Example 21 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testOneAffirmativeVoteTwoAbstainVotesGrantsAccess.
@Test
public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
List<ConfigAttribute> config = SecurityConfig.createList("ROLE_2");
mgr.decide(auth, new Object(), config);
}
Also used :
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 22 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testThreeAbstainVotesGrantsAccessWithoutDefault.
@Test
public void testThreeAbstainVotesGrantsAccessWithoutDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
mgr.setAllowIfAllAbstainDecisions(true);
// check changed
assertThat(mgr.isAllowIfAllAbstainDecisions()).isTrue();
List<ConfigAttribute> config = SecurityConfig.createList("IGNORED_BY_ALL");
mgr.decide(auth, new Object(), config);
}
Also used :
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 23 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testOneDenyVoteTwoAbstainVotesDeniesAccess.
@Test
public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
List<ConfigAttribute> config = SecurityConfig.createList("ROLE_WE_DO_NOT_HAVE");
try {
mgr.decide(auth, new Object(), config);
fail("Should have thrown AccessDeniedException");
} catch (AccessDeniedException expected) {
}
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 24 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testThreeAbstainVotesDeniesAccessWithDefault.
@Test
public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
// check default
assertThat(!mgr.isAllowIfAllAbstainDecisions()).isTrue();
List<ConfigAttribute> config = SecurityConfig.createList("IGNORED_BY_ALL");
try {
mgr.decide(auth, new Object(), config);
fail("Should have thrown AccessDeniedException");
} catch (AccessDeniedException expected) {
}
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 25 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess.
@Test
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
List<ConfigAttribute> config = SecurityConfig.createList(new String[] { "ROLE_1", "DENY_FOR_SURE" });
try {
mgr.decide(auth, new Object(), config);
fail("Should have thrown AccessDeniedException");
} catch (AccessDeniedException expected) {
}
}
Also used :
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Aggregations
ConfigAttribute (org.springframework.security.access.ConfigAttribute)88
Test (org.junit.Test)54
SecurityConfig (org.springframework.security.access.SecurityConfig)21
FilterInvocation (org.springframework.security.web.FilterInvocation)15
AccessDeniedException (org.springframework.security.access.AccessDeniedException)13
MockMethodInvocation (org.springframework.security.access.intercept.method.MockMethodInvocation)12
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)10
ArrayList (java.util.ArrayList)9
LinkedHashMap (java.util.LinkedHashMap)8
Authentication (org.springframework.security.core.Authentication)8
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8
Collection (java.util.Collection)6
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)6
Method (java.lang.reflect.Method)5
List (java.util.List)5
MethodInvocation (org.aopalliance.intercept.MethodInvocation)5
GrantedAuthority (org.springframework.security.core.GrantedAuthority)5
RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)5
AuthorizationFailureEvent (org.springframework.security.access.event.AuthorizationFailureEvent)4
SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)4
