use of net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken in project alfresco-repository by Alfresco.
the class AuthenticationTest method testTicketExpires.
public void testTicketExpires() {
ticketsCache.clear();
usernameToTicketIdCache.clear();
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P5S");
tc.setTicketsCache(ticketsCache);
tc.setUsernameToTicketIdCache(usernameToTicketIdCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this) {
try {
wait(10000);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
synchronized (this) {
try {
wait(10000);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
use of net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken in project alfresco-repository by Alfresco.
the class AuthenticationContextImpl method setUserDetails.
/**
* Explicitly set the given validated user details to be authenticated.
*
* @param ud
* the User Details
* @return Authentication
*/
public Authentication setUserDetails(UserDetails ud) {
String userId = ud.getUsername();
try {
// door'.
if (!ud.isEnabled()) {
throw new DisabledException("User is disabled");
}
if (!ud.isAccountNonExpired()) {
throw new AccountExpiredException("User account has expired");
}
if (!ud.isAccountNonLocked()) {
throw new LockedException("User account is locked");
}
if (!ud.isCredentialsNonExpired()) {
throw new CredentialsExpiredException("User credentials have expired");
}
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(ud, "", ud.getAuthorities());
auth.setDetails(ud);
auth.setAuthenticated(true);
return setCurrentAuthentication(auth);
} catch (net.sf.acegisecurity.AuthenticationException ae) {
if (logger.isWarnEnabled()) {
// Shows only first 2 symbols of the username and masks all other character with '*' [see also ProtectedUser]
StringBuilder sb = new StringBuilder();
sb.append(ae.getMessage());
sb.append(" [");
sb.append(AuthenticationUtil.maskUsername(userId));
sb.append("] - cannot set details for user");
logger.warn(sb.toString());
}
throw new AuthenticationException(ae.getMessage(), ae);
} finally {
// Support for logging tenantdomain / username (via log4j NDC)
AuthenticationUtil.logNDC(ud.getUsername());
}
}
use of net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken in project alfresco-repository by Alfresco.
the class AuthenticationTest method testTicketOneOff.
public void testTicketOneOff() {
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(true);
tc.setTicketsExpire(false);
tc.setValidDuration("P0D");
tc.setTicketsCache(ticketsCache);
tc.setUsernameToTicketIdCache(usernameToTicketIdCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertTrue(!ticketComponent.getCurrentTicket("Andy", true).equals(ticket));
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
use of net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken in project alfresco-repository by Alfresco.
the class AuthenticationTest method testTicketExpiryMode.
public void testTicketExpiryMode() {
ticketsCache.clear();
usernameToTicketIdCache.clear();
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P5S");
tc.setTicketsCache(ticketsCache);
tc.setUsernameToTicketIdCache(usernameToTicketIdCache);
tc.setExpiryMode(ExpiryMode.AFTER_FIXED_TIME.toString());
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this) {
try {
wait(10000);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
synchronized (this) {
try {
wait(10000);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
tc.setExpiryMode(ExpiryMode.AFTER_INACTIVITY.toString());
ticket = tc.getNewTicket(getUserName(result));
for (int i = 0; i < 50; i++) {
synchronized (this) {
try {
wait(100);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
tc.validateTicket(ticket);
}
}
synchronized (this) {
try {
wait(10000);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try {
tc.validateTicket(ticket);
assertNotNull(null);
} catch (AuthenticationException e) {
}
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
use of net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken in project alfresco-repository by Alfresco.
the class AuthenticationTest method testTicketDoesNotExpire.
public void testTicketDoesNotExpire() {
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
tc.setTicketsExpire(true);
tc.setValidDuration("P1D");
tc.setTicketsCache(ticketsCache);
tc.setUsernameToTicketIdCache(usernameToTicketIdCache);
dao.createUser("Andy", "ticket".toCharArray());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Andy", "ticket");
token.setAuthenticated(false);
Authentication result = authenticationManager.authenticate(token);
result.setAuthenticated(true);
String ticket = tc.getNewTicket(getUserName(result));
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
synchronized (this) {
try {
wait(10000);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
tc.validateTicket(ticket);
assertEquals(ticketComponent.getCurrentTicket("Andy", true), ticket);
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
Aggregations