link SecurityRealm} supports that.) */ @SuppressWarnings("ACL.impersonate") @Nonnull public User signin() throws UnclaimedIdentityException { User u = locateUser(); if (u!=null) { // login as this user UserDetails d = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(u.getId()); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(d,"",d.getAuthorities()); token.setDetails(d); SecurityContextHolder.getContext().setAuthentication(token); return u; } else { // Unassociated identity. throw new UnclaimedIdentityException(this); } }
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { throw new UsernameNotFoundException(username); } });
private Authentication getUserAuthIfValidMac(String username, String mac, String fullValueStored) { if (!MAC.checkMac(username, mac)) { LOGGER.log(Level.FINE, "Ignoring stored CLI authentication due to MAC mismatch: {0}", fullValueStored); return Jenkins.ANONYMOUS; } try { UserDetails u = Jenkins.get().getSecurityRealm().loadUserByUsername(username); LOGGER.log(Level.FINER, "Loaded stored CLI authentication for {0}", username); return new UsernamePasswordAuthenticationToken(u.getUsername(), "", u.getAuthorities()); } catch (AuthenticationException | DataAccessException e) { //TODO there is no check to be consistent with User.ALLOW_NON_EXISTENT_USER_TO_LOGIN LOGGER.log(Level.FINE, "Stored CLI authentication did not correspond to a valid user: " + username, e); return Jenkins.ANONYMOUS; } }
@Override protected String makeTokenSignature(long tokenExpiryTime, UserDetails userDetails) { String userSeed; if (UserSeedProperty.DISABLE_USER_SEED) { userSeed = "no-seed"; } else { User user = User.getById(userDetails.getUsername(), false); if (user == null) { return "no-user"; } UserSeedProperty userSeedProperty = user.getProperty(UserSeedProperty.class); if (userSeedProperty == null) { // if you want to filter out the user seed property, you should consider using the DISABLE_USER_SEED instead return "no-prop"; } userSeed = userSeedProperty.getSeed(); } String token = String.join(":", userDetails.getUsername(), Long.toString(tokenExpiryTime), userSeed, getKey()); return MAC.mac(token); }
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { UserDetailsService uds = delegate; // fix the reference for concurrency support if(uds ==null) throw new UserMayOrMayNotExistException(Messages.UserDetailsServiceProxy_UnableToQuery(username)); return uds.loadUserByUsername(username); }
public SecurityComponents createSecurityComponents() { return new SecurityComponents(new AuthenticationManager() { public Authentication authenticate(Authentication authentication) { return authentication; } }, new UserDetailsService() { public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { throw new UsernameNotFoundException(username); } }); }
String username = ((UserDetails) successfulAuthentication.getPrincipal()).getUsername();
@Override public Details loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { User u = User.getById(username, false); Details p = u!=null ? u.getProperty(Details.class) : null; if(p==null) throw new UsernameNotFoundException("Password is not set: "+username); if(p.getUser()==null) throw new AssertionError(); return p; }
String username = u.getUsername();
Boolean exists = existenceCache.getIfPresent(idOrFullName); if(exists != null && !exists) { throw new UsernameNotFoundException(String.format("\"%s\" does not exist", idOrFullName)); } else { try {