use of ddf.security.Subject in project ddf by codice.
the class AuthenticationEndpointTest method mockUser.
private void mockUser(String username, String password, String realm) throws SecurityServiceException {
Subject subject = mock(Subject.class);
SecurityAssertion securityAssertion = mock(SecurityAssertion.class);
SecurityToken securityToken = mock(SecurityToken.class);
when(securityAssertion.getSecurityToken()).thenReturn(securityToken);
PrincipalCollection collection = mock(PrincipalCollection.class);
Iterator iter = mock(Iterator.class);
when(iter.hasNext()).thenReturn(true, false);
when(iter.next()).thenReturn(securityAssertion);
when(collection.iterator()).thenReturn(iter);
when(subject.getPrincipals()).thenReturn(collection);
UPAuthenticationToken token = new UPAuthenticationToken(username, password, realm);
when(securityManager.getSubject(argThat(new UsernamePasswordTokenMatcher(token)))).thenReturn(subject);
}
use of ddf.security.Subject in project ddf by codice.
the class AuthenticationEndpoint method login.
@POST
public Response login(@Context HttpServletRequest request, @FormParam("username") String username, @FormParam("password") String password, @FormParam("prevurl") String prevurl) throws SecurityServiceException {
// Make sure we're using HTTPS
if (!request.isSecure()) {
throw new IllegalArgumentException("Authentication request must use TLS.");
}
HttpSession session = request.getSession(false);
if (session != null) {
session.invalidate();
}
// Get the realm from the previous url
String realm = BaseAuthenticationToken.DEFAULT_REALM;
ContextPolicy policy = contextPolicyManager.getContextPolicy(prevurl);
if (policy != null) {
realm = policy.getRealm();
}
// Create an authentication token
UPAuthenticationToken authenticationToken = new UPAuthenticationToken(username, password, realm);
// Authenticate
Subject subject = securityManager.getSubject(authenticationToken);
if (subject == null) {
throw new SecurityServiceException("Authentication failed");
}
for (Object principal : subject.getPrincipals()) {
if (principal instanceof SecurityAssertion) {
SecurityToken securityToken = ((SecurityAssertion) principal).getSecurityToken();
if (securityToken == null) {
LOGGER.debug("Cannot add null security token to session");
continue;
}
// Create a session and add the security token
session = sessionFactory.getOrCreateSession(request);
SecurityTokenHolder holder = (SecurityTokenHolder) session.getAttribute(SecurityConstants.SAML_ASSERTION);
holder.addSecurityToken(realm, securityToken);
}
}
// Redirect to the previous url
URI redirect = uriInfo.getBaseUriBuilder().replacePath(prevurl).build();
return Response.seeOther(redirect).build();
}
use of ddf.security.Subject in project ddf by codice.
the class CatalogFrameworkImplTest method testFederatedQueryPermissions.
@Test
public void testFederatedQueryPermissions() throws Exception {
MockEventProcessor eventAdmin = new MockEventProcessor();
MockMemoryProvider provider = new MockMemoryProvider("Provider", "Provider", "v1.0", "DDF", new HashSet<>(), true, new Date());
Map<String, CatalogStore> storeMap = new HashMap<>();
Map<String, FederatedSource> sourceMap = new HashMap<>();
Map<String, Set<String>> securityAttributes = new HashMap<>();
securityAttributes.put("role", Collections.singleton("myRole"));
MockCatalogStore store = new MockCatalogStore("catalogStoreId-1", true, securityAttributes);
storeMap.put(store.getId(), store);
sourceMap.put(store.getId(), store);
CatalogFramework framework = createDummyCatalogFramework(provider, storeMap, sourceMap, eventAdmin);
List<Metacard> metacards = new ArrayList<>();
MetacardImpl newCard = new MetacardImpl();
newCard.setId(null);
newCard.setContentTypeName("someType");
metacards.add(newCard);
Map<String, Serializable> reqProps = new HashMap<>();
HashSet<String> destinations = new HashSet<>();
//==== test writing to store and not local ====
destinations.add("catalogStoreId-1");
framework.create(new CreateRequestImpl(metacards, reqProps, destinations));
FilterBuilder builder = new GeotoolsFilterBuilder();
Subject subject = mock(Subject.class);
when(subject.isPermitted(any(KeyValueCollectionPermission.class))).thenReturn(true);
HashMap<String, Serializable> properties = new HashMap<>();
properties.put(SecurityConstants.SECURITY_SUBJECT, subject);
QueryImpl query = new QueryImpl(builder.attribute(Metacard.CONTENT_TYPE).is().like().text("someType"));
QueryRequestImpl request = new QueryRequestImpl(query, false, Collections.singletonList("catalogStoreId-1"), properties);
QueryResponse response = framework.query(request);
assertThat(response.getResults().size(), is(1));
}
use of ddf.security.Subject in project ddf by codice.
the class TestRegistryStore method setup.
@Before
public void setup() throws Exception {
parser = new XmlParser();
marshaller = new MetacardMarshaller(new XmlParser());
context = mock(BundleContext.class);
provider = mock(Converter.class);
cswSourceConfiguration = new CswSourceConfiguration();
factory = mock(SecureCxfClientFactory.class);
transformer = mock(TransformerManager.class);
encryptionService = mock(EncryptionService.class);
configAdmin = mock(ConfigurationAdmin.class);
configuration = mock(Configuration.class);
subject = mock(Subject.class);
queryResults = new ArrayList<>();
registryStore = spy(new RegistryStoreImpl(context, cswSourceConfiguration, provider, factory, encryptionService) {
@Override
protected void validateOperation() {
}
@Override
public boolean isAvailable() {
return availability;
}
@Override
protected SourceResponse query(QueryRequest queryRequest, ElementSetType elementSetName, List<QName> elementNames, Csw csw) throws UnsupportedQueryException {
if (queryResults == null) {
throw new UnsupportedQueryException("Test - Bad Query");
}
return new SourceResponseImpl(queryRequest, queryResults);
}
@Override
protected CapabilitiesType getCapabilities() {
return mock(CapabilitiesType.class);
}
@Override
public void configureCswSource() {
}
;
@Override
protected Subject getSystemSubject() {
return subject;
}
@Override
BundleContext getBundleContext() {
return context;
}
});
registryStore.setFilterBuilder(filterBuilder);
registryStore.setFilterAdapter(filterAdapter);
registryStore.setConfigAdmin(configAdmin);
registryStore.setMetacardMarshaller(new MetacardMarshaller(parser));
registryStore.setSchemaTransformerManager(transformer);
registryStore.setAutoPush(true);
registryStore.setRegistryUrl("http://test.url:0101/example");
properties = new Hashtable<>();
properties.put(RegistryStoreImpl.ID, "registryId");
registryStore.setMetacardMarshaller(marshaller);
when(configAdmin.getConfiguration(any())).thenReturn(configuration);
when(configuration.getProperties()).thenReturn(properties);
}
use of ddf.security.Subject in project ddf by codice.
the class ProfileInstallCommandTest method createSecurityMock.
private Security createSecurityMock() {
Subject subject = mock(Subject.class);
when(subject.execute(Matchers.<Callable<Object>>any())).thenAnswer(invocation -> {
Callable<Object> callable = (Callable<Object>) invocation.getArguments()[0];
return callable.call();
});
security = mock(Security.class);
when(security.getSystemSubject()).thenReturn(subject);
return security;
}
Aggregations