use of ddf.security.common.PrincipalHolder in project ddf by codice.
the class LogoutServiceImplTest method initialize.
@BeforeClass
public static void initialize() {
sessionFactory = mock(SessionFactory.class);
HttpSession httpSession = mock(HttpSession.class);
PrincipalHolder principalHolder = mock(PrincipalHolder.class);
sm = mock(SecurityManager.class);
when(sessionFactory.getOrCreateSession(null)).thenReturn(httpSession);
when(httpSession.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY)).thenReturn(principalHolder);
when(principalHolder.getPrincipals()).thenReturn(new SimplePrincipalCollection());
}
use of ddf.security.common.PrincipalHolder in project ddf by codice.
the class LogoutServiceImpl method getActionProviders.
@Override
public String getActionProviders(HttpServletRequest request, HttpServletResponse response) throws SecurityServiceException {
HttpSession session = httpSessionFactory.getOrCreateSession(request);
Object principalCollection = ((PrincipalHolder) session.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY)).getPrincipals();
SessionToken sessionToken = new SessionToken(principalCollection, session.getId(), "127.0.0.1");
Subject subject = securityManager.getSubject(sessionToken);
Map<String, Object> subjectMap = new HashMap<>();
subjectMap.put("http_request", request);
subjectMap.put("http_response", response);
subjectMap.put(SecurityConstants.SECURITY_SUBJECT, subject);
Map<String, String> actionProperties = new HashMap<>();
for (ActionProvider actionProvider : logoutActionProviders) {
Action action = actionProvider.getAction(subjectMap);
if (action != null) {
String displayName = subjectOperations.getName(subject, "", true);
actionProperties.put("title", action.getTitle());
actionProperties.put("auth", displayName);
actionProperties.put("description", action.getDescription());
actionProperties.put("url", action.getUrl().toString());
}
}
return GSON.toJson(actionProperties);
}
use of ddf.security.common.PrincipalHolder in project ddf by codice.
the class LogoutServletTest method testNullSubject.
@Test()
public void testNullSubject() throws Exception {
ThreadContext.bind((Subject) null);
// Used for detecting basic auth
when(request.getHeaders(anyString())).thenReturn(new LogoutServletEnumeration());
// used for detecting pki
when(request.getAttribute("javax.servlet.request.X509Certificate")).thenReturn(new X509Certificate[] { mock(X509Certificate.class) });
PrincipalHolder principalHolderMock = mock(PrincipalHolder.class);
when(httpSession.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY)).thenReturn(principalHolderMock);
localLogoutServlet.doGet(request, response);
verify(httpSession).invalidate();
}
use of ddf.security.common.PrincipalHolder in project ddf by codice.
the class LogoutServletTest method testNullSystemProperty.
@Test
public void testNullSystemProperty() throws Exception {
// Used for detecting basic auth
when(request.getHeaders(anyString())).thenReturn(new LogoutServletEnumeration());
// used for detecting pki
when(request.getAttribute("javax.servlet.request.X509Certificate")).thenReturn(new X509Certificate[] { mock(X509Certificate.class) });
PrincipalHolder principalHolderMock = mock(PrincipalHolder.class);
when(httpSession.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY)).thenReturn(principalHolderMock);
localLogoutServlet.doGet(request, response);
verify(httpSession).invalidate();
}
use of ddf.security.common.PrincipalHolder in project ddf by codice.
the class LogoutServletTest method testLocalLogout.
@Test
public void testLocalLogout() throws Exception {
PrincipalHolder principalHolderMock = mock(PrincipalHolder.class);
when(principalHolderMock.getPrincipals()).thenReturn(mock(PrincipalCollection.class));
when(httpSession.getAttribute(SecurityConstants.SECURITY_TOKEN_KEY)).thenReturn(principalHolderMock);
localLogoutServlet.doGet(request, response);
verify(httpSession).invalidate();
verify(response).sendRedirect("https://localhost:8993/logout?mustCloseBrowser=true");
verify(principalHolderMock).remove();
}
Aggregations