Examples with Constraint org.eclipse.jetty.util.security.Constraint used on opensource projects

Search in sources :

Example 11 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class ConstraintTest method getConstraintMappings.

private List<ConstraintMapping> getConstraintMappings() {
    Constraint constraint0 = new Constraint();
    constraint0.setAuthenticate(true);
    constraint0.setName("forbid");
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/forbid/*");
    mapping0.setConstraint(constraint0);
    Constraint constraint1 = new Constraint();
    constraint1.setAuthenticate(true);
    constraint1.setName("auth");
    constraint1.setRoles(new String[] { Constraint.ANY_ROLE });
    ConstraintMapping mapping1 = new ConstraintMapping();
    mapping1.setPathSpec("/auth/*");
    mapping1.setConstraint(constraint1);
    Constraint constraint2 = new Constraint();
    constraint2.setAuthenticate(true);
    constraint2.setName("admin");
    constraint2.setRoles(new String[] { "administrator" });
    ConstraintMapping mapping2 = new ConstraintMapping();
    mapping2.setPathSpec("/admin/*");
    mapping2.setConstraint(constraint2);
    mapping2.setMethod("GET");
    Constraint constraint3 = new Constraint();
    constraint3.setAuthenticate(false);
    constraint3.setName("relax");
    ConstraintMapping mapping3 = new ConstraintMapping();
    mapping3.setPathSpec("/admin/relax/*");
    mapping3.setConstraint(constraint3);
    Constraint constraint4 = new Constraint();
    constraint4.setAuthenticate(true);
    constraint4.setName("loginpage");
    constraint4.setRoles(new String[] { "administrator" });
    ConstraintMapping mapping4 = new ConstraintMapping();
    mapping4.setPathSpec("/testLoginPage");
    mapping4.setConstraint(constraint4);
    Constraint constraint5 = new Constraint();
    constraint5.setAuthenticate(false);
    constraint5.setName("allow forbidden POST");
    ConstraintMapping mapping5 = new ConstraintMapping();
    mapping5.setPathSpec("/forbid/post");
    mapping5.setConstraint(constraint5);
    mapping5.setMethod("POST");
    Constraint constraint6 = new Constraint();
    constraint6.setAuthenticate(false);
    constraint6.setName("data constraint");
    constraint6.setDataConstraint(2);
    ConstraintMapping mapping6 = new ConstraintMapping();
    mapping6.setPathSpec("/data/*");
    mapping6.setConstraint(constraint6);
    Constraint constraint7 = new Constraint();
    constraint7.setAuthenticate(true);
    constraint7.setName("** constraint");
    //the "user" role is superfluous once ** has been defined
    constraint7.setRoles(new String[] { Constraint.ANY_AUTH, "user" });
    ConstraintMapping mapping7 = new ConstraintMapping();
    mapping7.setPathSpec("/starstar/*");
    mapping7.setConstraint(constraint7);
    return Arrays.asList(mapping0, mapping1, mapping2, mapping3, mapping4, mapping5, mapping6, mapping7);
}
Also used : Constraint(org.eclipse.jetty.util.security.Constraint)

Example 12 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class DataConstraintsTest method testConfidentialWithRolesSetAndMethodRestrictionAndAuthenticationRequired.

@Test
public void testConfidentialWithRolesSetAndMethodRestrictionAndAuthenticationRequired() throws Exception {
    Constraint constraint0 = new Constraint();
    constraint0.setRoles(new String[] { "admin" });
    constraint0.setAuthenticate(true);
    constraint0.setName("confid");
    constraint0.setDataConstraint(Constraint.DC_CONFIDENTIAL);
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/confid/*");
    mapping0.setMethod(HttpMethod.POST.asString());
    mapping0.setConstraint(constraint0);
    _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { mapping0 }));
    DefaultIdentityService identityService = new DefaultIdentityService();
    _security.setLoginService(new CustomLoginService(identityService));
    _security.setIdentityService(identityService);
    _security.setAuthenticator(new BasicAuthenticator());
    _server.start();
    String response;
    response = _connector.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connectorS.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connector.getResponses("POST /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 302 Found"));
    response = _connectorS.getResponses("POST /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 401 Unauthorized"));
    response = _connector.getResponses("GET /ctx/confid/info HTTP/1.0\r\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connector.getResponses("POST /ctx/confid/info HTTP/1.0\r\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 302 Found"));
    response = _connectorS.getResponses("POST /ctx/confid/info HTTP/1.0\r\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
}
Also used : BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator) Constraint(org.eclipse.jetty.util.security.Constraint) Test(org.junit.Test)

Example 13 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class DataConstraintsTest method testConfidentialWithNoRolesSetAndNoMethodRestriction.

