Examples with SecurityManager ddf.security.service.SecurityManager used on opensource projects

Search in sources :

Example 16 with SecurityManager

use of ddf.security.service.SecurityManager in project ddf by codice.

the class TestPepInterceptorActions method testMessageWithOperationAction.

@Test
public void testMessageWithOperationAction() throws SecurityServiceException {
    PEPAuthorizingInterceptor interceptor = new PEPAuthorizingInterceptor();
    SecurityManager mockSecurityManager = mock(SecurityManager.class);
    interceptor.setSecurityManager(mockSecurityManager);
    Message messageWithAction = mock(Message.class);
    SecurityAssertion mockSecurityAssertion = mock(SecurityAssertion.class);
    SecurityToken mockSecurityToken = mock(SecurityToken.class);
    Subject mockSubject = mock(Subject.class);
    assertNotNull(mockSecurityAssertion);
    PowerMockito.mockStatic(SecurityAssertionStore.class);
    PowerMockito.mockStatic(SecurityLogger.class);
    when(SecurityAssertionStore.getSecurityAssertion(messageWithAction)).thenReturn(mockSecurityAssertion);
    // SecurityLogger is already stubbed out
    when(mockSecurityAssertion.getSecurityToken()).thenReturn(mockSecurityToken);
    when(mockSecurityToken.getToken()).thenReturn(null);
    when(mockSecurityManager.getSubject(mockSecurityToken)).thenReturn(mockSubject);
    Exchange mockExchange = mock(Exchange.class);
    BindingOperationInfo mockBOI = mock(BindingOperationInfo.class);
    SoapOperationInfo mockSOI = mock(SoapOperationInfo.class);
    when(messageWithAction.getExchange()).thenReturn(mockExchange);
    when(mockExchange.get(BindingOperationInfo.class)).thenReturn(mockBOI);
    when(mockBOI.getExtensor(SoapOperationInfo.class)).thenReturn(mockSOI);
    when(mockSOI.getAction()).thenReturn("urn:catalog:query:query-port:search");
    doAnswer(new Answer<Boolean>() {

        @Override
        public Boolean answer(InvocationOnMock invocation) throws Throwable {
            CollectionPermission perm = (CollectionPermission) invocation.getArguments()[0];
            assertEquals("urn:catalog:query:query-port:search", perm.getAction());
            return true;
        }
    }).when(mockSubject).isPermitted(isA(CollectionPermission.class));
    // This should work.
    interceptor.handleMessage(messageWithAction);
    PowerMockito.verifyStatic();
}
Also used : BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) SecurityManager(ddf.security.service.SecurityManager) Message(org.apache.cxf.message.Message) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Subject(ddf.security.Subject) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Exchange(org.apache.cxf.message.Exchange) InvocationOnMock(org.mockito.invocation.InvocationOnMock) SoapOperationInfo(org.apache.cxf.binding.soap.model.SoapOperationInfo) CollectionPermission(ddf.security.permission.CollectionPermission) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 17 with SecurityManager

use of ddf.security.service.SecurityManager in project ddf by codice.

the class IdpEndpointTest method testExpiredLoginCookie.

@Test
public void testExpiredLoginCookie() throws SecurityServiceException, WSSecurityException {
    String samlRequest = authNRequestGet;
    HttpServletRequest request = mock(HttpServletRequest.class);
    Cookie cookie = mock(Cookie.class);
    SecurityManager securityManager = mock(SecurityManager.class);
    when(securityManager.getSubject(anyObject())).thenThrow(new SecurityServiceException("test"));
    idpEndpoint.setSecurityManager(securityManager);
    when(request.isSecure()).thenReturn(true);
    when(request.getRequestURL()).thenReturn(requestURL);
    when(request.getAttribute(ContextPolicy.ACTIVE_REALM)).thenReturn("*");
    when(request.getCookies()).thenReturn(new Cookie[] { cookie });
    when(cookie.getName()).thenReturn(IdpEndpoint.COOKIE);
    when(cookie.getValue()).thenReturn("2");
    Response response = idpEndpoint.showGetLogin(samlRequest, relayState, signatureAlgorithm, signature, request);
    //the only cookie that should exist is the "1" cookie so "2" should send us to the login webapp
    assertThat(response.getEntity().toString(), containsString("<title>Login</title>"));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Cookie(javax.servlet.http.Cookie) Response(javax.ws.rs.core.Response) SecurityServiceException(ddf.security.service.SecurityServiceException) SecurityManager(ddf.security.service.SecurityManager) Matchers.containsString(org.hamcrest.Matchers.containsString) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 18 with SecurityManager

use of ddf.security.service.SecurityManager in project ddf by codice.

the class IdpEndpointTest method testPassiveLoginPkiSignatureErrorPost.

