Search in sources :

Example 1 with SessionFactory

use of ddf.security.http.SessionFactory in project ddf by codice.

the class TestLogoutService method initialize.

@BeforeClass
public static void initialize() {
    Map<String, SecurityToken> realmTokenMap = new HashMap<>();
    realmTokenMap.put("karaf", new SecurityToken());
    realmTokenMap.put("ldap", new SecurityToken());
    sessionFactory = mock(SessionFactory.class);
    HttpSession httpSession = mock(HttpSession.class);
    SecurityTokenHolder securityTokenHolder = mock(SecurityTokenHolder.class);
    sm = mock(SecurityManager.class);
    when(sessionFactory.getOrCreateSession(null)).thenReturn(httpSession);
    when(httpSession.getAttribute(SecurityConstants.SAML_ASSERTION)).thenReturn(securityTokenHolder);
    when(securityTokenHolder.getRealmTokenMap()).thenReturn(realmTokenMap);
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SessionFactory(ddf.security.http.SessionFactory) SecurityTokenHolder(ddf.security.common.SecurityTokenHolder) SecurityManager(ddf.security.service.SecurityManager) HashMap(java.util.HashMap) HttpSession(javax.servlet.http.HttpSession) BeforeClass(org.junit.BeforeClass)

Example 2 with SessionFactory

use of ddf.security.http.SessionFactory in project ddf by codice.

the class LogoutRequestServiceTest method setup.

@Before
public void setup() throws ParserConfigurationException, SAXException, IOException {
    simpleSign = mock(SimpleSign.class);
    idpMetadata = mock(IdpMetadata.class);
    relayStates = mock(RelayStates.class);
    sessionFactory = mock(SessionFactory.class);
    request = mock(HttpServletRequest.class);
    logoutMessage = mock(LogoutMessage.class);
    encryptionService = mock(EncryptionService.class);
    session = mock(HttpSession.class);
    securityTokenHolder = mock(SecurityTokenHolder.class);
    Element issuedAssertion = readSamlAssertion().getDocumentElement();
    String assertionId = issuedAssertion.getAttributeNodeNS(null, "ID").getNodeValue();
    SecurityToken token = new SecurityToken(assertionId, issuedAssertion, null);
    when(securityTokenHolder.getSecurityToken("idp")).thenReturn(token);
    logoutRequestService = new MockLogoutRequestService(simpleSign, idpMetadata, relayStates);
    logoutRequestService.setEncryptionService(encryptionService);
    logoutRequestService.setLogOutPageTimeOut(LOGOUT_PAGE_TIMEOUT);
    logoutRequestService.setLogoutMessage(logoutMessage);
    logoutRequestService.setRequest(request);
    logoutRequestService.setSessionFactory(sessionFactory);
    logoutRequestService.init();
    when(sessionFactory.getOrCreateSession(request)).thenReturn(session);
    when(session.getAttribute(eq(SecurityConstants.SAML_ASSERTION))).thenReturn(securityTokenHolder);
    when(request.getRequestURL()).thenReturn(new StringBuffer("www.url.com/url"));
    when(idpMetadata.getSigningCertificate()).thenReturn("signingCertificate");
    when(idpMetadata.getSingleLogoutBinding()).thenReturn(SamlProtocol.REDIRECT_BINDING);
    when(idpMetadata.getSingleLogoutLocation()).thenReturn(redirectLogoutUrl);
    System.setProperty("security.audit.roles", "none");
}
Also used : SessionFactory(ddf.security.http.SessionFactory) RelayStates(ddf.security.samlp.impl.RelayStates) LogoutMessage(ddf.security.samlp.LogoutMessage) HttpSession(javax.servlet.http.HttpSession) Element(org.w3c.dom.Element) Matchers.anyString(org.mockito.Matchers.anyString) HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SimpleSign(ddf.security.samlp.SimpleSign) SecurityTokenHolder(ddf.security.common.SecurityTokenHolder) EncryptionService(ddf.security.encryption.EncryptionService) Before(org.junit.Before)

Example 3 with SessionFactory

use of ddf.security.http.SessionFactory in project ddf by codice.

the class AssertionConsumerServiceTest method setUp.

@Before
public void setUp() throws Exception {
    encryptionService = mock(EncryptionService.class);
    systemCrypto = new SystemCrypto("encryption.properties", "signature.properties", encryptionService);
    simpleSign = new SimpleSign(systemCrypto);
    relayStates = (RelayStates<String>) mock(RelayStates.class);
    when(relayStates.encode("fubar")).thenReturn(RELAY_STATE_VAL);
    when(relayStates.decode(RELAY_STATE_VAL)).thenReturn(LOCATION);
    loginFilter = mock(javax.servlet.Filter.class);
    sessionFactory = mock(SessionFactory.class);
    httpRequest = mock(HttpServletRequest.class);
    when(httpRequest.getRequestURL()).thenReturn(new StringBuffer("fubar"));
    when(httpRequest.isSecure()).thenReturn(true);
    idpMetadata = new IdpMetadata();
    assertionConsumerService = new AssertionConsumerService(simpleSign, idpMetadata, systemCrypto, relayStates);
    assertionConsumerService.setRequest(httpRequest);
    assertionConsumerService.setLoginFilter(loginFilter);
    assertionConsumerService.setSessionFactory(sessionFactory);
    cannedResponse = Resources.toString(Resources.getResource(getClass(), "/SAMLResponse.xml"), Charsets.UTF_8);
    String metadata = Resources.toString(Resources.getResource(getClass(), "/IDPmetadata.xml"), Charsets.UTF_8);
    deflatedSamlResponse = Resources.toString(Resources.getResource(getClass(), "/DeflatedSAMLResponse.txt"), Charsets.UTF_8);
    idpMetadata.setMetadata(metadata);
}
Also used : SessionFactory(ddf.security.http.SessionFactory) HttpServletRequest(javax.servlet.http.HttpServletRequest) SimpleSign(ddf.security.samlp.SimpleSign) SystemCrypto(ddf.security.samlp.SystemCrypto) Filter(javax.servlet.Filter) EncryptionService(ddf.security.encryption.EncryptionService) Before(org.junit.Before)

Aggregations

SessionFactory (ddf.security.http.SessionFactory)3 SecurityTokenHolder (ddf.security.common.SecurityTokenHolder)2 EncryptionService (ddf.security.encryption.EncryptionService)2 SimpleSign (ddf.security.samlp.SimpleSign)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpSession (javax.servlet.http.HttpSession)2 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)2 Before (org.junit.Before)2 LogoutMessage (ddf.security.samlp.LogoutMessage)1 SystemCrypto (ddf.security.samlp.SystemCrypto)1 RelayStates (ddf.security.samlp.impl.RelayStates)1 SecurityManager (ddf.security.service.SecurityManager)1 HashMap (java.util.HashMap)1 Filter (javax.servlet.Filter)1 BeforeClass (org.junit.BeforeClass)1 Matchers.anyString (org.mockito.Matchers.anyString)1 Element (org.w3c.dom.Element)1