Search in sources :

Example 16 with WebResourceCollection

use of io.undertow.servlet.api.WebResourceCollection in project undertow by undertow-io.

the class ServletContextRolesTestCase method setup.

@BeforeClass
public static void setup() throws ServletException {
    final PathHandler root = new PathHandler();
    final ServletContainer container = ServletContainer.Factory.newInstance();
    final ServletIdentityManager identityManager = new ServletIdentityManager();
    identityManager.addUser("user1", "password1", "unspecified-role");
    LoginConfig loginConfig = new LoginConfig(REALM_NAME);
    Map<String, String> props = new HashMap<>();
    props.put("charset", "ISO_8859_1");
    props.put("user-agent-charsets", "Chrome,UTF-8,OPR,UTF-8");
    loginConfig.addFirstAuthMethod(new AuthMethodConfig("BASIC", props));
    DeploymentInfo builder = new DeploymentInfo().setClassLoader(ServletContextRolesTestCase.class.getClassLoader()).setContextPath("/servletContext").setClassIntrospecter(TestClassIntrospector.INSTANCE).setDeploymentName("servletContext.war").addServlet(new ServletInfo("servlet", CheckRolesServlet.class).addMapping("/aa")).addListener(new ListenerInfo(DeclareRolesServletContextListener.class)).setIdentityManager(identityManager).setLoginConfig(loginConfig);
    builder.addPrincipalVsRoleMappings("user1", DeclareRolesServletContextListener.ROLES);
    builder.addSecurityConstraint(new SecurityConstraint().addWebResourceCollection(new WebResourceCollection().addUrlPattern("/*")).addRolesAllowed(DeclareRolesServletContextListener.ROLES).setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.DENY));
    manager = container.addDeployment(builder);
    manager.deploy();
    root.addPrefixPath(builder.getContextPath(), manager.start());
    DefaultServer.setRootHandler(root);
}
Also used : WebResourceCollection(io.undertow.servlet.api.WebResourceCollection) HashMap(java.util.HashMap) PathHandler(io.undertow.server.handlers.PathHandler) ServletIdentityManager(io.undertow.servlet.test.security.constraint.ServletIdentityManager) SecurityConstraint(io.undertow.servlet.api.SecurityConstraint) ServletInfo(io.undertow.servlet.api.ServletInfo) ListenerInfo(io.undertow.servlet.api.ListenerInfo) AuthMethodConfig(io.undertow.servlet.api.AuthMethodConfig) ServletContainer(io.undertow.servlet.api.ServletContainer) LoginConfig(io.undertow.servlet.api.LoginConfig) DeploymentInfo(io.undertow.servlet.api.DeploymentInfo) BeforeClass(org.junit.BeforeClass)

Example 17 with WebResourceCollection

use of io.undertow.servlet.api.WebResourceCollection in project undertow by undertow-io.

the class SecurityRedirectTestCase method setup.

@BeforeClass
public static void setup() throws ServletException {
    final PathHandler root = new PathHandler();
    final ServletContainer container = ServletContainer.Factory.newInstance();
    ServletIdentityManager identityManager = new ServletIdentityManager();
    identityManager.addUser("user1", "password1", "role1");
    DeploymentInfo builder = new DeploymentInfo().setClassIntrospecter(TestClassIntrospector.INSTANCE).setClassLoader(ServletPathMappingTestCase.class.getClassLoader()).setContextPath("/servletContext").setDeploymentName("servletContext.war").setResourceManager(new TestResourceLoader(SecurityRedirectTestCase.class)).addWelcomePages("index.html").setIdentityManager(identityManager).setLoginConfig(new LoginConfig("BASIC", "Test Realm")).addSecurityConstraint(new SecurityConstraint().addRoleAllowed("role1").addWebResourceCollection(new WebResourceCollection().addUrlPatterns("/index.html", "/filterpath/*")));
    DeploymentManager manager = container.addDeployment(builder);
    manager.deploy();
    root.addPrefixPath(builder.getContextPath(), manager.start());
    DefaultServer.setRootHandler(root);
}
Also used : WebResourceCollection(io.undertow.servlet.api.WebResourceCollection) TestResourceLoader(io.undertow.servlet.test.util.TestResourceLoader) DeploymentManager(io.undertow.servlet.api.DeploymentManager) ServletContainer(io.undertow.servlet.api.ServletContainer) LoginConfig(io.undertow.servlet.api.LoginConfig) PathHandler(io.undertow.server.handlers.PathHandler) DeploymentInfo(io.undertow.servlet.api.DeploymentInfo) ServletIdentityManager(io.undertow.servlet.test.security.constraint.ServletIdentityManager) SecurityConstraint(io.undertow.servlet.api.SecurityConstraint) BeforeClass(org.junit.BeforeClass)