@Test
public void testPassiveLoginPkiSignatureErrorPost() throws SecurityServiceException, WSSecurityException, CertificateEncodingException, IOException {
    String samlRequest = authNRequestPassivePkiPost;
    HttpServletRequest request = mock(HttpServletRequest.class);
    X509Certificate x509Certificate = mock(X509Certificate.class);
    SecurityManager securityManager = mock(SecurityManager.class);
    when(securityManager.getSubject(anyObject())).thenThrow(new SecurityServiceException("test"));
    idpEndpoint.setSecurityManager(securityManager);
    when(request.isSecure()).thenReturn(true);
    when(request.getRequestURL()).thenReturn(requestURL);
    when(request.getAttribute(ContextPolicy.ACTIVE_REALM)).thenReturn("*");
    //dummy cert
    when((X509Certificate[]) request.getAttribute(requestCertificateAttributeName)).thenReturn(new X509Certificate[] { x509Certificate });
    when(x509Certificate.getEncoded()).thenReturn(new byte[48]);
    Response response = idpEndpoint.showPostLogin(samlRequest, relayState, request);
    assertThat(response.getStatus(), is(500));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Response(javax.ws.rs.core.Response) SecurityServiceException(ddf.security.service.SecurityServiceException) SecurityManager(ddf.security.service.SecurityManager) Matchers.containsString(org.hamcrest.Matchers.containsString) Matchers.anyString(org.mockito.Matchers.anyString) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.Test)

Example 19 with SecurityManager

use of ddf.security.service.SecurityManager in project ddf by codice.

the class IdpEndpointTest method testFailedLogin.

@Test
public void testFailedLogin() throws SecurityServiceException {
    String samlRequest = authNRequestGet;
    HttpServletRequest request = mock(HttpServletRequest.class);
    SecurityManager securityManager = mock(SecurityManager.class);
    when(securityManager.getSubject(anyObject())).thenThrow(new SecurityServiceException("test"));
    idpEndpoint.setSecurityManager(securityManager);
    when(request.isSecure()).thenReturn(true);
    when(request.getRequestURL()).thenReturn(requestURL);
    when(request.getAttribute(ContextPolicy.ACTIVE_REALM)).thenReturn("*");
    Response response = idpEndpoint.processLogin(samlRequest, relayState, Idp.GUEST, signatureAlgorithm, signature, SamlProtocol.REDIRECT_BINDING, request);
    assertThat(response.getStatus(), is(401));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Response(javax.ws.rs.core.Response) SecurityServiceException(ddf.security.service.SecurityServiceException) SecurityManager(ddf.security.service.SecurityManager) Matchers.containsString(org.hamcrest.Matchers.containsString) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 20 with SecurityManager

use of ddf.security.service.SecurityManager in project ddf by codice.

the class IdpEndpointTest method testLoginForceAuthnCookie.

@Test
public void testLoginForceAuthnCookie() throws SecurityServiceException, WSSecurityException, IOException {
    String samlRequest = RestSecurity.deflateAndBase64Encode(authNRequestGetForce);
    HttpServletRequest request = mock(HttpServletRequest.class);
    Cookie cookie = mock(Cookie.class);
    SecurityManager securityManager = mock(SecurityManager.class);
    when(securityManager.getSubject(anyObject())).thenThrow(new SecurityServiceException("test"));
    idpEndpoint.setSecurityManager(securityManager);
    idpEndpoint.setStrictSignature(false);
    when(request.isSecure()).thenReturn(true);
    when(request.getRequestURL()).thenReturn(requestURL);
    when(request.getAttribute(ContextPolicy.ACTIVE_REALM)).thenReturn("*");
    when(request.getCookies()).thenReturn(new Cookie[] { cookie });
    when(cookie.getName()).thenReturn(IdpEndpoint.COOKIE);
    when(cookie.getValue()).thenReturn("1");
    Response response = idpEndpoint.showGetLogin(samlRequest, relayState, signatureAlgorithm, signature, request);
    assertThat(response.getEntity().toString(), containsString("<title>Login</title>"));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Cookie(javax.servlet.http.Cookie) Response(javax.ws.rs.core.Response) SecurityServiceException(ddf.security.service.SecurityServiceException) SecurityManager(ddf.security.service.SecurityManager) Matchers.containsString(org.hamcrest.Matchers.containsString) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Aggregations

SecurityManager (ddf.security.service.SecurityManager)26 Test (org.junit.Test)19 Subject (ddf.security.Subject)14 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)13 SecurityAssertion (ddf.security.assertion.SecurityAssertion)11 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 SecurityServiceException (ddf.security.service.SecurityServiceException)9 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)9 CollectionPermission (ddf.security.permission.CollectionPermission)7 Response (javax.ws.rs.core.Response)7 Message (org.apache.cxf.message.Message)7 Matchers.containsString (org.hamcrest.Matchers.containsString)7 Matchers.anyString (org.mockito.Matchers.anyString)7 Exchange (org.apache.cxf.message.Exchange)6 BindingOperationInfo (org.apache.cxf.service.model.BindingOperationInfo)6 X509Certificate (java.security.cert.X509Certificate)5 QName (javax.xml.namespace.QName)5 InvocationOnMock (org.mockito.invocation.InvocationOnMock)4 Element (org.w3c.dom.Element)4 FilterChain (javax.servlet.FilterChain)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial