Produced by Araxis Merge on 12/13/2018 10:35:30 AM Eastern Standard Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | v12.5_iter_7_build 51.zip\TRM_Upgrade\src\main\java\gov\va\med\fw\security | SecurityContextHelper.java | Fri Dec 7 17:36:20 2018 UTC |
| 2 | v12.5_iter_7_build 51.zip\TRM_Upgrade\src\main\java\gov\va\med\fw\security | SecurityContextHelper.java | Wed Dec 12 22:28:00 2018 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 2 | 458 |
| Changed | 1 | 2 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | /********* ********** ********** ********** ********** ********** ********* | |
| 2 | * Copyrii ght 2004 V HA. All ri ghts reser ved | |
| 3 | ********* ********** ********** ********** ********** ********** *********/ | |
| 4 | package go v.va.med.f w.security ; | |
| 5 | ||
| 6 | import jav a.util.Arr ayList; | |
| 7 | import jav a.util.Col lection; | |
| 8 | import jav a.util.Col lections; | |
| 9 | import jav a.util.Ite rator; | |
| 10 | import jav a.util.Lis t; | |
| 11 | import jav a.util.Tim eZone; | |
| 12 | ||
| 13 | import jav ax.securit y.auth.log in.LoginEx ception; | |
| 14 | import jav ax.servlet .http.Http ServletReq uest; | |
| 15 | ||
| 16 | import org .springfra mework.sec urity.core .Authentic ation; | |
| 17 | import org .springfra mework.sec urity.core .GrantedAu thority; | |
| 18 | import org .springfra mework.sec urity.core .context.S ecurityCon textHolder ; | |
| 19 | ||
| 20 | import gov .va.med.fw .model.Use rPrincipal Impl; | |
| 21 | ||
| 22 | /** | |
| 23 | * Helper class to p rovide Sec urityConte xt related methods. This class provides | |
| 24 | * methods to load t he Securit yContext f rom a "wel l known pl ace". For web, well | |
| 25 | * known p lace is Ht tpSession, it return s the Secu rityContex t stored i n the | |
| 26 | * HttpSes sion at th e time of logon. For non-web, it creates the Secur ityContext | |
| 27 | * from Au thenticati on Object stored in a ThreadLo cal bound variable. | |
| 28 | * | |
| 29 | * @author D NS
|
|
| 30 | * @date M ay 5, 2005 | |
| 31 | */ | |
| 32 | public cla ss Securit yContextHe lper { | |
| 33 | ||
| 34 | /* * | |
| 35 | * Find and return the SecurityC ontext fro m a well k nown locat ion, a | |
| 36 | * ThreadLoc al bound v ariable in this case . | |
| 37 | * | |
| 38 | * @return S ecurityCon text if ex ists | |
| 39 | * @throws I llegalStat eException | |
| 40 | * if user is not lo gged in an d there is no inform ation stor ed | |
| 41 | * in a we ll know lo cation. | |
| 42 | * / | |
| 43 | pu blic stati c Security Context ge tSecurityC ontext() { | |
| 44 | if ( SecurityCo ntextHolde r.getConte xt() == nu ll | |
| 45 | || !(Sec urityConte xtHolder.g etContext( ) instance of org.spr ingframewo rk.securit y.core.con text.Secur ityContext )) | |
| 46 | throw new Illega lStateExce ption("Sec urityConte xt invalid : [" | |
| 47 | + Security ContextHol der.getCon text() + " context]. Probably not yet lo gged in.") ; | |
| 48 | ||
| 49 | org. springfram ework.secu rity.core. context.Se curityCont ext sc = ( org.spring framework. security.c ore.contex t.Security Context) S ecurityCon textHolder | |
| 50 | .getCont ext(); | |
| 51 | Auth entication authToken = sc.getA uthenticat ion(); | |
| 52 | if ( authToken != null) { | |
| 53 | if (au thToken in stanceof A uthenticat ionObject) { | |
| 54 | Authenti cationObje ct auth = (Authentic ationObjec t) authTok en; | |
| 55 | if (!aut h.isLogged In()) { | |
| 56 | throw new IllegalSta teExceptio n("Securit yContext i nvalid: No t yet logg ed in"); | |
| 57 | } | |
| 58 | auth.get UserPrinci pal().getU serCredent ials().set Verified(t rue); | |
| 59 | return n ew Securit yContext(a uth.getUse rPrincipal (), auth.g etAuthorit ies(), aut h | |
| 60 | .g etDetails( )); | |
| 61 | } | |
| 62 | ||
| 63 | // see ms like an onymous au thenticati on. make s ure check the | |
| 64 | // get Principal( ) since it can be: | |
| 65 | // 1) String if acegi crea ted the Au thenticati on object for us | |