@Test
public void testConfidentialWithNoRolesSetAndNoMethodRestriction() throws Exception {
    Constraint constraint0 = new Constraint();
    constraint0.setName("confid");
    constraint0.setDataConstraint(Constraint.DC_CONFIDENTIAL);
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/confid/*");
    mapping0.setConstraint(constraint0);
    _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { mapping0 }));
    _server.start();
    String response;
    response = _connector.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 302 Found"));
    response = _connectorS.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
}
Also used : Constraint(org.eclipse.jetty.util.security.Constraint) Test(org.junit.Test)

Example 14 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class DataConstraintsTest method testRestrictedWithoutAuthenticator.

@Test
public void testRestrictedWithoutAuthenticator() throws Exception {
    Constraint constraint0 = new Constraint();
    constraint0.setAuthenticate(true);
    constraint0.setRoles(new String[] { "admin" });
    constraint0.setName("restricted");
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/restricted/*");
    mapping0.setConstraint(constraint0);
    _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { mapping0 }));
    _server.start();
    String response;
    response = _connector.getResponses("GET /ctx/restricted/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 403 Forbidden"));
    response = _connectorS.getResponses("GET /ctx/restricted/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 403 Forbidden"));
    response = _connector.getResponses("GET /ctx/restricted/info HTTP/1.0\r\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 403 Forbidden"));
    response = _connectorS.getResponses("GET /ctx/restricted/info HTTP/1.0\r\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 403 Forbidden"));
}
Also used : Constraint(org.eclipse.jetty.util.security.Constraint) Test(org.junit.Test)

Example 15 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class DataConstraintsTest method testIntegral.

@Test
public void testIntegral() throws Exception {
    Constraint constraint0 = new Constraint();
    constraint0.setAuthenticate(false);
    constraint0.setName("integral");
    constraint0.setDataConstraint(Constraint.DC_INTEGRAL);
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/integral/*");
    mapping0.setConstraint(constraint0);
    _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { mapping0 }));
    _server.start();
    String response;
    response = _connector.getResponses("GET /ctx/some/thing HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connector.getResponses("GET /ctx/integral/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 302 Found"));
    Assert.assertThat(response, Matchers.containsString("Location: BWTP://"));
    Assert.assertThat(response, Matchers.containsString(":9999"));
    response = _connectorS.getResponses("GET /ctx/integral/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
}
Also used : Constraint(org.eclipse.jetty.util.security.Constraint) Test(org.junit.Test)

Aggregations

Constraint (org.eclipse.jetty.util.security.Constraint)78 ConstraintMapping (org.eclipse.jetty.security.ConstraintMapping)46 ConstraintSecurityHandler (org.eclipse.jetty.security.ConstraintSecurityHandler)34 BasicAuthenticator (org.eclipse.jetty.security.authentication.BasicAuthenticator)27 HashLoginService (org.eclipse.jetty.security.HashLoginService)20 Test (org.junit.Test)15 Server (org.eclipse.jetty.server.Server)13 ArrayList (java.util.ArrayList)9 WebAppContext (org.eclipse.jetty.webapp.WebAppContext)8 Password (org.eclipse.jetty.util.security.Password)7 HashSet (java.util.HashSet)6 File (java.io.File)5 IOException (java.io.IOException)5 ResourceHandler (org.eclipse.jetty.server.handler.ResourceHandler)5 LoginService (org.eclipse.jetty.security.LoginService)4 ServerConnector (org.eclipse.jetty.server.ServerConnector)4 ContextHandler (org.eclipse.jetty.server.handler.ContextHandler)4 HandlerList (org.eclipse.jetty.server.handler.HandlerList)4 ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)4 ServletHolder (org.eclipse.jetty.servlet.ServletHolder)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial