本文整理汇总了Java中org.springframework.security.core.userdetails.UserDetails.getAuthorities方法的典型用法代码示例。如果您正苦于以下问题:Java UserDetails.getAuthorities方法的具体用法?Java UserDetails.getAuthorities怎么用?Java UserDetails.getAuthorities使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.springframework.security.core.userdetails.UserDetails
的用法示例。
在下文中一共展示了UserDetails.getAuthorities方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: signInUser
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
public String signInUser(){
boolean registered = userService.createUser(username, password);
if(registered){
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
userDetails,
password,
userDetails.getAuthorities());
authenticationManager.authenticate(token);
if (token.isAuthenticated()) {
SecurityContextHolder.getContext().setAuthentication(token);
}
return "/index.jsf";
} else {
return "/signin.jsf?error=true";
}
}
开发者ID:arcuri82,项目名称:testing_security_development_enterprise_systems,代码行数:24,代码来源:SignInController.java
示例2: autologin
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
/** {@inheritDoc} */
@Override
public void autologin(final String username, final String password) {
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());
authenticationManager.authenticate(usernamePasswordAuthenticationToken);
if (usernamePasswordAuthenticationToken.isAuthenticated()) {
SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
logger.debug(String.format("Auto login %s successfully!", username));
}
}
示例3: doFilter
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
String authToken = httpRequest.getHeader(this.tokenHeader);
String username = jwtTokenUtil.getUsernameFromToken(authToken);
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
if (jwtTokenUtil.validateToken(authToken, userDetails)) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest));
SecurityContextHolder.getContext().setAuthentication(authentication);
}
}
chain.doFilter(request, response);
}
开发者ID:republique-et-canton-de-geneve,项目名称:chvote-protocol-poc,代码行数:19,代码来源:JwtAuthenticationTokenFilter.java
示例4: authenticateAs
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
/**
* Authenticate the user
* @param userCredentials
* @param setTimestamp true to set the lastSuccessfulLogin timestamp
*/
public void authenticateAs(YadaUserCredentials userCredentials, boolean setTimestamp) {
UserDetails userDetails = createUserDetails(userCredentials);
Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
if (setTimestamp) {
userCredentialsRepository.updateLoginTimestamp(userCredentials.getUsername().toLowerCase());
userCredentialsRepository.resetFailedAttempts(userCredentials.getUsername().toLowerCase());
}
}
示例5: setCurrentUser
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Override
public void setCurrentUser(CalendarUser user) {
if (user == null) {
throw new IllegalArgumentException("user cannot be null");
}
UserDetails userDetails = userDetailsService.loadUserByUsername(user.getEmail());
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails,
user.getPassword(), userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
}
开发者ID:PacktPublishing,项目名称:Spring-Security-Third-Edition,代码行数:11,代码来源:SpringSecurityUserContext.java
示例6: autoLogin
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Override
public void autoLogin(String username, String password) {
boolean isLogin = false;
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());
authenticationManager.authenticate(usernamePasswordAuthenticationToken);
if (usernamePasswordAuthenticationToken.isAuthenticated()) {
SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
isLogin = true;
}
}
示例7: doFilterInternal
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
String authToken = request.getHeader(this.tokenHeader);
if (!StringUtils.isEmpty(authToken) && SecurityContextHolder.getContext().getAuthentication() == null) {
try{
HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", authToken);
headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
HttpEntity<String> entity = new HttpEntity<String>("", headers);
ResponseEntity<String> responseEntity =
restTemplate.exchange(
"http://AUTH-SERVICE/auth/current"
, HttpMethod.POST
, entity
, String.class);
String jsonUserDetails = responseEntity.getBody();
UserDetails userDetails = prepareUserDetails(jsonUserDetails);
if (userDetails != null) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
}
}catch(Exception e){
logger.error(e.getMessage());
}
}
chain.doFilter(request, response);
}
示例8: doFilterInternal
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
String token = request.getHeader(tokenHeader);
// authToken.startsWith("Bearer ")
// String authToken = header.substring(7);
if (!tokenUtil.parseToken(token)){
return;
}
String username = tokenUtil.getUsername();
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
// It is not compelling necessary to load the use details from the database. You could also store the information
// in the token and read it from it. It's up to you ;)
UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
// For simple validation it is completely sufficient to just check the token integrity. You don't have to call
// the database compellingly. Again it's up to you ;)
if (!tokenUtil.isExpired()) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
logger.info("authenticated user " + username + ", setting security context");
SecurityContextHolder.getContext().setAuthentication(authentication);
}
}
filterChain.doFilter(request, response);
}
示例9: doFilterInternal
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
String authToken = request.getHeader(this.tokenHeader);
// authToken.startsWith("Bearer ")
// String authToken = header.substring(7);
String username = jwtTokenUtil.getUsernameFromToken(authToken);
logger.info("checking authentication for user " + username);
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
// It is not compelling necessary to load the use details from the database. You could also store the information
// in the token and read it from it. It's up to you ;)
UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
// For simple validation it is completely sufficient to just check the token integrity. You don't have to call
// the database compellingly. Again it's up to you ;)
if (jwtTokenUtil.validateToken(authToken, userDetails)) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
logger.info("authenticated user " + username + ", setting security context");
SecurityContextHolder.getContext().setAuthentication(authentication);
}
}
chain.doFilter(request, response);
}
示例10: signInAdapter
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Bean
public SignInAdapter signInAdapter(UserDetailsService userDetailsService) {
RequestCache requestCache = new HttpSessionRequestCache();
return (userId, connection, request) -> {
UserDetails userDetails = userDetailsService.loadUserByUsername(userId);
Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
SavedRequest savedRequest = requestCache.getRequest(request.getNativeRequest(HttpServletRequest.class), request.getNativeResponse(HttpServletResponse.class));
return savedRequest == null ? null : savedRequest.getRedirectUrl();
};
}
示例11: setCurrentUser
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Override
public void setCurrentUser(CalendarUser user) {
if (user == null) {
throw new IllegalArgumentException("user cannot be null");
}
UserDetails userDetails = userDetailsService.loadUserByUsername(user.getEmail());
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails,
user.getPassword(),userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
}
开发者ID:PacktPublishing,项目名称:Spring-Security-Third-Edition,代码行数:11,代码来源:SpringSecurityUserContext.java
示例12: doFilterInternal
import org.springframework.security.core.userdetails.UserDetails; //导入方法依赖的package包/类
@Override
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
String authorization = httpServletRequest.getHeader(HttpHeaders.AUTHORIZATION);
/**
* Whenever the user wants to access a protected route or resource,
* the user agent should send the JWT,
* typically in the Authorization header using the Bearer schema.
* The content of the header should look like the following:
* Authorization: Bearer <token>
* This is a stateless authentication mechanism as the user state is never saved in server memory.
* The server's protected routes will check for a valid JWT in the Authorization header,
* and if it's present, the user will be allowed to access protected resources.
*/
// authToken.startsWith("Bearer ")
// String authToken = header.substring(7);
if (StringUtils.isBlank(authorization)) {
filterChain.doFilter(httpServletRequest, httpServletResponse);
return;
}
try {
String username = jwtTokenUtil.getUsernameFromToken(authorization);
LOGGER.info("checking authentication for user:{},uri:{}", username, httpServletRequest.getRequestURI());
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {//服务器重启的场景
// It is not compelling necessary to load the use details from the database. You could also store the information
// in the token and read it from it. It's up to you ;)
//validateToken的逻辑中,就需要判断username是否存在和过期时间
//查出来UserDetails类型的数据是因为UsernamePasswordAuthenticationToken对象会使用
UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
// For simple validation it is completely sufficient to just check the token integrity. You don't have to call
// the database compellingly. Again it's up to you ;)
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
LOGGER.info("authenticated user {}, setting security context", username);
SecurityContextHolder.getContext().setAuthentication(authentication);
}
filterChain.doFilter(httpServletRequest, httpServletResponse);
} catch (Exception e) {
httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
httpServletResponse.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
try (PrintWriter out = httpServletResponse.getWriter()) {
out.write(JSON.toJSONString("unauthorized"));
out.flush();
}
}
}