@Override public boolean hasAuthorities(String... authorities) { for (String authority : authorities) { if (!hasAuthority(authority)) { return false; } } return true; }
@Override public Authentication login(String username, String password) throws AuthenticationException, Exception { return login(new UsernamePasswordAuthenticationToken(username, password)); }
@Override public boolean isAuthenticatedAnonymously() { final Authentication authentication = getAuthentication(); return authentication instanceof AnonymousAuthenticationToken && authentication.isAuthenticated(); }
@Override public boolean hasAccessToObject(Object securedObject, String... securityConfigurationAttributes) { final Authentication authentication = getAuthentication(); if (getAccessDecisionManager() == null) { logger.warn("Access was denied to object because there was no AccessDecisionManager set!"); return false; } else if (authentication == null || !authentication.isAuthenticated()) { return false; } final Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>( securityConfigurationAttributes.length); for (String securityConfigString : securityConfigurationAttributes) { configAttributes.add(new SecurityConfig(securityConfigString)); } try { getAccessDecisionManager().decide(authentication, securedObject, configAttributes); return true; } catch (AccessDeniedException ex) { logger.trace("Access denied when accessing {}", securedObject); return false; } catch (InsufficientAuthenticationException ex) { logger.trace("Insufficient authentication when accessing {}", securedObject); return false; } }
@Override public boolean hasAccessToSecuredMethod(Object securedObject, String methodName, Class<?>... methodParameterTypes) { try { final Method method = securedObject.getClass().getMethod(methodName, methodParameterTypes); final Secured secured = AnnotationUtils.findAnnotation(method, Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); } catch (NoSuchMethodException ex) { throw new IllegalArgumentException("Method " + methodName + " does not exist", ex); } } }
@Override public void afterPropertiesSet() throws Exception { super.afterPropertiesSet(); if (sessionAuthenticationStrategy == null) { LOGGER.info("No session authentication strategy found in application context, using null strategy"); sessionAuthenticationStrategy = new NullAuthenticatedSessionStrategy(); } else { LOGGER.info("Using session authentication strategy {}", sessionAuthenticationStrategy); } if (vaadinAuthenticationSuccessHandler == null) { LOGGER.info("No authentication success handler found in the application context, using null handler"); vaadinAuthenticationSuccessHandler = new VaadinAuthenticationSuccessHandler.NullHandler(); } else { LOGGER.info("Using authentication success handler {}", vaadinAuthenticationSuccessHandler); } if (vaadinLogoutHandler == null) { LOGGER.info("No logout handler found in the application context, using null handler"); vaadinLogoutHandler = new VaadinLogoutHandler.NullHandler(); } else { LOGGER.info("Using logout handler {}", vaadinLogoutHandler); } }
@Override public boolean isAuthenticated() { final Authentication authentication = getAuthentication(); return authentication != null && authentication.isAuthenticated() && !(authentication instanceof AnonymousAuthenticationToken); }
@Override public boolean hasAccessToObject(Object securedObject, String... securityConfigurationAttributes) { final Authentication authentication = getAuthentication(); if (getAccessDecisionManager() == null) { logger.warn("Access was denied to object because there was no AccessDecisionManager set!"); return false; } else if (authentication == null || !authentication.isAuthenticated()) { return false; } final Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>( securityConfigurationAttributes.length); for (String securityConfigString : securityConfigurationAttributes) { configAttributes.add(new SecurityConfig(securityConfigString)); } try { getAccessDecisionManager().decide(authentication, securedObject, configAttributes); return true; } catch (AccessDeniedException ex) { logger.trace("Access denied when accessing {}", securedObject); return false; } catch (InsufficientAuthenticationException ex) { logger.trace("Insufficient authentication when accessing {}", securedObject); return false; } }
@Override public boolean hasAccessToSecuredMethod(Object securedObject, String methodName, Class<?>... methodParameterTypes) { try { final Method method = securedObject.getClass().getMethod(methodName, methodParameterTypes); final Secured secured = AnnotationUtils.findAnnotation(method, Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); } catch (NoSuchMethodException ex) { throw new IllegalArgumentException("Method " + methodName + " does not exist", ex); } } }
@Override public void afterPropertiesSet() throws Exception { super.afterPropertiesSet(); if (sessionAuthenticationStrategy == null) { LOGGER.info("No session authentication strategy found in application context, using null strategy"); sessionAuthenticationStrategy = new NullAuthenticatedSessionStrategy(); } else { LOGGER.info("Using session authentication strategy {}", sessionAuthenticationStrategy); } if (vaadinAuthenticationSuccessHandler == null) { LOGGER.info("No authentication success handler found in the application context, using null handler"); vaadinAuthenticationSuccessHandler = new VaadinAuthenticationSuccessHandler.NullHandler(); } else { LOGGER.info("Using authentication success handler {}", vaadinAuthenticationSuccessHandler); } if (vaadinLogoutHandler == null) { LOGGER.info("No logout handler found in the application context, using null handler"); vaadinLogoutHandler = new VaadinLogoutHandler.NullHandler(); } else { LOGGER.info("Using logout handler {}", vaadinLogoutHandler); } }
@Override public boolean isAuthenticatedAnonymously() { final Authentication authentication = getAuthentication(); return authentication instanceof AnonymousAuthenticationToken && authentication.isAuthenticated(); }
@Override public boolean hasAccessToSecuredObject(Object securedObject) { final Secured secured = AopUtils.getTargetClass(securedObject).getAnnotation(Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); }
@Override public boolean hasAnyAuthority(String... authorities) { for (String authority : authorities) { if (hasAuthority(authority)) { return true; } } return false; }
@Override public Authentication login(String username, String password) throws AuthenticationException, Exception { return login(new UsernamePasswordAuthenticationToken(username, password)); }
@Override public boolean isAuthenticated() { final Authentication authentication = getAuthentication(); return authentication != null && authentication.isAuthenticated() && !(authentication instanceof AnonymousAuthenticationToken); }
@Override public boolean hasAccessToSecuredObject(Object securedObject) { final Secured secured = AopUtils.getTargetClass(securedObject).getAnnotation(Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); }
@Override public boolean hasAnyAuthority(String... authorities) { for (String authority : authorities) { if (hasAuthority(authority)) { return true; } } return false; }
@Override public boolean isRememberMeAuthenticated() { final Authentication authentication = getAuthentication(); return authentication instanceof RememberMeAuthenticationToken && authentication.isAuthenticated(); }
@Override public boolean hasAuthorities(String... authorities) { for (String authority : authorities) { if (!hasAuthority(authority)) { return false; } } return true; }
@Override public boolean isRememberMeAuthenticated() { final Authentication authentication = getAuthentication(); return authentication instanceof RememberMeAuthenticationToken && authentication.isAuthenticated(); }