Examples with ApplicationEventPublisher org.springframework.context.ApplicationEventPublisher used on opensource projects

Search in sources :

Example 6 with ApplicationEventPublisher

use of org.springframework.context.ApplicationEventPublisher in project spring-security by spring-projects.

the class DefaultSessionAuthenticationStrategyTests method onlySavedRequestAttributeIsMigratedIfMigrateAttributesIsFalseWithEventPublisher.

// SEC-2002
@Test
public void onlySavedRequestAttributeIsMigratedIfMigrateAttributesIsFalseWithEventPublisher() throws Exception {
    SessionFixationProtectionStrategy strategy = new SessionFixationProtectionStrategy();
    strategy.setMigrateSessionAttributes(false);
    HttpServletRequest request = new MockHttpServletRequest();
    HttpSession session = request.getSession();
    session.setAttribute("blah", "blah");
    session.setAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY", "DefaultSavedRequest");
    String oldSessionId = session.getId();
    ApplicationEventPublisher eventPublisher = mock(ApplicationEventPublisher.class);
    strategy.setApplicationEventPublisher(eventPublisher);
    Authentication mockAuthentication = mock(Authentication.class);
    strategy.onAuthentication(mockAuthentication, request, new MockHttpServletResponse());
    ArgumentCaptor<ApplicationEvent> eventArgumentCaptor = ArgumentCaptor.forClass(ApplicationEvent.class);
    verify(eventPublisher).publishEvent(eventArgumentCaptor.capture());
    assertThat(request.getSession().getAttribute("blah")).isNull();
    assertThat(request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY")).isNotNull();
    assertThat(eventArgumentCaptor.getValue()).isNotNull();
    assertThat(eventArgumentCaptor.getValue() instanceof SessionFixationProtectionEvent).isTrue();
    SessionFixationProtectionEvent event = (SessionFixationProtectionEvent) eventArgumentCaptor.getValue();
    assertThat(event.getOldSessionId()).isEqualTo(oldSessionId);
    assertThat(event.getNewSessionId()).isEqualTo(request.getSession().getId());
    assertThat(event.getAuthentication()).isSameAs(mockAuthentication);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpSession(javax.servlet.http.HttpSession) Authentication(org.springframework.security.core.Authentication) SessionFixationProtectionEvent(org.springframework.security.web.authentication.session.SessionFixationProtectionEvent) ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher) ApplicationEvent(org.springframework.context.ApplicationEvent) SessionFixationProtectionStrategy(org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 7 with ApplicationEventPublisher

use of org.springframework.context.ApplicationEventPublisher in project spring-security by spring-projects.

the class DefaultSessionAuthenticationStrategyTests method newSessionIsCreatedIfSessionAlreadyExistsWithEventPublisher.

// SEC-2002
@Test
public void newSessionIsCreatedIfSessionAlreadyExistsWithEventPublisher() throws Exception {
    SessionFixationProtectionStrategy strategy = new SessionFixationProtectionStrategy();
    HttpServletRequest request = new MockHttpServletRequest();
    HttpSession session = request.getSession();
    session.setAttribute("blah", "blah");
    session.setAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY", "DefaultSavedRequest");
    String oldSessionId = session.getId();
    ApplicationEventPublisher eventPublisher = mock(ApplicationEventPublisher.class);
    strategy.setApplicationEventPublisher(eventPublisher);
    Authentication mockAuthentication = mock(Authentication.class);
    strategy.onAuthentication(mockAuthentication, request, new MockHttpServletResponse());
    ArgumentCaptor<ApplicationEvent> eventArgumentCaptor = ArgumentCaptor.forClass(ApplicationEvent.class);
    verify(eventPublisher).publishEvent(eventArgumentCaptor.capture());
    assertThat(oldSessionId.equals(request.getSession().getId())).isFalse();
    assertThat(request.getSession().getAttribute("blah")).isNotNull();
    assertThat(request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY")).isNotNull();
    assertThat(eventArgumentCaptor.getValue()).isNotNull();
    assertThat(eventArgumentCaptor.getValue() instanceof SessionFixationProtectionEvent).isTrue();
    SessionFixationProtectionEvent event = (SessionFixationProtectionEvent) eventArgumentCaptor.getValue();
    assertThat(event.getOldSessionId()).isEqualTo(oldSessionId);
    assertThat(event.getNewSessionId()).isEqualTo(request.getSession().getId());
    assertThat(event.getAuthentication()).isSameAs(mockAuthentication);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpSession(javax.servlet.http.HttpSession) Authentication(org.springframework.security.core.Authentication) SessionFixationProtectionEvent(org.springframework.security.web.authentication.session.SessionFixationProtectionEvent) ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher) ApplicationEvent(org.springframework.context.ApplicationEvent) SessionFixationProtectionStrategy(org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

ApplicationEventPublisher (org.springframework.context.ApplicationEventPublisher)7 Authentication (org.springframework.security.core.Authentication)6 Test (org.junit.Test)3 AuthenticationFailureDisabledEvent (org.springframework.security.authentication.event.AuthenticationFailureDisabledEvent)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpSession (javax.servlet.http.HttpSession)2 ApplicationEvent (org.springframework.context.ApplicationEvent)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2 AuthenticationException (org.springframework.security.core.AuthenticationException)2 SessionFixationProtectionEvent (org.springframework.security.web.authentication.session.SessionFixationProtectionEvent)2 SessionFixationProtectionStrategy (org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy)2 StompEncoder (org.springframework.messaging.simp.stomp.StompEncoder)1 StompHeaderAccessor (org.springframework.messaging.simp.stomp.StompHeaderAccessor)1 AuthenticationFailureBadCredentialsEvent (org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent)1 AuthenticationFailureCredentialsExpiredEvent (org.springframework.security.authentication.event.AuthenticationFailureCredentialsExpiredEvent)1 AuthenticationFailureExpiredEvent (org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent)1 AuthenticationFailureLockedEvent (org.springframework.security.authentication.event.AuthenticationFailureLockedEvent)1 AuthenticationFailureProviderNotFoundEvent (org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent)1 AuthenticationFailureServiceExceptionEvent (org.springframework.security.authentication.event.AuthenticationFailureServiceExceptionEvent)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial