Search in sources :

Example 46 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit by apache.

the class UserPerWorkspaceSecurityManagerTest method testUsersArePerWorkspace.

public void testUsersArePerWorkspace() throws Exception {
    String altWsp = getAlternativeWorkspaceName();
    if (altWsp == null) {
        throw new NotExecutableException();
    }
    Session s = getHelper().getSuperuserSession(altWsp);
    User u = null;
    try {
        // other users created in the default workspace...
        u = ((JackrabbitSession) superuser).getUserManager().createUser("testUser", "testUser");
        superuser.save();
        // ... must not be present in the alternate-workspace
        UserManager umgr = ((JackrabbitSession) s).getUserManager();
        assertNull(umgr.getAuthorizable("testUser"));
        try {
            Session us = getHelper().getRepository().login(new SimpleCredentials("testUser", "testUser".toCharArray()), altWsp);
            us.logout();
            fail("testUser must not be able to login to a workspace without this user.");
        } catch (LoginException e) {
        // success
        }
    } finally {
        s.logout();
        if (u != null) {
            u.remove();
            superuser.save();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) User(org.apache.jackrabbit.api.security.user.User) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) UserManager(org.apache.jackrabbit.api.security.user.UserManager) LoginException(javax.jcr.LoginException) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Session(javax.jcr.Session) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)

Example 47 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit by apache.

the class UserPerWorkspaceSecurityManagerTest method testCloneUser.

public void testCloneUser() throws Exception {
    String altWsp = getAlternativeWorkspaceName();
    if (altWsp == null) {
        throw new NotExecutableException();
    }
    UserManager uMgr = ((JackrabbitSession) superuser).getUserManager();
    Session s = getHelper().getSuperuserSession(altWsp);
    User u = null;
    try {
        // other users created in the default workspace...
        u = uMgr.createUser("testUser", "testUser");
        superuser.save();
        String userPath = null;
        if (u.getPrincipal() instanceof ItemBasedPrincipal) {
            userPath = ((ItemBasedPrincipal) u.getPrincipal()).getPath();
            assertTrue(superuser.nodeExists(userPath));
        } else {
            throw new NotExecutableException();
        }
        // ... must not be present in the alternate-workspace
        UserManager umgr = ((JackrabbitSession) s).getUserManager();
        assertNull(umgr.getAuthorizable("testUser"));
        assertFalse(s.nodeExists(userPath));
        String clonePath = userPath;
        String parentPath = Text.getRelativeParent(clonePath, 1);
        while (!s.nodeExists(parentPath)) {
            clonePath = parentPath;
            parentPath = Text.getRelativeParent(parentPath, 1);
        }
        // clone the user into the second workspace
        s.getWorkspace().clone(superuser.getWorkspace().getName(), clonePath, clonePath, true);
        // ... now the user must be visible
        assertNotNull(umgr.getAuthorizable("testUser"));
        if (userPath != null) {
            assertTrue(s.nodeExists(userPath));
        }
        // ... and able to login to that workspace
        Session us = getHelper().getRepository().login(new SimpleCredentials("testUser", "testUser".toCharArray()), altWsp);
        us.logout();
    } finally {
        // remove the test user in the second workspace
        Authorizable dest = ((JackrabbitSession) s).getUserManager().getAuthorizable("testUser");
        if (dest != null) {
            dest.remove();
            s.save();
        }
        // logout the session
        s.logout();
        if (u != null) {
            // remove as well in the first workspace
            u.remove();
            superuser.save();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) User(org.apache.jackrabbit.api.security.user.User) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) UserManager(org.apache.jackrabbit.api.security.user.UserManager) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Session(javax.jcr.Session) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)

Example 48 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit by apache.

the class UserPerWorkspaceSecurityManagerTest method testTransientUserCannotLogin.

public void testTransientUserCannotLogin() throws RepositoryException, UnsupportedRepositoryOperationException {
    Session s = null;
    String uid = "testUser";
    UserManager umgr = ((JackrabbitSession) superuser).getUserManager();
    umgr.autoSave(false);
    try {
        // other users created in the default workspace...
        umgr.createUser(uid, uid);
        // the new user must be able to login to the repo
        s = getHelper().getRepository().login(new SimpleCredentials(uid, uid.toCharArray()));
        fail("Non-saved user node -> must not be able to login.");
    } catch (LoginException e) {
    // success
    } finally {
        if (s != null) {
            s.logout();
        }
        superuser.refresh(false);
        Authorizable a = ((JackrabbitSession) superuser).getUserManager().getAuthorizable(uid);
        if (a != null) {
            a.remove();
            superuser.save();
        }
        umgr.autoSave(true);
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) UserManager(org.apache.jackrabbit.api.security.user.UserManager) LoginException(javax.jcr.LoginException) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Session(javax.jcr.Session) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)

Example 49 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit by apache.

the class BasicCredentialsProviderTest method testDefaultPassword.

public void testDefaultPassword() throws ServletException, LoginException {
    Map<String, char[]> m = new HashMap<String, char[]>();
    m.put("userId", new char[0]);
    m.put("userId:", new char[0]);
    m.put("userId:pw", "pw".toCharArray());
    for (String uid : m.keySet()) {
        char[] pw = m.get(uid);
        CredentialsProvider cb = new BasicCredentialsProvider(uid);
        Credentials creds = cb.getCredentials(new RequestImpl(null));
        assertNotNull(creds);
        assertTrue(creds instanceof SimpleCredentials);
        assertEquals("userId", ((SimpleCredentials) creds).getUserID());
        if (pw.length == 0) {
            assertEquals(0, ((SimpleCredentials) creds).getPassword().length);
        } else {
            assertEquals(new String(pw), new String(((SimpleCredentials) creds).getPassword()));
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) HashMap(java.util.HashMap) GuestCredentials(javax.jcr.GuestCredentials) SimpleCredentials(javax.jcr.SimpleCredentials) Credentials(javax.jcr.Credentials)

Example 50 with SimpleCredentials

use of javax.jcr.SimpleCredentials in project jackrabbit-oak by apache.

the class WikipediaImport method run.

private void run(Repository repository) throws Exception {
    Session session = repository.login(new SimpleCredentials("admin", "admin".toCharArray()));
    try {
        int before = importWikipedia(session);
        int after = new Traversal().traverse(session);
        checkState(before == after, "Import vs. traverse mismatch");
    } finally {
        session.logout();
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) Session(javax.jcr.Session)

Aggregations

SimpleCredentials (javax.jcr.SimpleCredentials)289 Test (org.junit.Test)142 Session (javax.jcr.Session)83 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)60 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)53 User (org.apache.jackrabbit.api.security.user.User)41 Credentials (javax.jcr.Credentials)39 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)35 UserManager (org.apache.jackrabbit.api.security.user.UserManager)34 LoginException (javax.security.auth.login.LoginException)30 Node (javax.jcr.Node)28 RepositoryException (javax.jcr.RepositoryException)25 Principal (java.security.Principal)22 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)21 GuestCredentials (javax.jcr.GuestCredentials)20 LoginException (javax.jcr.LoginException)19 TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)19 AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)18 Before (org.junit.Before)18 ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)17