Examples with AuthenticationResult org.apache.archiva.redback.authentication.AuthenticationResult used on opensource projects

Search in sources :

Example 21 with AuthenticationResult

use of org.apache.archiva.redback.authentication.AuthenticationResult in project archiva by apache.

the class RepositoryServletSecurityTest method testPutWithInvalidUserAndGuestHasNoWriteAccess.

// test deploy with invalid user, and guest has no write access to repo
// 401 must be returned
@Test
public void testPutWithInvalidUserAndGuestHasNoWriteAccess() throws Exception {
    InputStream is = getClass().getResourceAsStream("/artifact.jar");
    assertNotNull("artifact.jar inputstream", is);
    servlet.setDavSessionProvider(davSessionProvider);
    AuthenticationResult result = new AuthenticationResult();
    EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result);
    servletAuth.isAuthenticated(EasyMock.anyObject(HttpServletRequest.class), EasyMock.anyObject(AuthenticationResult.class));
    EasyMock.expectLastCall().andThrow(new AuthenticationException("Authentication error"));
    servletAuth.isAuthorized("guest", "internal", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD);
    EasyMock.expectLastCall().andThrow(new UnauthorizedException("'guest' has no write access to repository"));
    httpAuthControl.replay();
    servletAuthControl.replay();
    MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
    mockHttpServletRequest.addHeader("User-Agent", "foo");
    mockHttpServletRequest.setMethod("PUT");
    mockHttpServletRequest.setRequestURI("/repository/internal/path/to/artifact.jar");
    mockHttpServletRequest.setContent(IOUtils.toByteArray(is));
    mockHttpServletRequest.setContentType("application/octet-stream");
    MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
    servlet.service(mockHttpServletRequest, mockHttpServletResponse);
    httpAuthControl.verify();
    servletAuthControl.verify();
    assertEquals(HttpServletResponse.SC_UNAUTHORIZED, mockHttpServletResponse.getStatus());
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationException(org.apache.archiva.redback.authentication.AuthenticationException) InputStream(java.io.InputStream) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UnauthorizedException(org.apache.archiva.redback.authorization.UnauthorizedException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) AuthenticationResult(org.apache.archiva.redback.authentication.AuthenticationResult) Test(org.junit.Test)

Example 22 with AuthenticationResult

use of org.apache.archiva.redback.authentication.AuthenticationResult in project archiva by apache.

the class RepositoryServletSecurityTest method testGetWithInvalidUserAndGuestHasNoReadAccess.

// test get with invalid user, and guest has no read access to repo
@Test
public void testGetWithInvalidUserAndGuestHasNoReadAccess() throws Exception {
    String commonsLangJar = "commons-lang/commons-lang/2.1/commons-lang-2.1.jar";
    String expectedArtifactContents = "dummy-commons-lang-artifact";
    Path artifactFile = repoRootInternal.getRoot().resolve(commonsLangJar);
    Files.createDirectories(artifactFile.getParent());
    org.apache.archiva.common.utils.FileUtils.writeStringToFile(artifactFile, Charset.defaultCharset(), expectedArtifactContents);
    servlet.setDavSessionProvider(davSessionProvider);
    AuthenticationResult result = new AuthenticationResult();
    EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result);
    EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), anyObject(AuthenticationResult.class))).andThrow(new AuthenticationException("Authentication error"));
    EasyMock.expect(servletAuth.isAuthorized("guest", "internal", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS)).andReturn(false);
    httpAuthControl.replay();
    servletAuthControl.replay();
    MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
    mockHttpServletRequest.addHeader("User-Agent", "foo");
    mockHttpServletRequest.setMethod("GET");
    mockHttpServletRequest.setRequestURI("/repository/internal/" + commonsLangJar);
    MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
    servlet.service(mockHttpServletRequest, mockHttpServletResponse);
    httpAuthControl.verify();
    servletAuthControl.verify();
    assertEquals(HttpServletResponse.SC_UNAUTHORIZED, mockHttpServletResponse.getStatus());
}
Also used : Path(java.nio.file.Path) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationException(org.apache.archiva.redback.authentication.AuthenticationException) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) AuthenticationResult(org.apache.archiva.redback.authentication.AuthenticationResult) Test(org.junit.Test)

Aggregations

AuthenticationResult (org.apache.archiva.redback.authentication.AuthenticationResult)22 SecuritySession (org.apache.archiva.redback.system.SecuritySession)15 DefaultSecuritySession (org.apache.archiva.redback.system.DefaultSecuritySession)14 Test (org.junit.Test)14 User (org.apache.archiva.redback.users.User)10 UnauthorizedException (org.apache.archiva.redback.authorization.UnauthorizedException)9 HttpServletRequest (javax.servlet.http.HttpServletRequest)8 HttpServletResponse (javax.servlet.http.HttpServletResponse)8 AuthenticationException (org.apache.archiva.redback.authentication.AuthenticationException)8 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)8 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)8 Path (java.nio.file.Path)5 UserManager (org.apache.archiva.redback.users.UserManager)5 InputStream (java.io.InputStream)4 HttpSession (javax.servlet.http.HttpSession)4 AuthorizationException (org.apache.archiva.redback.authorization.AuthorizationException)4 UserNotFoundException (org.apache.archiva.redback.users.UserNotFoundException)4 SimpleUser (org.apache.archiva.redback.users.memory.SimpleUser)4 AccountLockedException (org.apache.archiva.redback.policy.AccountLockedException)3 MustChangePasswordException (org.apache.archiva.redback.policy.MustChangePasswordException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial