Examples with Subject ddf.security.Subject used on opensource projects

Example 36 with Subject

use of ddf.security.Subject in project ddf by codice.

the class AuthorizationFilterTest method testNoSubject.

@Test
public void testNoSubject() {
    FilterConfig filterConfig = mock(FilterConfig.class);
    ContextPolicyManager contextPolicyManager = new TestPolicyManager();
    contextPolicyManager.setContextPolicy(PATH, getMockContextPolicy());
    AuthorizationFilter loginFilter = new AuthorizationFilter(contextPolicyManager);
    try {
        loginFilter.init(filterConfig);
    } catch (ServletException e) {
        fail(e.getMessage());
    }
    HttpServletRequest servletRequest = getMockServletRequest();
    HttpServletResponse servletResponse = mock(HttpServletResponse.class);
    FilterChain filterChain = (request, response) -> fail("Should not have called doFilter without a valid Subject");
    try {
        loginFilter.doFilter(servletRequest, servletResponse, filterChain);
    } catch (IOException | ServletException e) {
        fail(e.getMessage());
    }
}

Example 37 with Subject

use of ddf.security.Subject in project ddf by codice.

the class AuthorizationFilterTest method testUnAuthorizedSubject.

@Test
public void testUnAuthorizedSubject() {
    FilterConfig filterConfig = mock(FilterConfig.class);
    ContextPolicyManager contextPolicyManager = new TestPolicyManager();
    contextPolicyManager.setContextPolicy(PATH, getMockContextPolicy());
    AuthorizationFilter loginFilter = new AuthorizationFilter(contextPolicyManager);
    try {
        loginFilter.init(filterConfig);
    } catch (ServletException e) {
        fail(e.getMessage());
    }
    Subject subject = mock(Subject.class);
    when(subject.isPermitted(any(CollectionPermission.class))).thenReturn(false);
    ThreadContext.bind(subject);
    HttpServletRequest servletRequest = getMockServletRequest();
    HttpServletResponse servletResponse = mock(HttpServletResponse.class);
    FilterChain filterChain = (request, response) -> fail("Should not have called doFilter without a valid Subject");
    try {
        loginFilter.doFilter(servletRequest, servletResponse, filterChain);
    } catch (IOException | ServletException e) {
        fail(e.getMessage());
    }
    ThreadContext.unbindSubject();
}

Example 38 with Subject

use of ddf.security.Subject in project ddf by codice.

the class SecurityManagerImplTest method testAuthToken.

/**
     * Creates mock objects and uses those to pass through the system when an authentication token
     * is used.
     *
     * @throws SecurityServiceException
     */
@Test
public void testAuthToken() throws SecurityServiceException {
    // mock setup
    SimplePrincipalCollection principals = new SimplePrincipalCollection();
    SecurityToken secToken = new SecurityToken();
    principals.add(secToken, REALM_NAME);
    AuthenticationToken authToken = mock(AuthenticationToken.class);
    when(authToken.getCredentials()).thenReturn("testUser");
    AuthenticationInfo info = mock(AuthenticationInfo.class);
    when(info.getPrincipals()).thenReturn(principals);
    // realm
    Realm realm = mock(Realm.class);
    when(realm.getAuthenticationInfo(authToken)).thenReturn(info);
    when(realm.supports(authToken)).thenReturn(Boolean.TRUE);
    when(realm.getName()).thenReturn(REALM_NAME);
    SecurityManagerImpl manager = new SecurityManagerImpl();
    manager.setRealms(Arrays.asList(new Realm[] { realm }));
    Subject subject = manager.getSubject(authToken);
    assertNotNull(subject);
}

Example 39 with Subject

use of ddf.security.Subject in project ddf by codice.

the class HistorianTest method setup.

@Before
public void setup() {
    historian = new Historian();
    uuidGenerator = mock(UuidGenerator.class);
    when(uuidGenerator.generateUuid()).thenReturn(UUID.randomUUID().toString());
    historian.setUuidGenerator(uuidGenerator);
    catalogProvider = mock(CatalogProvider.class);
    historian.setCatalogProviders(Collections.singletonList(catalogProvider));
    storageProvider = new InMemoryStorageProvider();
    historian.setStorageProviders(Collections.singletonList(storageProvider));
    historian.setFilterBuilder(new GeotoolsFilterBuilder());
    historian.setMetacardTypes(Collections.singletonList(BasicTypes.BASIC_METACARD));
    Security security = mock(Security.class);
    Subject subject = mock(MockSubject.class);
    when(subject.execute(any(Callable.class))).thenCallRealMethod();
    when(security.runAsAdmin(any(PrivilegedAction.class))).thenReturn(subject);
    historian.setSecurity(security);
}

Example 40 with Subject

use of ddf.security.Subject in project ddf by codice.

the class OperationPlugin method checkOperation.

/**
     * checkOperation will throw a StopProcessingException if the operation is not permitted
     * based on the the subjects attributes and the operations property "operation.security"
     *
     * @param operation The operation to check
     * @throws StopProcessingException
     */
private void checkOperation(Operation operation) throws StopProcessingException {
    if (!operation.hasProperties() || !operation.containsPropertyName(PolicyPlugin.OPERATION_SECURITY)) {
        return;
    }
    Object securityAssertion = operation.getPropertyValue(SecurityConstants.SECURITY_SUBJECT);
    Subject subject;
    if (securityAssertion instanceof Subject) {
        subject = (Subject) securityAssertion;
    } else {
        throw new StopProcessingException("Unable to filter contents of current message, no user Subject available.");
    }
    Map<String, Set<String>> perms = (Map<String, Set<String>>) operation.getPropertyValue(PolicyPlugin.OPERATION_SECURITY);
    KeyValueCollectionPermission securityPermission = new KeyValueCollectionPermission(CollectionPermission.READ_ACTION, perms);
    if (!subject.isPermitted(securityPermission)) {
        throw new StopProcessingException("User " + SubjectUtils.getName(subject, "UNKNOWN") + " does not have the required attributes " + perms);
    }
}