| 66 | // 2) UserPrinci pal if ESR creates t he Authent ication ob ject via | |
| 67 | // Log inManager. loginAnony mous() | |
| 68 | Object prin = au thToken.ge tPrincipal (); | |
| 69 | if (pr in instanc eof String ) { | |
| 70 | prin = n ew UserPri ncipalImpl ((String) prin); | |
| 71 | ((UserPr incipalImp l) prin).s etAnonymou s(true); | |
| 72 | } | |
| 73 | return new Secur ityContext ((UserPrin cipal) pri n, authTok en.getAuth orities(), null); | |
| 74 | } | |
| 75 | // u ser has no t logged i n yet retu rn empty s ecurity co ntext | |
| 76 | retu rn new Sec urityConte xt(new Use rPrincipal Impl(), nu ll, null); | |
| 77 | } | |
| 78 | ||
| 79 | /* * | |
| 80 | * Get the S ecurityCon text from HttpServle tRequest. | |
| 81 | * | |
| 82 | * @param re quest | |
| 83 | * @return S ecurityCon text | |
| 84 | * / | |
| 85 | pu blic stati c Security Context ge tSecurityC ontext(Htt pServletRe quest requ est) { | |
| 86 | // a s getSecur ityContext should al ways retur n the same result, | |
| 87 | // t herefore n ot loading from the request. | |
| 88 | // T o get from request, may be nee d to refac tor Secure Action cla ss | |
| 89 | // a nd move th e code to put/get fr om session in the co mmon place . | |
| 90 | retu rn getSecu rityContex t(); | |
| 91 | } | |
| 92 | ||
| 93 | pu blic stati c UserPrin cipal getC urrentUser () { | |
| 94 | if ( SecurityCo ntextHolde r.getConte xt() == nu ll | |
| 95 | || !(Sec urityConte xtHolder.g etContext( ) instance of org.spr ingframewo rk.securit y.core.con text.Secur ityContext )) | |
| 96 | throw new Illega lStateExce ption("Sec urityConte xt invalid : [" | |
| 97 | + Security ContextHol der.getCon text() + " context]. Probably not yet lo gged in.") ; | |
| 98 | ||
| 99 | org. springfram ework.secu rity.core. context.Se curityCont ext sc = ( org.spring framework. security.c ore.contex t.Security Context) S ecurityCon textHolder | |
| 100 | .getCont ext(); | |
| 101 | Auth entication authToken = sc.getA uthenticat ion(); | |
| 102 | if ( authToken != null) { | |
| 103 | if (au thToken in stanceof A uthenticat ionObject) { | |
| 104 | Authenti cationObje ct auth = (Authentic ationObjec t) authTok en; | |
| 105 | if (!aut h.isLogged In()) { | |
| 106 | throw new IllegalSta teExceptio n("Securit yContext i nvalid: No t yet logg ed in"); | |
| 107 | } | |
| 108 | auth.get UserPrinci pal().getU serCredent ials().set Verified(t rue); | |
| 109 | return a uth.getUse rPrincipal (); | |
| 110 | } | |
| 111 | ||
| 112 | // see ms like an onymous au thenticati on. make s ure check the | |
| 113 | // get Principal( ) since it can be: | |
| 114 | // 1) String if acegi crea ted the Au thenticati on object for us | |
| 115 | // 2) UserPrinci pal if ESR creates t he Authent ication ob ject via | |
| 116 | // Log inManager. loginAnony mous() | |
| 117 | Object prin = au thToken.ge tPrincipal (); | |
| 118 | if (pr in instanc eof String ) { | |
| 119 | prin = n ew UserPri ncipalImpl ((String) prin); | |
| 120 | } | |
| 121 | return (UserPrin cipal) pri n; | |
| 122 | } | |
| 123 | // u ser has no t logged i n yet | |
| 124 | retu rn null; | |
| 125 | } | |
| 126 | ||
| 127 | /* * | |
| 128 | * Return th e user nam e or logic al id of t he given u ser. if lo gical id | |
| 129 | * exists, i ts returne d otherwis e username is return ed. | |
| 130 | * | |
| 131 | * @param us erPrincipa l | |
| 132 | * @return | |
| 133 | * / | |
| 134 | pu blic stati c String g etUserName (UserPrinc ipal userP rincipal) { | |
| 135 | if ( userPrinci pal != nul l) { | |
| 136 | return getUserNa me(userPri ncipal.get UserCreden tials()); | |
| 137 | } | |
| 138 | retu rn null; | |
| 139 | } | |
| 140 | ||
| 141 | pu blic stati c String g etUserTime Zone(UserP rincipal u serPrincip al) { | |
| 142 | if ( userPrinci pal != nul l && userP rincipal.g etCurrentT imeZone() != null) { | |
| 143 | return userPrinc ipal.getCu rrentTimeZ one().getI D(); | |
| 144 | } | |
| 145 | retu rn null; | |
| 146 | } | |