Example 18 with WebResourceCollection

use of io.undertow.servlet.api.WebResourceCollection in project undertow by undertow-io.

the class WelcomeFileSecurityTestCase method setup.

@BeforeClass
public static void setup() throws ServletException {
    final PathHandler root = new PathHandler();
    final ServletContainer container = ServletContainer.Factory.newInstance();
    ServletIdentityManager identityManager = new ServletIdentityManager();
    identityManager.addUser("user1", "password1", "role1");
    DeploymentInfo builder = new DeploymentInfo().setClassIntrospecter(TestClassIntrospector.INSTANCE).setClassLoader(ServletPathMappingTestCase.class.getClassLoader()).setContextPath("/servletContext").setDeploymentName("servletContext.war").setResourceManager(new TestResourceLoader(WelcomeFileSecurityTestCase.class)).addWelcomePages("doesnotexist.html", "index.html", "default").setIdentityManager(identityManager).setLoginConfig(new LoginConfig("BASIC", "Test Realm")).addServlet(new ServletInfo("DefaultTestServlet", PathTestServlet.class).setServletSecurityInfo(new ServletSecurityInfo().addRoleAllowed("role1")).addMapping("/path/default")).addSecurityConstraint(new SecurityConstraint().addRoleAllowed("role1").addWebResourceCollection(new WebResourceCollection().addUrlPattern("/index.html")));
    DeploymentManager manager = container.addDeployment(builder);
    manager.deploy();
    root.addPrefixPath(builder.getContextPath(), manager.start());
    DefaultServer.setRootHandler(root);
}
Also used : ServletInfo(io.undertow.servlet.api.ServletInfo) WebResourceCollection(io.undertow.servlet.api.WebResourceCollection) ServletSecurityInfo(io.undertow.servlet.api.ServletSecurityInfo) TestResourceLoader(io.undertow.servlet.test.util.TestResourceLoader) DeploymentManager(io.undertow.servlet.api.DeploymentManager) ServletContainer(io.undertow.servlet.api.ServletContainer) LoginConfig(io.undertow.servlet.api.LoginConfig) PathHandler(io.undertow.server.handlers.PathHandler) DeploymentInfo(io.undertow.servlet.api.DeploymentInfo) ServletPathMappingTestCase(io.undertow.servlet.test.path.ServletPathMappingTestCase) ServletIdentityManager(io.undertow.servlet.test.security.constraint.ServletIdentityManager) SecurityConstraint(io.undertow.servlet.api.SecurityConstraint) BeforeClass(org.junit.BeforeClass)

Example 19 with WebResourceCollection

use of io.undertow.servlet.api.WebResourceCollection in project undertow by undertow-io.

the class ServletRegistrationImpl method setServletSecurity.

