Example 81 with FilterConfig
use of javax.servlet.FilterConfig in project hadoop by apache.
the class TestAuthenticationFilter method testInit.
@Test
public void testInit() throws Exception {
// custom secret as inline
AuthenticationFilter filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple");
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<>(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements());
ServletContext context = Mockito.mock(ServletContext.class);
Mockito.when(context.getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)).thenReturn(new SignerSecretProvider() {
@Override
public void init(Properties config, ServletContext servletContext, long tokenValidity) {
}
@Override
public byte[] getCurrentSecret() {
return null;
}
@Override
public byte[][] getAllSecrets() {
return null;
}
});
Mockito.when(config.getServletContext()).thenReturn(context);
filter.init(config);
Assert.assertFalse(filter.isRandomSecret());
Assert.assertTrue(filter.isCustomSignerSecretProvider());
} finally {
filter.destroy();
}
// custom secret by file
File testDir = new File(System.getProperty("test.build.data", "target/test-dir"));
testDir.mkdirs();
String secretValue = "hadoop";
File secretFile = new File(testDir, "http-secret.txt");
Writer writer = new FileWriter(secretFile);
writer.write(secretValue);
writer.close();
filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple");
Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET_FILE)).thenReturn(secretFile.getAbsolutePath());
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET_FILE)).elements());
ServletContext context = Mockito.mock(ServletContext.class);
Mockito.when(context.getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE)).thenReturn(null);
Mockito.when(config.getServletContext()).thenReturn(context);
filter.init(config);
Assert.assertFalse(filter.isRandomSecret());
Assert.assertFalse(filter.isCustomSignerSecretProvider());
} finally {
filter.destroy();
}
// custom cookie domain and cookie path
filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("simple");
Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_DOMAIN)).thenReturn(".foo.com");
Mockito.when(config.getInitParameter(AuthenticationFilter.COOKIE_PATH)).thenReturn("/bar");
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.COOKIE_DOMAIN, AuthenticationFilter.COOKIE_PATH)).elements());
getMockedServletContextWithStringSigner(config);
filter.init(config);
Assert.assertEquals(".foo.com", filter.getCookieDomain());
Assert.assertEquals("/bar", filter.getCookiePath());
} finally {
filter.destroy();
}
// authentication handler lifecycle, and custom impl
DummyAuthenticationHandler.reset();
filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(DummyAuthenticationHandler.class.getName());
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements());
getMockedServletContextWithStringSigner(config);
filter.init(config);
Assert.assertTrue(DummyAuthenticationHandler.init);
} finally {
filter.destroy();
Assert.assertTrue(DummyAuthenticationHandler.destroy);
}
// kerberos auth handler
filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
ServletContext sc = Mockito.mock(ServletContext.class);
Mockito.when(config.getServletContext()).thenReturn(sc);
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn("kerberos");
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE)).elements());
filter.init(config);
} catch (ServletException ex) {
// Expected
} finally {
Assert.assertEquals(KerberosAuthenticationHandler.class, filter.getAuthenticationHandler().getClass());
filter.destroy();
}
}
Also used :
SignerSecretProvider(org.apache.hadoop.security.authentication.util.SignerSecretProvider)
FileWriter(java.io.FileWriter)
Properties(java.util.Properties)
ServletException(javax.servlet.ServletException)
ServletContext(javax.servlet.ServletContext)
FilterConfig(javax.servlet.FilterConfig)
Vector(java.util.Vector)
File(java.io.File)
FileWriter(java.io.FileWriter)
Writer(java.io.Writer)
Test(org.junit.Test)
Example 82 with FilterConfig
use of javax.servlet.FilterConfig in project hadoop by apache.
the class TestAuthenticationFilter method testGetTokenInvalidType.
@Test
public void testGetTokenInvalidType() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(DummyAuthenticationHandler.class.getName());
Mockito.when(config.getInitParameter(AuthenticationFilter.SIGNATURE_SECRET)).thenReturn("secret");
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, AuthenticationFilter.SIGNATURE_SECRET, "management.operation.return")).elements());
getMockedServletContextWithStringSigner(config);
filter.init(config);
AuthenticationToken token = new AuthenticationToken("u", "p", "invalidtype");
token.setExpires(System.currentTimeMillis() + TOKEN_VALIDITY_SEC);
SignerSecretProvider secretProvider = StringSignerSecretProviderCreator.newStringSignerSecretProvider();
Properties secretProviderProps = new Properties();
secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET, "secret");
secretProvider.init(secretProviderProps, null, TOKEN_VALIDITY_SEC);
Signer signer = new Signer(secretProvider);
String tokenSigned = signer.sign(token.toString());
Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, tokenSigned);
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
boolean failed = false;
try {
filter.getToken(request);
} catch (AuthenticationException ex) {
Assert.assertEquals("Invalid AuthenticationToken type", ex.getMessage());
failed = true;
} finally {
Assert.assertTrue("token not invalid type", failed);
}
} finally {
filter.destroy();
}
}
Also used :
HttpCookie(java.net.HttpCookie)
Cookie(javax.servlet.http.Cookie)
SignerSecretProvider(org.apache.hadoop.security.authentication.util.SignerSecretProvider)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
Properties(java.util.Properties)
Signer(org.apache.hadoop.security.authentication.util.Signer)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
FilterConfig(javax.servlet.FilterConfig)
Vector(java.util.Vector)
Test(org.junit.Test)
Example 83 with FilterConfig
use of javax.servlet.FilterConfig in project hadoop by apache.
the class TestAuthenticationFilter method testDoFilterAuthenticationFailure.
@Test
public void testDoFilterAuthenticationFailure() throws Exception {
AuthenticationFilter filter = new AuthenticationFilter();
try {
FilterConfig config = Mockito.mock(FilterConfig.class);
Mockito.when(config.getInitParameter("management.operation.return")).thenReturn("true");
Mockito.when(config.getInitParameter(AuthenticationFilter.AUTH_TYPE)).thenReturn(DummyAuthenticationHandler.class.getName());
Mockito.when(config.getInitParameterNames()).thenReturn(new Vector<String>(Arrays.asList(AuthenticationFilter.AUTH_TYPE, "management.operation.return")).elements());
getMockedServletContextWithStringSigner(config);
filter.init(config);
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo:8080/bar"));
Mockito.when(request.getCookies()).thenReturn(new Cookie[] {});
Mockito.when(request.getHeader("WWW-Authenticate")).thenReturn("dummyauth");
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
FilterChain chain = Mockito.mock(FilterChain.class);
final Map<String, String> cookieMap = new HashMap<String, String>();
Mockito.doAnswer(new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocation) throws Throwable {
Object[] args = invocation.getArguments();
parseCookieMap((String) args[1], cookieMap);
return null;
}
}).when(response).addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());
Mockito.doAnswer(new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocation) throws Throwable {
Assert.fail("shouldn't get here");
return null;
}
}).when(chain).doFilter(Mockito.<ServletRequest>anyObject(), Mockito.<ServletResponse>anyObject());
filter.doFilter(request, response, chain);
Mockito.verify(response).sendError(HttpServletResponse.SC_FORBIDDEN, "AUTH FAILED");
Mockito.verify(response, Mockito.never()).setHeader(Mockito.eq("WWW-Authenticate"), Mockito.anyString());
String value = cookieMap.get(AuthenticatedURL.AUTH_COOKIE);
Assert.assertNotNull("cookie missing", value);
Assert.assertEquals("", value);
} finally {
filter.destroy();
}
}
Also used :
HashMap(java.util.HashMap)
FilterChain(javax.servlet.FilterChain)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
FilterConfig(javax.servlet.FilterConfig)
Vector(java.util.Vector)
Test(org.junit.Test)
Example 84 with FilterConfig
use of javax.servlet.FilterConfig in project hadoop by apache.
the class TestStaticUserWebFilter method testFilter.
@Test
public void testFilter() throws Exception {
FilterConfig config = mockConfig("myuser");
StaticUserFilter suf = new StaticUserFilter();
suf.init(config);
ArgumentCaptor<HttpServletRequestWrapper> wrapperArg = ArgumentCaptor.forClass(HttpServletRequestWrapper.class);
FilterChain chain = mock(FilterChain.class);
suf.doFilter(mock(HttpServletRequest.class), mock(ServletResponse.class), chain);
Mockito.verify(chain).doFilter(wrapperArg.capture(), Mockito.<ServletResponse>anyObject());
HttpServletRequestWrapper wrapper = wrapperArg.getValue();
assertEquals("myuser", wrapper.getUserPrincipal().getName());
assertEquals("myuser", wrapper.getRemoteUser());
suf.destroy();
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletResponse(javax.servlet.ServletResponse)
HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper)
FilterChain(javax.servlet.FilterChain)
StaticUserFilter(org.apache.hadoop.http.lib.StaticUserWebFilter.StaticUserFilter)
FilterConfig(javax.servlet.FilterConfig)
Test(org.junit.Test)
Example 85 with FilterConfig
use of javax.servlet.FilterConfig in project hadoop by apache.
the class TestStaticUserWebFilter method mockConfig.
private FilterConfig mockConfig(String username) {
FilterConfig mock = Mockito.mock(FilterConfig.class);
Mockito.doReturn(username).when(mock).getInitParameter(CommonConfigurationKeys.HADOOP_HTTP_STATIC_USER);
return mock;
}
Also used :
FilterConfig(javax.servlet.FilterConfig)
Aggregations
FilterConfig (javax.servlet.FilterConfig)118
Test (org.junit.Test)70
HttpServletRequest (javax.servlet.http.HttpServletRequest)64
FilterChain (javax.servlet.FilterChain)63
HttpServletResponse (javax.servlet.http.HttpServletResponse)50
ServletContext (javax.servlet.ServletContext)28
HashMap (java.util.HashMap)21
ServletException (javax.servlet.ServletException)21
Vector (java.util.Vector)17
Properties (java.util.Properties)15
Filter (javax.servlet.Filter)14
ServletResponse (javax.servlet.ServletResponse)14
ServletRequest (javax.servlet.ServletRequest)12
IOException (java.io.IOException)10
SignerSecretProvider (org.apache.hadoop.security.authentication.util.SignerSecretProvider)10
HttpCookie (java.net.HttpCookie)9
Cookie (javax.servlet.http.Cookie)9
Signer (org.apache.hadoop.security.authentication.util.Signer)9
Enumeration (java.util.Enumeration)8
CrossOriginFilter (org.apache.hadoop.security.http.CrossOriginFilter)8
