use of ddf.security.Subject in project ddf by codice.
the class TestRegistryStore method testInit.
@Test
public void testInit() throws Exception {
RegistryStoreImpl registryStore = spy(new RegistryStoreImpl(context, cswSourceConfiguration, provider, factory, encryptionService) {
@Override
protected void validateOperation() {
}
@Override
public boolean isAvailable() {
return availability;
}
@Override
protected SourceResponse query(QueryRequest queryRequest, ElementSetType elementSetName, List<QName> elementNames, Csw csw) throws UnsupportedQueryException {
if (queryResults == null) {
throw new UnsupportedQueryException("Test - Bad Query");
}
return new SourceResponseImpl(queryRequest, queryResults);
}
@Override
public SourceResponse query(QueryRequest request) throws UnsupportedQueryException {
return new SourceResponseImpl(request, Collections.singletonList(new Result() {
@Override
public Metacard getMetacard() {
MetacardImpl metacard = new MetacardImpl();
metacard.setAttribute(RegistryObjectMetacardType.REGISTRY_ID, "registryId");
metacard.setAttribute(Metacard.TITLE, "title");
return metacard;
}
@Override
public Double getRelevanceScore() {
return null;
}
@Override
public Double getDistanceInMeters() {
return null;
}
}));
}
@Override
protected CapabilitiesType getCapabilities() {
return mock(CapabilitiesType.class);
}
@Override
public void configureCswSource() {
}
;
@Override
protected Subject getSystemSubject() {
return subject;
}
@Override
BundleContext getBundleContext() {
return context;
}
});
registryStore.setFilterBuilder(filterBuilder);
registryStore.setFilterAdapter(filterAdapter);
registryStore.setConfigAdmin(configAdmin);
registryStore.setMetacardMarshaller(new MetacardMarshaller(parser));
registryStore.setSchemaTransformerManager(transformer);
registryStore.setAutoPush(true);
registryStore.setRegistryUrl("http://test.url:0101/example");
properties = new Hashtable<>();
properties.put(RegistryStoreImpl.ID, "registryId");
registryStore.setMetacardMarshaller(marshaller);
Csw csw = mock(Csw.class);
when(factory.getClientForSubject(any())).thenReturn(csw);
cswSourceConfiguration.setCswUrl("https://localhost");
cswSourceConfiguration.setPollIntervalMinutes(1);
queryResults.add(new ResultImpl(getDefaultMetacard()));
registryStore.init();
assertThat(registryStore.getRegistryId(), is("registryId"));
}
use of ddf.security.Subject in project ddf by codice.
the class ProfileInstallCommand method executeAsSystem.
private <T> T executeAsSystem(Callable<T> func) {
Subject systemSubject = security.getSystemSubject();
LOGGER.debug("System Subject retrieved: " + SubjectUtils.getName(systemSubject));
if (systemSubject == null) {
printError(SECURITY_ERROR);
throw new IllegalStateException(SECURITY_ERROR);
}
return systemSubject.execute(func);
}
use of ddf.security.Subject in project ddf by codice.
the class LoginFilter method doFilter.
/**
* Validates an attached SAML assertion, or exchanges any other incoming
* token for a SAML assertion via the STS.
*
* @param request
* @param response
* @param chain
* @throws IOException
* @throws ServletException
*/
@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
LOGGER.debug("Performing doFilter() on LoginFilter");
HttpServletRequest httpRequest = (HttpServletRequest) request;
if (request.getAttribute(ContextPolicy.NO_AUTH_POLICY) != null) {
LOGGER.debug("NO_AUTH_POLICY header was found, skipping login filter.");
chain.doFilter(request, response);
} else {
// perform validation
final Subject subject = validateRequest(httpRequest);
if (subject != null) {
httpRequest.setAttribute(SecurityConstants.SECURITY_SUBJECT, subject);
LOGGER.debug("Now performing request as user {} for {}", subject.getPrincipal(), StringUtils.isNotBlank(httpRequest.getContextPath()) ? httpRequest.getContextPath() : httpRequest.getServletPath());
subject.execute(() -> {
PrivilegedExceptionAction<Void> action = () -> {
chain.doFilter(request, response);
return null;
};
SecurityAssertion securityAssertion = subject.getPrincipals().oneByType(SecurityAssertion.class);
if (null != securityAssertion) {
HashSet emptySet = new HashSet();
javax.security.auth.Subject javaSubject = new javax.security.auth.Subject(true, securityAssertion.getPrincipals(), emptySet, emptySet);
javax.security.auth.Subject.doAs(javaSubject, action);
} else {
LOGGER.debug("Subject had no security assertion.");
}
return null;
});
} else {
LOGGER.debug("Could not attach subject to http request.");
}
}
}
use of ddf.security.Subject in project ddf by codice.
the class SecurityPluginTest method testBadSubjectCase.
@Test
public void testBadSubjectCase() throws Exception {
Subject mockSubject = mock(Subject.class);
ThreadContext.bind(mockSubject);
CreateRequest request = new MockCreateRequest();
request.getProperties().put(SecurityConstants.SECURITY_SUBJECT, new HashMap<>());
SecurityPlugin plugin = new SecurityPlugin();
request = plugin.processPreCreate(request);
assertThat(request.getPropertyValue(SecurityConstants.SECURITY_SUBJECT), equalTo(mockSubject));
}
use of ddf.security.Subject in project ddf by codice.
the class SecurityPluginTest method setupMockSubject.
private Subject setupMockSubject() {
XSString mockAttributeValue = mock(XSString.class);
when(mockAttributeValue.getValue()).thenReturn(TEST_USER);
List<XMLObject> listOfAttributeValues = Arrays.asList(mockAttributeValue);
Attribute mockAttribute = mock(Attribute.class);
when(mockAttribute.getName()).thenReturn(SubjectUtils.EMAIL_ADDRESS_CLAIM_URI);
when(mockAttribute.getAttributeValues()).thenReturn(listOfAttributeValues);
List<Attribute> listOfAttributes = Arrays.asList(mockAttribute);
AttributeStatement mockAttributeStatement = mock(AttributeStatement.class);
when(mockAttributeStatement.getAttributes()).thenReturn(listOfAttributes);
List<AttributeStatement> listOfAttributeStatements = Arrays.asList(mockAttributeStatement);
Subject mockSubject = mock(Subject.class);
PrincipalCollection mockPrincipals = mock(PrincipalCollection.class);
SecurityAssertion mockSecurityAssertion = mock(SecurityAssertion.class);
when(mockSecurityAssertion.getAttributeStatements()).thenReturn(listOfAttributeStatements);
when(mockPrincipals.oneByType(SecurityAssertion.class)).thenReturn(mockSecurityAssertion);
when(mockSubject.getPrincipals()).thenReturn(mockPrincipals);
return mockSubject;
}
Aggregations