Example 1 with UserPrincipal
use of io.pravega.shared.security.auth.UserPrincipal in project pravega by pravega.
the class RESTAuthHelperTest method testAuthFailsForUnknownUser.
@Test
public void testAuthFailsForUnknownUser() throws AuthException {
String username = "unknown";
String password = "whatever";
boolean authorized = authHelper.isAuthorized(createAuthHeader(username, password), "/", new UserPrincipal(username), READ);
assertFalse(authorized);
}
Also used :
UserPrincipal(io.pravega.shared.security.auth.UserPrincipal)
Test(org.junit.Test)
Example 2 with UserPrincipal
use of io.pravega.shared.security.auth.UserPrincipal in project pravega by pravega.
the class RESTAuthHelperTest method testAuthOkForUnprivilegedUserForAssignedPermission.
@Test
public void testAuthOkForUnprivilegedUserForAssignedPermission() throws AuthException {
String username = FakeAuthHandler.UNPRIVILEGED_USER;
String password = "whatever";
boolean authorized = authHelper.isAuthorized(createAuthHeader(username, password), "/", new UserPrincipal(username), READ);
assertFalse(authorized);
}
Also used :
UserPrincipal(io.pravega.shared.security.auth.UserPrincipal)
Test(org.junit.Test)
Example 3 with UserPrincipal
use of io.pravega.shared.security.auth.UserPrincipal in project pravega by pravega.
the class RESTAuthHelperTest method testAuthFailsForUnprivilegedUserForUnassignedPermission.
@Test
public void testAuthFailsForUnprivilegedUserForUnassignedPermission() throws AuthException {
String username = FakeAuthHandler.UNPRIVILEGED_USER;
String password = "whatever";
boolean authorized = authHelper.isAuthorized(createAuthHeader(username, password), "/", new UserPrincipal(username), READ_UPDATE);
assertFalse(authorized);
}
Also used :
UserPrincipal(io.pravega.shared.security.auth.UserPrincipal)
Test(org.junit.Test)
Example 4 with UserPrincipal
use of io.pravega.shared.security.auth.UserPrincipal in project pravega by pravega.
the class PasswordAuthHandler method authenticate.
@Override
public Principal authenticate(String token) throws AuthException {
String[] parts = parseToken(token);
String userName = parts[0];
char[] password = parts[1].toCharArray();
try {
if (aclsByUser.containsKey(userName) && encryptor.checkPassword(password, aclsByUser.get(userName).getEncryptedPassword())) {
return new UserPrincipal(userName);
}
throw new AuthenticationException("User authentication exception");
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
log.warn("Exception during password authentication", e);
throw new AuthenticationException(e);
} finally {
// Zero out the password for security.
Arrays.fill(password, '0');
}
}
Also used :
AuthenticationException(io.pravega.auth.AuthenticationException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
UserPrincipal(io.pravega.shared.security.auth.UserPrincipal)
Aggregations
UserPrincipal (io.pravega.shared.security.auth.UserPrincipal)4
Test (org.junit.Test)3
AuthenticationException (io.pravega.auth.AuthenticationException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1
