Example 6 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit-oak by apache.
the class DefaultSyncHandlerTest method testRequiresSyncExpiredSyncProperty.
@Test
public void testRequiresSyncExpiredSyncProperty() throws Exception {
login(new SimpleCredentials(USER_ID, new char[0])).close();
root.refresh();
final Calendar nowCal = Calendar.getInstance();
nowCal.setTimeInMillis(nowCal.getTimeInMillis() - 1000);
Value nowValue = getValueFactory().createValue(nowCal);
Authorizable a = userManager.getAuthorizable(USER_ID);
a.setProperty(DefaultSyncContext.REP_LAST_SYNCED, nowValue);
root.commit();
SyncedIdentity id = syncHandler.findIdentity(userManager, USER_ID);
assertNotNull("known authorizable should exist", id);
assertTrue("synced id should require sync", syncHandler.requiresSync(id));
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
Calendar(java.util.Calendar)
Value(javax.jcr.Value)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
DefaultSyncedIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncedIdentity)
SyncedIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity)
Test(org.junit.Test)
Example 7 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit-oak by apache.
the class LoginImpersonateTest method beforeSuite.
@Override
public void beforeSuite() throws Exception {
super.beforeSuite();
// will be close upon super.tearDown
admin = loginAdministrative();
creds = new SimpleCredentials("anonymous", "".toCharArray());
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
Example 8 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit-oak by apache.
the class FlatTreeWithAceForSamePrincipalTest method beforeSuite.
@Override
protected void beforeSuite() throws Exception {
long start = System.currentTimeMillis();
admin = loginWriter();
userManager = ((JackrabbitSession) admin).getUserManager();
Principal userPrincipal = userManager.createUser(TEST_USER_ID, TEST_USER_ID).getPrincipal();
AccessControlManager acm = admin.getAccessControlManager();
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acm, "/");
acl.addEntry(userPrincipal, AccessControlUtils.privilegesFromNames(acm, PrivilegeConstants.JCR_READ), true);
acm.setPolicy("/", acl);
Node a = admin.getRootNode().addNode(ROOT_NODE_NAME, "nt:folder");
for (int i = 1; i < 10000; i++) {
a.addNode("node" + i, "nt:folder");
acl = AccessControlUtils.getAccessControlList(acm, ROOT_PATH + "/node" + i);
acl.addEntry(userPrincipal, AccessControlUtils.privilegesFromNames(acm, PrivilegeConstants.JCR_READ), true);
acm.setPolicy(ROOT_PATH + "/node" + i, acl);
}
admin.save();
reader = login(new SimpleCredentials(TEST_USER_ID, TEST_USER_ID.toCharArray()));
long end = System.currentTimeMillis();
System.out.println("setup time " + (end - start));
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
SimpleCredentials(javax.jcr.SimpleCredentials)
Node(javax.jcr.Node)
JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)
Principal(java.security.Principal)
Example 9 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit-oak by apache.
the class ClusterPermissionsTest method testPermissionPropagation.
@Test
public void testPermissionPropagation() throws Exception {
// create a "/testNode"
Tree node = root1.getTree("/").addChild("testNode");
node.setProperty(JcrConstants.JCR_PRIMARYTYPE, JcrConstants.NT_UNSTRUCTURED, Type.NAME);
// create 2 users
User user1 = userManager1.createUser("testUser1", "testUser1");
User user2 = userManager1.createUser("testUser2", "testUser2");
JackrabbitAccessControlList acl1 = AccessControlUtils.getAccessControlList(aclMgr1, "/testNode");
// deny jcr:all for everyone on /testNode
acl1.addEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(aclMgr1, "jcr:all"), false);
// allow jcr:read for testUser1 on /testNode
acl1.addEntry(user1.getPrincipal(), AccessControlUtils.privilegesFromNames(aclMgr1, "jcr:read"), true);
aclMgr1.setPolicy("/testNode", acl1);
root1.commit();
syncClusterNodes();
root2.refresh();
// login with testUser1 and testUser2 (on cluster node 2)
ContentSession session1 = contentRepository2.login(new SimpleCredentials("testUser1", "testUser1".toCharArray()), null);
ContentSession session2 = contentRepository2.login(new SimpleCredentials("testUser2", "testUser2".toCharArray()), null);
// testUser1 can read /testNode
assertTrue(session1.getLatestRoot().getTree("/testNode").exists());
// testUser2 cannot read /testNode
assertFalse(session2.getLatestRoot().getTree("/testNode").exists());
// now, allow jcr:read also for 'everyone' (on cluster node 1)
acl1 = AccessControlUtils.getAccessControlList(aclMgr1, "/testNode");
acl1.addEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(aclMgr1, "jcr:read"), true);
aclMgr1.setPolicy("/testNode", acl1);
root1.commit();
syncClusterNodes();
root2.refresh();
// testUser1 can read /testNode
assertTrue(session1.getLatestRoot().getTree("/testNode").exists());
// testUser2 can also read /testNode
assertTrue(session2.getLatestRoot().getTree("/testNode").exists());
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
User(org.apache.jackrabbit.api.security.user.User)
Tree(org.apache.jackrabbit.oak.api.Tree)
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList)
Test(org.junit.Test)
Example 10 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit by apache.
the class SessionImplTest method testGetSubject.
/**
* JCR-2895 : SessionImpl#getSubject() should return an unmodifiable subject
*
* @see <a href="https://issues.apache.org/jira/browse/JCR-2895">JCR-2895</a>
*/
public void testGetSubject() {
Subject subject = ((SessionImpl) superuser).getSubject();
assertFalse(subject.getPublicCredentials().isEmpty());
assertFalse(subject.getPublicCredentials(Credentials.class).isEmpty());
assertFalse(subject.getPrincipals().isEmpty());
assertTrue(subject.isReadOnly());
try {
subject.getPublicCredentials().add(new SimpleCredentials("test", new char[0]));
fail("Subject expected to be readonly");
} catch (IllegalStateException e) {
// success
}
try {
subject.getPrincipals().add(new PrincipalImpl("test"));
fail("Subject expected to be readonly");
} catch (IllegalStateException e) {
// success
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
SessionImpl(org.apache.jackrabbit.core.SessionImpl)
Subject(javax.security.auth.Subject)
PrincipalImpl(org.apache.jackrabbit.core.security.principal.PrincipalImpl)
Aggregations
SimpleCredentials (javax.jcr.SimpleCredentials)289
Test (org.junit.Test)142
Session (javax.jcr.Session)83
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)60
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)53
User (org.apache.jackrabbit.api.security.user.User)41
Credentials (javax.jcr.Credentials)39
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)35
UserManager (org.apache.jackrabbit.api.security.user.UserManager)34
LoginException (javax.security.auth.login.LoginException)30
Node (javax.jcr.Node)28
RepositoryException (javax.jcr.RepositoryException)25
Principal (java.security.Principal)22
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)21
GuestCredentials (javax.jcr.GuestCredentials)20
LoginException (javax.jcr.LoginException)19
TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)19
AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)18
Before (org.junit.Before)18
ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)17
