public boolean isSwitched(Authentication authentication, String attribute) { if (!IS_SWITCHED.equals(attribute)) { return false; } Collection<? extends GrantedAuthority> authorities = authentication .getAuthorities(); for (GrantedAuthority auth : authorities) { if (auth instanceof SwitchUserGrantedAuthority) { return true; } } return false; }
/** * @return if there is a switched user return the original one, returns null if there is no * switched user */ public static Authentication getOriginalAuthentication() { // need to check to see if the current user has a SwitchUserGrantedAuthority Authentication current = SecurityContextHolder.getContext().getAuthentication(); if (current == null) { return null; } Authentication original = null; // iterate over granted authorities and find the 'switch user' authority Collection<? extends GrantedAuthority> authorities = current.getAuthorities(); for (GrantedAuthority auth : authorities) { // check for switch user type of authority if (auth instanceof SwitchUserGrantedAuthority) { original = ((SwitchUserGrantedAuthority) auth).getSource(); LOGGER.debug("Found original switch user granted authority [ {} ]", original); } } return original; }
public String findCurrentSupervisorUsername() { String supervisorUsername = null; Authentication auth = SecurityContextHolder.getContext().getAuthentication(); // Switch User Par un Supervisor ? for (GrantedAuthority a : auth.getAuthorities()) { if (a instanceof SwitchUserGrantedAuthority) { supervisorUsername = ((SwitchUserGrantedAuthority)a).getSource().getName(); } } return supervisorUsername; }
/** * Create an authentication for the target user that will contain the current auth as granted * authentication. This method does not do any checking if the current user is actually alowed * to do the switching (therefore it is a private method). * * @param targetUser * the user for the new authentication * @return the authentication of the target user */ private static Authentication createSwitchUserAuthentication(User targetUser) { UsernamePasswordAuthenticationToken targetUserAuthentication; Authentication currentAuth; try { // Check first if we are already switched. currentAuth = removeSwitchedUser(); } catch (AuthenticationCredentialsNotFoundException e) { currentAuth = SecurityContextHolder.getContext().getAuthentication(); } org.springframework.security.core.userdetails.User targetUserDetails = new UserDetails( targetUser, targetUser.getAlias()); GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(ROLE_SWITCH_ORGINAL_USER, currentAuth); // add the new switch user authority List<GrantedAuthority> newAuths = new ArrayList<GrantedAuthority>(); for (GrantedAuthority authority : targetUserDetails.getAuthorities()) { // only use roles that are allowed if (ALLOWED_SWITCH_ROLE_NAMES.contains(authority.getAuthority())) { newAuths.add(authority); } } newAuths.add(switchAuthority); // create the new authentication token targetUserAuthentication = new UsernamePasswordAuthenticationToken(targetUserDetails, targetUser.getPassword(), newAuths); return targetUserAuthentication; }
public static boolean isSwitchedUser() { final Authentication authentication = SecurityContextHolder.getContext() .getAuthentication(); if (authentication == null) { return false; } for (final GrantedAuthority grantedAuthority : authentication.getAuthorities()) { if (grantedAuthority instanceof SwitchUserGrantedAuthority) { return true; } } return false; }
public static String getSwitchedUsername(Authentication authentication) { for (GrantedAuthority auth : authentication.getAuthorities()) { if (auth instanceof SwitchUserGrantedAuthority) { return ((SwitchUserGrantedAuthority)auth).getSource().getName(); } } return null; }
public void logActionFile(String action, List<PosteCandidature> postecandidatures, HttpServletRequest request, Date currentTime) { LogFile logFile = new LogFile(); String userId = SecurityContextHolder.getContext().getAuthentication().getName(); // Switch User par un admin / super-manager ? for (GrantedAuthority a : SecurityContextHolder.getContext().getAuthentication().getAuthorities()) { if (a instanceof SwitchUserGrantedAuthority) { userId = ((SwitchUserGrantedAuthority)a).getSource().getName() + " [SU] " + userId; } } logFile.setUserId(userId); Set<String> numEmplois = new HashSet<String>(); for(PosteCandidature postecandidature: postecandidatures) { numEmplois.add(postecandidature.getPoste().getNumEmploi()); } logFile.setNumEmploi(StringUtils.join(numEmplois, "#")); logFile.setIp(request.getRemoteAddr()); logFile.setAction(action); logFile.setActionDate(currentTime); logFile.setFilename("##EXPORT##"); // uer-agent String userAgent = request.getHeader("User-Agent"); logFile.setUserAgent(userAgent); logFile.persist(); }
public void logActionPosteFile(String action, PosteAPourvoir poste, DematFile dematFile, HttpServletRequest request, Date currentTime) { LogPosteFile logFile = new LogPosteFile(); String userId = SecurityContextHolder.getContext().getAuthentication().getName(); // Switch User par un admin / super-manager ? for (GrantedAuthority a : SecurityContextHolder.getContext().getAuthentication().getAuthorities()) { if (a instanceof SwitchUserGrantedAuthority) { userId = ((SwitchUserGrantedAuthority)a).getSource().getName() + " [SU] " + userId; } } logFile.setEmail(userId); logFile.setNumEmploi(poste.getNumEmploi()); logFile.setIp(request.getRemoteAddr()); logFile.setAction(action); logFile.setActionDate(currentTime); if(dematFile != null) { logFile.setFilename(dematFile.getFilename()); logFile.setFileSize(dematFile.getFileSizeFormatted()); } // uer-agent String userAgent = request.getHeader("User-Agent"); logFile.setUserAgent(userAgent); logFile.persist(); }
public void logActionFile(String action, PosteCandidature postecandidature, DematFile dematFile, HttpServletRequest request, Date currentTime) { User candidat = postecandidature.getCandidat(); PosteAPourvoir poste = postecandidature.getPoste(); LogFile logFile = new LogFile(); String userId = SecurityContextHolder.getContext().getAuthentication().getName(); // Switch User par un admin / super-manager ? for (GrantedAuthority a : SecurityContextHolder.getContext().getAuthentication().getAuthorities()) { if (a instanceof SwitchUserGrantedAuthority) { userId = ((SwitchUserGrantedAuthority)a).getSource().getName() + " [SU] " + userId; } } logFile.setUserId(userId); logFile.setNumEmploi(poste.getNumEmploi()); logFile.setIp(request.getRemoteAddr()); logFile.setAction(action); logFile.setActionDate(currentTime); if(dematFile != null) { logFile.setFilename(dematFile.getFilename()); logFile.setFileSize(dematFile.getFileSizeFormatted()); } logFile.setCivilite(candidat.getCivilite()); logFile.setEmail(candidat.getEmailAddress()); logFile.setNom(candidat.getNom()); logFile.setNumCandidat(candidat.getNumCandidat()); logFile.setPrenom(candidat.getPrenom()); // uer-agent String userAgent = request.getHeader("User-Agent"); logFile.setUserAgent(userAgent); logFile.persist(); }