@Override
public Set<String> setServletSecurity(final ServletSecurityElement constraint) {
    if (constraint == null) {
        throw UndertowMessages.MESSAGES.argumentCannotBeNull("constraint");
    }
    DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();
    // this is not super efficient, but it does not really matter
    final Set<String> urlPatterns = new HashSet<>();
    for (SecurityConstraint sc : deploymentInfo.getSecurityConstraints()) {
        for (WebResourceCollection webResources : sc.getWebResourceCollections()) {
            urlPatterns.addAll(webResources.getUrlPatterns());
        }
    }
    final Set<String> ret = new HashSet<>();
    for (String url : servletInfo.getMappings()) {
        if (urlPatterns.contains(url)) {
            ret.add(url);
        }
    }
    ServletSecurityInfo info = new ServletSecurityInfo();
    servletInfo.setServletSecurityInfo(info);
    info.setTransportGuaranteeType(constraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE).setEmptyRoleSemantic(emptyRoleSemantic(constraint.getEmptyRoleSemantic())).addRolesAllowed(constraint.getRolesAllowed());
    for (final HttpMethodConstraintElement methodConstraint : constraint.getHttpMethodConstraints()) {
        info.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo().setTransportGuaranteeType(methodConstraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE).setMethod(methodConstraint.getMethodName()).setEmptyRoleSemantic(emptyRoleSemantic(methodConstraint.getEmptyRoleSemantic())).addRolesAllowed(methodConstraint.getRolesAllowed()));
    }
    return ret;
}
Also used : WebResourceCollection(io.undertow.servlet.api.WebResourceCollection) ServletSecurityInfo(io.undertow.servlet.api.ServletSecurityInfo) DeploymentInfo(io.undertow.servlet.api.DeploymentInfo) HttpMethodConstraintElement(javax.servlet.HttpMethodConstraintElement) SecurityConstraint(io.undertow.servlet.api.SecurityConstraint) HashSet(java.util.HashSet) HttpMethodSecurityInfo(io.undertow.servlet.api.HttpMethodSecurityInfo)

Example 20 with WebResourceCollection

use of io.undertow.servlet.api.WebResourceCollection in project keycloak by keycloak.

the class SamlServletExtension method addEndpointConstraint.

/**
 * add security constraint to /saml so that the endpoint can be called and auth mechanism pinged.
 * @param deploymentInfo
 */
protected void addEndpointConstraint(DeploymentInfo deploymentInfo) {
    SecurityConstraint constraint = new SecurityConstraint();
    WebResourceCollection collection = new WebResourceCollection();
    collection.addUrlPattern("/saml");
    constraint.addWebResourceCollection(collection);
    deploymentInfo.addSecurityConstraint(constraint);
}
Also used : WebResourceCollection(io.undertow.servlet.api.WebResourceCollection) SecurityConstraint(io.undertow.servlet.api.SecurityConstraint)

Aggregations

SecurityConstraint (io.undertow.servlet.api.SecurityConstraint)21 WebResourceCollection (io.undertow.servlet.api.WebResourceCollection)21 DeploymentInfo (io.undertow.servlet.api.DeploymentInfo)18 LoginConfig (io.undertow.servlet.api.LoginConfig)15 ServletInfo (io.undertow.servlet.api.ServletInfo)14 PathHandler (io.undertow.server.handlers.PathHandler)12 ServletContainer (io.undertow.servlet.api.ServletContainer)12 BeforeClass (org.junit.BeforeClass)12 DeploymentManager (io.undertow.servlet.api.DeploymentManager)11 ServletIdentityManager (io.undertow.servlet.test.security.constraint.ServletIdentityManager)8 SimpleServletTestCase (io.undertow.servlet.test.SimpleServletTestCase)7 AuthMethodConfig (io.undertow.servlet.api.AuthMethodConfig)6 ServletSecurityInfo (io.undertow.servlet.api.ServletSecurityInfo)5 HashMap (java.util.HashMap)5 HttpHandler (io.undertow.server.HttpHandler)3 HttpMethodSecurityInfo (io.undertow.servlet.api.HttpMethodSecurityInfo)3 SendAuthTypeServlet (io.undertow.servlet.test.security.SendAuthTypeServlet)3 SendUsernameServlet (io.undertow.servlet.test.security.SendUsernameServlet)3 TestResourceLoader (io.undertow.servlet.test.util.TestResourceLoader)3 WebSocketDeploymentInfo (io.undertow.websockets.jsr.WebSocketDeploymentInfo)3