| 147 | ||
| 148 | pu blic stati c String g etUserName (UserCrede ntials cre d) { | |
| 149 | if ( cred != nu ll) { | |
| 150 | return cred.getL ogicalID() != null ? cred.getL ogicalID() : cred.ge tUserID(); | |
| 151 | } | |
| 152 | retu rn null; | |
| 153 | } | |
| 154 | ||
| 155 | pu blic stati c String g etUserName () { | |
| 156 | Secu rityContex t context = getSecur ityContext (); | |
| 157 | User Principal prin = con text != nu ll ? conte xt.getUser Principal( ) : null; | |
| 158 | retu rn getUser Name(prin) ; | |
| 159 | } | |
| 160 | ||
| 161 | pu blic stati c String g etUserTime Zone() { | |
| 162 | Secu rityContex t context = getSecur ityContext (); | |
| 163 | User Principal prin = con text != nu ll ? conte xt.getUser Principal( ) : null; | |
| 164 | retu rn getUser TimeZone(p rin); | |
| 165 | } | |
| 166 | ||
| 167 | /* * | |
| 168 | * Get the l ist of per missions g rated for the curren t user | |
| 169 | * | |
| 170 | * @return | |
| 171 | * / | |
| 172 | pu blic stati c List<Str ing> getGr antedPermi ssions() { | |
| 173 | org. springfram ework.secu rity.core. context.Se curityCont ext contex t = (org.s pringframe work.secur ity.core.c ontext.Sec urityConte xt) Securi tyContextH older | |
| 174 | .getCont ext(); | |
| 175 | ||
| 176 | if ( null == co ntext) | |
| 177 | return Collectio ns.emptyLi st(); | |
| 178 | ||
| 179 | Auth entication currentUs er = conte xt.getAuth entication (); | |
| 180 | //getAutho rities().s ize() chag ned from . length() | |
| 181 | if ( currentUse r == null || current User.getAu thorities( ) == null | |
| 182 | || curre ntUser.get Authoritie s().size() < 1) | |
| 183 | return Collectio ns.emptyLi st(); | |
| 184 | ||
| 185 | Coll ection<Gra ntedAuthor ity> autho rities = ( Collection <GrantedAu thority>) currentUse r.getAutho rities(); | |
| 186 | ||
| 187 | List <String> p ermissions = new Arr ayList<Str ing>(); | |
| 188 | Iter ator<Grant edAuthorit y> iter = authoritie s.iterator (); | |
| 189 | whil e(iter.has Next()) { | |
| 190 | Grante dAuthority current = iter.next (); | |
| 191 | permis sions.add( current.ge tAuthority ()); | |
| 192 | } | |
| 193 | ||
| 194 | retu rn permiss ions; | |
| 195 | } | |
| 196 | ||
| 197 | pu blic stati c boolean isAnyPermi ssionGrant ed(String[ ] permissi ons) { | |
| 198 | List <String> l ist = new ArrayList< String>(pe rmissions. length); | |
| 199 | for (int i = 0 ; i < perm issions.le ngth; i++) | |
| 200 | list.a dd(permiss ions[i]); | |
| 201 | retu rn isAnyPe rmissionGr anted(list ); | |
| 202 | } | |
| 203 | ||
| 204 | pu blic stati c boolean isAnyPermi ssionGrant ed(List<St ring> perm issions) { | |
| 205 | List <String> g rantedPerm issions = getGranted Permission s(); | |
| 206 | gran tedPermiss ions.retai nAll(permi ssions); | |
| 207 | retu rn granted Permission s.size() > 0 ? true : false; | |
| 208 | } | |
| 209 | ||
| 210 | pu blic stati c void ini tSecurityC ontextOnTh read(Login Manager lo ginManager , UserCred entials cr ed) | |
| 211 | throws LoginExce ption { | |
| 212 | init SecurityCo ntextOnThr ead(loginM anager, cr ed, null); | |
| 213 | } | |
| 214 | ||
| 215 | pu blic stati c void ini tSecurityC ontextOnTh read(Login Manager lo ginManager , UserCred entials cr ed, | |
| 216 | TimeZo ne current TimeZone) throws Log inExceptio n { | |
| 217 | if ( cred != nu ll && cred .isAnonymo us()) { | |
| 218 | loginM anager.log inAnonymou s(cred.get LogicalID( ), current TimeZone); | |
| 219 | } el se { | |
| 220 | // ens ure Contex t is non-n ull for th is Thread (needed si nce flushi ng | |
| 221 | // occ urs during below log in) | |
| 222 | loginM anager.log inAnonymou s(null, cu rrentTimeZ one); | |
| 223 | } | |
| 224 | ||
| 225 | // n ow that co ntext is n on-null fo r this Thr ead, if cr ed exists, use it | |
| 226 | if ( cred != nu ll && !cre d.isAnonym ous()) { | |
| 227 | loginM anager.log in(cred, c urrentTime Zone); | |
| 228 | } | |
| 229 | } | |
| 230 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.