Search in sources :

Example 76 with Principal

use of java.security.Principal in project okhttp by square.

the class JavaApiConverterTest method createOkResponseForCacheGet_secure.

@Test
public void createOkResponseForCacheGet_secure() throws Exception {
    final String statusLine = "HTTP/1.1 200 Fantastic";
    final Principal localPrincipal = LOCAL_CERT.getSubjectX500Principal();
    final List<Certificate> localCertificates = Arrays.<Certificate>asList(LOCAL_CERT);
    final Principal serverPrincipal = SERVER_CERT.getSubjectX500Principal();
    final List<Certificate> serverCertificates = Arrays.<Certificate>asList(SERVER_CERT);
    URI uri = new URI("https://foo/bar");
    Request request = new Request.Builder().url(uri.toURL()).build();
    SecureCacheResponse cacheResponse = new SecureCacheResponse() {

        @Override
        public Map<String, List<String>> getHeaders() throws IOException {
            Map<String, List<String>> headers = new LinkedHashMap<>();
            headers.put(null, Collections.singletonList(statusLine));
            headers.put("xyzzy", Arrays.asList("bar", "baz"));
            return headers;
        }

        @Override
        public InputStream getBody() throws IOException {
            return new ByteArrayInputStream("HelloWorld".getBytes(StandardCharsets.UTF_8));
        }

        @Override
        public String getCipherSuite() {
            return "SSL_RSA_WITH_NULL_MD5";
        }

        @Override
        public List<Certificate> getLocalCertificateChain() {
            return localCertificates;
        }

        @Override
        public List<Certificate> getServerCertificateChain() throws SSLPeerUnverifiedException {
            return serverCertificates;
        }

        @Override
        public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
            return serverPrincipal;
        }

        @Override
        public Principal getLocalPrincipal() {
            return localPrincipal;
        }
    };
    Response response = JavaApiConverter.createOkResponseForCacheGet(request, cacheResponse);
    Request cacheRequest = response.request();
    assertEquals(request.url(), cacheRequest.url());
    assertEquals(request.method(), cacheRequest.method());
    assertEquals(0, request.headers().size());
    assertEquals(Protocol.HTTP_1_1, response.protocol());
    assertEquals(200, response.code());
    assertEquals("Fantastic", response.message());
    Headers okResponseHeaders = response.headers();
    assertEquals("baz", okResponseHeaders.get("xyzzy"));
    assertEquals("HelloWorld", response.body().string());
    Handshake handshake = response.handshake();
    assertNotNull(handshake);
    assertNotNullAndEquals(CipherSuite.TLS_RSA_WITH_NULL_MD5, handshake.cipherSuite());
    assertEquals(localPrincipal, handshake.localPrincipal());
    assertEquals(serverPrincipal, handshake.peerPrincipal());
    assertEquals(serverCertificates, handshake.peerCertificates());
    assertEquals(localCertificates, handshake.localCertificates());
}
Also used : SecureCacheResponse(java.net.SecureCacheResponse) Headers(okhttp3.Headers) Request(okhttp3.Request) URI(java.net.URI) LinkedHashMap(java.util.LinkedHashMap) CacheResponse(java.net.CacheResponse) Response(okhttp3.Response) SecureCacheResponse(java.net.SecureCacheResponse) ByteArrayInputStream(java.io.ByteArrayInputStream) List(java.util.List) Principal(java.security.Principal) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) Handshake(okhttp3.Handshake) Test(org.junit.Test)

Example 77 with Principal

use of java.security.Principal in project spring-security by spring-projects.

the class J2eePreAuthenticatedProcessingFilterTests method getRequest.

private final HttpServletRequest getRequest(final String aUserName, final String[] aRoles) {
    MockHttpServletRequest req = new MockHttpServletRequest() {

        private Set<String> roles = new HashSet<String>(Arrays.asList(aRoles));

        public boolean isUserInRole(String arg0) {
            return roles.contains(arg0);
        }
    };
    req.setRemoteUser(aUserName);
    req.setUserPrincipal(new Principal() {

        public String getName() {
            return aUserName;
        }
    });
    return req;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Principal(java.security.Principal)

Example 78 with Principal

use of java.security.Principal in project okhttp by square.

the class CacheTest method secureResponseCaching.

@Test
public void secureResponseCaching() throws IOException {
    server.useHttps(sslClient.socketFactory, false);
    server.enqueue(new MockResponse().addHeader("Last-Modified: " + formatDate(-1, TimeUnit.HOURS)).addHeader("Expires: " + formatDate(1, TimeUnit.HOURS)).setBody("ABC"));
    client = client.newBuilder().sslSocketFactory(sslClient.socketFactory, sslClient.trustManager).hostnameVerifier(NULL_HOSTNAME_VERIFIER).build();
    Request request = new Request.Builder().url(server.url("/")).build();
    Response response1 = client.newCall(request).execute();
    BufferedSource in = response1.body().source();
    assertEquals("ABC", in.readUtf8());
    // OpenJDK 6 fails on this line, complaining that the connection isn't open yet
    CipherSuite cipherSuite = response1.handshake().cipherSuite();
    List<Certificate> localCerts = response1.handshake().localCertificates();
    List<Certificate> serverCerts = response1.handshake().peerCertificates();
    Principal peerPrincipal = response1.handshake().peerPrincipal();
    Principal localPrincipal = response1.handshake().localPrincipal();
    // Cached!
    Response response2 = client.newCall(request).execute();
    assertEquals("ABC", response2.body().string());
    assertEquals(2, cache.requestCount());
    assertEquals(1, cache.networkCount());
    assertEquals(1, cache.hitCount());
    assertEquals(cipherSuite, response2.handshake().cipherSuite());
    assertEquals(localCerts, response2.handshake().localCertificates());
    assertEquals(serverCerts, response2.handshake().peerCertificates());
    assertEquals(peerPrincipal, response2.handshake().peerPrincipal());
    assertEquals(localPrincipal, response2.handshake().localPrincipal());
}
Also used : MockResponse(okhttp3.mockwebserver.MockResponse) MockResponse(okhttp3.mockwebserver.MockResponse) RecordedRequest(okhttp3.mockwebserver.RecordedRequest) Principal(java.security.Principal) BufferedSource(okio.BufferedSource) Certificate(java.security.cert.Certificate) Test(org.junit.Test)

Example 79 with Principal

use of java.security.Principal in project spring-security by spring-projects.

the class TestLoginModule method login.

public boolean login() throws LoginException {
    if (!user.equals("user")) {
        throw new LoginException("Bad User");
    }
    if (!password.equals("password")) {
        throw new LoginException("Bad Password");
    }
    subject.getPrincipals().add(new Principal() {

        public String getName() {
            return "TEST_PRINCIPAL";
        }
    });
    subject.getPrincipals().add(new Principal() {

        public String getName() {
            return "NULL_PRINCIPAL";
        }
    });
    return true;
}
Also used : LoginException(javax.security.auth.login.LoginException) Principal(java.security.Principal)

Example 80 with Principal

use of java.security.Principal in project blade by biezhi.

the class PropertyUserStore method loadUsers.

/* ------------------------------------------------------------ */
protected void loadUsers() throws IOException {
    if (_configPath == null)
        return;
    if (LOG.isDebugEnabled()) {
        LOG.debug("Loading " + this + " from " + _configPath);
    }
    Properties properties = new Properties();
    if (getConfigResource().exists())
        properties.load(getConfigResource().getInputStream());
    Set<String> known = new HashSet<String>();
    for (Map.Entry<Object, Object> entry : properties.entrySet()) {
        String username = ((String) entry.getKey()).trim();
        String credentials = ((String) entry.getValue()).trim();
        String roles = null;
        int c = credentials.indexOf(',');
        if (c > 0) {
            roles = credentials.substring(c + 1).trim();
            credentials = credentials.substring(0, c).trim();
        }
        if (username != null && username.length() > 0 && credentials != null && credentials.length() > 0) {
            String[] roleArray = IdentityService.NO_ROLES;
            if (roles != null && roles.length() > 0) {
                roleArray = StringUtil.csvSplit(roles);
            }
            known.add(username);
            Credential credential = Credential.getCredential(credentials);
            Principal userPrincipal = new AbstractLoginService.UserPrincipal(username, credential);
            Subject subject = new Subject();
            subject.getPrincipals().add(userPrincipal);
            subject.getPrivateCredentials().add(credential);
            if (roles != null) {
                for (String role : roleArray) {
                    subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role));
                }
            }
            subject.setReadOnly();
            _knownUserIdentities.put(username, _identityService.newUserIdentity(subject, userPrincipal, roleArray));
            notifyUpdate(username, credential, roleArray);
        }
    }
    synchronized (_knownUsers) {
        /*
             * if its not the initial load then we want to process removed users
             */
        if (!_firstLoad) {
            Iterator<String> users = _knownUsers.iterator();
            while (users.hasNext()) {
                String user = users.next();
                if (!known.contains(user)) {
                    _knownUserIdentities.remove(user);
                    notifyRemove(user);
                }
            }
        }
        /*
             * reset the tracked _users list to the known users we just processed
             */
        _knownUsers.clear();
        _knownUsers.addAll(known);
    }
    /*
         * set initial load to false as there should be no more initial loads
         */
    _firstLoad = false;
    if (LOG.isDebugEnabled()) {
        LOG.debug("Loaded " + this + " from " + _configPath);
    }
}
Also used : Credential(org.eclipse.jetty.util.security.Credential) Properties(java.util.Properties) Subject(javax.security.auth.Subject) HashMap(java.util.HashMap) Map(java.util.Map) Principal(java.security.Principal) HashSet(java.util.HashSet)

Aggregations

Principal (java.security.Principal)931 Test (org.junit.Test)243 Subject (javax.security.auth.Subject)114 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)114 HashSet (java.util.HashSet)89 User (org.apache.jackrabbit.api.security.user.User)75 Group (org.apache.jackrabbit.api.security.user.Group)74 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)58 Privilege (javax.jcr.security.Privilege)57 RepositoryException (javax.jcr.RepositoryException)51 IOException (java.io.IOException)50 ArrayList (java.util.ArrayList)48 HttpServletRequest (javax.servlet.http.HttpServletRequest)47 TestPrincipal (org.apache.jackrabbit.core.security.TestPrincipal)45 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)43 EveryonePrincipal (org.apache.jackrabbit.core.security.principal.EveryonePrincipal)42 PrincipalIterator (org.apache.jackrabbit.api.security.principal.PrincipalIterator)40 HashMap (java.util.HashMap)39 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)39 X500Principal (javax.security.auth.x500.X500Principal)38