Examples with FilterChain jakarta.servlet.FilterChain used on opensource projects

Search in sources :

Example 6 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class AuthorizationFilterTests method filterWhenAuthorizationManagerVerifyThrowsAccessDeniedExceptionThenStopFilterChain.

@Test
public void filterWhenAuthorizationManagerVerifyThrowsAccessDeniedExceptionThenStopFilterChain() {
    AuthorizationManager<HttpServletRequest> mockAuthorizationManager = mock(AuthorizationManager.class);
    AuthorizationFilter filter = new AuthorizationFilter(mockAuthorizationManager);
    TestingAuthenticationToken authenticationToken = new TestingAuthenticationToken("user", "password");
    SecurityContext securityContext = new SecurityContextImpl();
    securityContext.setAuthentication(authenticationToken);
    SecurityContextHolder.setContext(securityContext);
    MockHttpServletRequest mockRequest = new MockHttpServletRequest(null, "/path");
    MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    FilterChain mockFilterChain = mock(FilterChain.class);
    willThrow(new AccessDeniedException("Access Denied")).given(mockAuthorizationManager).verify(any(), eq(mockRequest));
    assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> filter.doFilter(mockRequest, mockResponse, mockFilterChain)).withMessage("Access Denied");
    ArgumentCaptor<Supplier<Authentication>> authenticationCaptor = ArgumentCaptor.forClass(Supplier.class);
    verify(mockAuthorizationManager).verify(authenticationCaptor.capture(), eq(mockRequest));
    Supplier<Authentication> authentication = authenticationCaptor.getValue();
    assertThat(authentication.get()).isEqualTo(authenticationToken);
    verifyNoInteractions(mockFilterChain);
}
Also used : SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl) AccessDeniedException(org.springframework.security.access.AccessDeniedException) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(jakarta.servlet.FilterChain) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Authentication(org.springframework.security.core.Authentication) SecurityContext(org.springframework.security.core.context.SecurityContext) Supplier(java.util.function.Supplier) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 7 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class AuthenticationFilterTests method filterWhenConvertEmptyThenOk.

@Test
public void filterWhenConvertEmptyThenOk() throws Exception {
    given(this.authenticationConverter.convert(any())).willReturn(null);
    AuthenticationFilter filter = new AuthenticationFilter(this.authenticationManagerResolver, this.authenticationConverter);
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/");
    FilterChain chain = mock(FilterChain.class);
    filter.doFilter(request, new MockHttpServletResponse(), chain);
    verifyZeroInteractions(this.authenticationManagerResolver);
    verify(chain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
    assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) ServletRequest(jakarta.servlet.ServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) ServletResponse(jakarta.servlet.ServletResponse) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) FilterChain(jakarta.servlet.FilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 8 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class AuthenticationFilterTests method filterWhenSuccessfulAuthenticationThenSessionIdChanges.

// gh-7446
@Test
public void filterWhenSuccessfulAuthenticationThenSessionIdChanges() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("test", "this", "ROLE_USER");
    given(this.authenticationConverter.convert(any())).willReturn(authentication);
    given(this.authenticationManager.authenticate(any())).willReturn(authentication);
    MockHttpSession session = new MockHttpSession();
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/");
    request.setSession(session);
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain chain = new MockFilterChain();
    String sessionId = session.getId();
    AuthenticationFilter filter = new AuthenticationFilter(this.authenticationManager, this.authenticationConverter);
    filter.doFilter(request, response, chain);
    assertThat(session.getId()).isNotEqualTo(sessionId);
}
Also used : Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) FilterChain(jakarta.servlet.FilterChain) MockHttpSession(org.springframework.mock.web.MockHttpSession) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 9 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class AuthenticationFilterTests method filterWhenDefaultsAndAuthenticationFailThenUnauthorized.

@Test
public void filterWhenDefaultsAndAuthenticationFailThenUnauthorized() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("test", "this", "ROLE");
    given(this.authenticationConverter.convert(any())).willReturn(authentication);
    given(this.authenticationManager.authenticate(any())).willThrow(new BadCredentialsException("failed"));
    AuthenticationFilter filter = new AuthenticationFilter(this.authenticationManager, this.authenticationConverter);
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/");
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain chain = mock(FilterChain.class);
    filter.doFilter(request, response, chain);
    assertThat(response.getStatus()).isEqualTo(HttpStatus.UNAUTHORIZED.value());
    assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
}
Also used : Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) FilterChain(jakarta.servlet.FilterChain) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 10 with FilterChain

use of jakarta.servlet.FilterChain in project spring-security by spring-projects.

the class AuthenticationFilterTests method filterWhenDefaultsAndAuthenticationSuccessThenContinues.

@Test
public void filterWhenDefaultsAndAuthenticationSuccessThenContinues() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("test", "this", "ROLE");
    given(this.authenticationConverter.convert(any())).willReturn(authentication);
    given(this.authenticationManager.authenticate(any())).willReturn(authentication);
    AuthenticationFilter filter = new AuthenticationFilter(this.authenticationManager, this.authenticationConverter);
    MockHttpServletRequest request = new MockHttpServletRequest("GET", "/");
    MockHttpServletResponse response = new MockHttpServletResponse();
    FilterChain chain = mock(FilterChain.class);
    filter.doFilter(request, response, chain);
    verify(this.authenticationManager).authenticate(any(Authentication.class));
    verify(chain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
    assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull();
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) ServletRequest(jakarta.servlet.ServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) ServletResponse(jakarta.servlet.ServletResponse) Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockFilterChain(org.springframework.mock.web.MockFilterChain) FilterChain(jakarta.servlet.FilterChain) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

FilterChain (jakarta.servlet.FilterChain)141 Test (org.junit.jupiter.api.Test)134 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)103 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)102 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)68 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)54 MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)35 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)32 MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)29 ServletRequest (jakarta.servlet.ServletRequest)25 ServletResponse (jakarta.servlet.ServletResponse)25 Authentication (org.springframework.security.core.Authentication)23 MockFilterChain (org.springframework.mock.web.MockFilterChain)20 ServletException (jakarta.servlet.ServletException)16 StandardCharsets (java.nio.charset.StandardCharsets)16 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)16 IOException (java.io.IOException)15 BeforeEach (org.junit.jupiter.api.BeforeEach)14 FileCopyUtils (org.springframework.util.FileCopyUtils)14 Arrays (java.util.Arrays)11
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial