Search in sources :

Example 1 with BasicAuthenticator

use of org.apache.catalina.authenticator.BasicAuthenticator in project tomcat70 by apache.

the class TestStandardContext method testBug50015.

@Test
public void testBug50015() throws Exception {
    // Test that configuring servlet security constraints programmatically
    // does work.
    // Set up a container
    Tomcat tomcat = getTomcatInstance();
    // No file system docBase required
    Context ctx = tomcat.addContext("", null);
    // Setup realm
    MapRealm realm = new MapRealm();
    realm.addUser("tomcat", "tomcat");
    realm.addUserRole("tomcat", "tomcat");
    ctx.setRealm(realm);
    // Configure app for BASIC auth
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("BASIC");
    ctx.setLoginConfig(lc);
    ctx.getPipeline().addValve(new BasicAuthenticator());
    // Add ServletContainerInitializer
    ServletContainerInitializer sci = new Bug50015SCI();
    ctx.addServletContainerInitializer(sci, null);
    // Start the context
    tomcat.start();
    // Request the first servlet
    ByteChunk bc = new ByteChunk();
    int rc = getUrl("http://localhost:" + getPort() + "/bug50015", bc, null);
    // Check for a 401
    Assert.assertNotSame("OK", bc.toString());
    Assert.assertEquals(401, rc);
}
Also used : Context(org.apache.catalina.Context) ServletContext(javax.servlet.ServletContext) ServletContainerInitializer(javax.servlet.ServletContainerInitializer) Tomcat(org.apache.catalina.startup.Tomcat) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) ByteChunk(org.apache.tomcat.util.buf.ByteChunk) LoginConfig(org.apache.catalina.deploy.LoginConfig) MapRealm(org.apache.catalina.startup.TestTomcat.MapRealm) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 2 with BasicAuthenticator

use of org.apache.catalina.authenticator.BasicAuthenticator in project tomcat70 by apache.

the class TestRestCsrfPreventionFilter2 method setUpApplication.

private void setUpApplication() throws Exception {
    context = tomcat.addContext(CONTEXT_PATH_LOGIN, System.getProperty("java.io.tmpdir"));
    context.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
    Tomcat.addServlet(context, SERVLET_NAME, new TesterServlet());
    context.addServletMapping(URI_PROTECTED, SERVLET_NAME);
    FilterDef filterDef = new FilterDef();
    filterDef.setFilterName(FILTER_NAME);
    filterDef.setFilterClass(RestCsrfPreventionFilter.class.getCanonicalName());
    filterDef.addInitParameter(FILTER_INIT_PARAM, REMOVE_CUSTOMER + "," + ADD_CUSTOMER);
    context.addFilterDef(filterDef);
    FilterMap filterMap = new FilterMap();
    filterMap.setFilterName(FILTER_NAME);
    filterMap.addURLPattern(URI_CSRF_PROTECTED);
    context.addFilterMap(filterMap);
    SecurityCollection collection = new SecurityCollection();
    collection.addPattern(URI_PROTECTED);
    SecurityConstraint sc = new SecurityConstraint();
    sc.addAuthRole(ROLE);
    sc.addCollection(collection);
    context.addConstraint(sc);
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod(METHOD);
    context.setLoginConfig(lc);
    AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
    context.getPipeline().addValve(basicAuthenticator);
}
Also used : AuthenticatorBase(org.apache.catalina.authenticator.AuthenticatorBase) FilterDef(org.apache.catalina.deploy.FilterDef) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) LoginConfig(org.apache.catalina.deploy.LoginConfig) FilterMap(org.apache.catalina.deploy.FilterMap) SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint) SecurityCollection(org.apache.catalina.deploy.SecurityCollection)

Example 3 with BasicAuthenticator

use of org.apache.catalina.authenticator.BasicAuthenticator in project tomee by apache.

the class TomcatWsRegistry method createNewContext.

private static Context createNewContext(final ClassLoader classLoader, String authMethod, String transportGuarantee, final String realmName, final String name) {
    final StandardContext context = new IgnoredStandardContext();
    context.setPath(Strings.slashify(name));
    context.setDocBase("");
    context.setParentClassLoader(classLoader);
    context.setDelegate(true);
    context.setName(name);
    ((TomcatWebAppBuilder) SystemInstance.get().getComponent(WebAppBuilder.class)).initJ2EEInfo(context);
    // Configure security
    if (authMethod != null) {
        authMethod = authMethod.toUpperCase();
    }
    if (transportGuarantee != null) {
        transportGuarantee = transportGuarantee.toUpperCase();
    }
    if (authMethod == null || "NONE".equals(authMethod)) {
    // NOPMD
    // ignore none for now as the  NonLoginAuthenticator seems to be completely hosed
    } else if ("BASIC".equals(authMethod) || "DIGEST".equals(authMethod) || "CLIENT-CERT".equals(authMethod)) {
        // Setup a login configuration
        final LoginConfig loginConfig = new LoginConfig();
        loginConfig.setAuthMethod(authMethod);
        loginConfig.setRealmName(realmName);
        context.setLoginConfig(loginConfig);
        // Setup a default Security Constraint
        final String securityRole = SystemInstance.get().getProperty(TOMEE_JAXWS_SECURITY_ROLE_PREFIX + name, "default");
        for (final String role : securityRole.split(",")) {
            final SecurityCollection collection = new SecurityCollection();
            collection.addMethod("GET");
            collection.addMethod("POST");
            collection.addPattern("/*");
            collection.setName(role);
            final SecurityConstraint sc = new SecurityConstraint();
            sc.addAuthRole("*");
            sc.addCollection(collection);
            sc.setAuthConstraint(true);
            sc.setUserConstraint(transportGuarantee);
            context.addConstraint(sc);
            context.addSecurityRole(role);
        }
        // Set the proper authenticator
        if ("BASIC".equals(authMethod)) {
            context.addValve(new BasicAuthenticator());
        } else if ("DIGEST".equals(authMethod)) {
            context.addValve(new DigestAuthenticator());
        } else if ("CLIENT-CERT".equals(authMethod)) {
            context.addValve(new SSLAuthenticator());
        } else if ("NONE".equals(authMethod)) {
            context.addValve(new NonLoginAuthenticator());
        }
        context.getPipeline().addValve(new OpenEJBValve());
    } else {
        throw new IllegalArgumentException("Invalid authMethod: " + authMethod);
    }
    return context;
}
Also used : TomcatWebAppBuilder(org.apache.tomee.catalina.TomcatWebAppBuilder) NonLoginAuthenticator(org.apache.catalina.authenticator.NonLoginAuthenticator) TomcatWebAppBuilder(org.apache.tomee.catalina.TomcatWebAppBuilder) WebAppBuilder(org.apache.openejb.assembler.classic.WebAppBuilder) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) IgnoredStandardContext(org.apache.tomee.catalina.IgnoredStandardContext) SSLAuthenticator(org.apache.catalina.authenticator.SSLAuthenticator) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) OpenEJBValve(org.apache.tomee.catalina.OpenEJBValve) DigestAuthenticator(org.apache.catalina.authenticator.DigestAuthenticator) IgnoredStandardContext(org.apache.tomee.catalina.IgnoredStandardContext) StandardContext(org.apache.catalina.core.StandardContext) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) SecurityCollection(org.apache.tomcat.util.descriptor.web.SecurityCollection)

Example 4 with BasicAuthenticator

use of org.apache.catalina.authenticator.BasicAuthenticator in project tomcat by apache.

the class TestStandardContext method testBug50015.

@Test
public void testBug50015() throws Exception {
    // Test that configuring servlet security constraints programmatically
    // does work.
    // Set up a container
    Tomcat tomcat = getTomcatInstance();
    // No file system docBase required
    Context ctx = tomcat.addContext("", null);
    // Setup realm
    TesterMapRealm realm = new TesterMapRealm();
    realm.addUser("tomcat", "tomcat");
    realm.addUserRole("tomcat", "tomcat");
    ctx.setRealm(realm);
    // Configure app for BASIC auth
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("BASIC");
    ctx.setLoginConfig(lc);
    ctx.getPipeline().addValve(new BasicAuthenticator());
    // Add ServletContainerInitializer
    ServletContainerInitializer sci = new Bug50015SCI();
    ctx.addServletContainerInitializer(sci, null);
    // Start the context
    tomcat.start();
    // Request the first servlet
    ByteChunk bc = new ByteChunk();
    int rc = getUrl("http://localhost:" + getPort() + "/bug50015", bc, null);
    // Check for a 401
    Assert.assertNotSame("OK", bc.toString());
    Assert.assertEquals(401, rc);
}
Also used : ServletContext(jakarta.servlet.ServletContext) Context(org.apache.catalina.Context) ServletContainerInitializer(jakarta.servlet.ServletContainerInitializer) Tomcat(org.apache.catalina.startup.Tomcat) TesterMapRealm(org.apache.catalina.startup.TesterMapRealm) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) ByteChunk(org.apache.tomcat.util.buf.ByteChunk) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) HttpMethodConstraint(jakarta.servlet.annotation.HttpMethodConstraint) HttpConstraint(jakarta.servlet.annotation.HttpConstraint) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 5 with BasicAuthenticator

use of org.apache.catalina.authenticator.BasicAuthenticator in project tomcat by apache.

the class TestRequest method testLoginLogout.

/*
     * Test case for {@link Request#login(String, String)} and
     * {@link Request#logout()}.
     */
@Test
public void testLoginLogout() throws Exception {
    // Setup Tomcat instance
    Tomcat tomcat = getTomcatInstance();
    // No file system docBase required
    Context ctx = tomcat.addContext("", null);
    LoginConfig config = new LoginConfig();
    config.setAuthMethod("BASIC");
    ctx.setLoginConfig(config);
    ctx.getPipeline().addValve(new BasicAuthenticator());
    Tomcat.addServlet(ctx, "servlet", new LoginLogoutServlet());
    ctx.addServletMappingDecoded("/", "servlet");
    TesterMapRealm realm = new TesterMapRealm();
    realm.addUser(LoginLogoutServlet.USER, LoginLogoutServlet.PWD);
    ctx.setRealm(realm);
    tomcat.start();
    ByteChunk res = getUrl("http://localhost:" + getPort() + "/");
    Assert.assertEquals(LoginLogoutServlet.OK, res.toString());
}
Also used : Context(org.apache.catalina.Context) Tomcat(org.apache.catalina.startup.Tomcat) TesterMapRealm(org.apache.catalina.startup.TesterMapRealm) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) ByteChunk(org.apache.tomcat.util.buf.ByteChunk) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Aggregations

BasicAuthenticator (org.apache.catalina.authenticator.BasicAuthenticator)14 LoginConfig (org.apache.tomcat.util.descriptor.web.LoginConfig)10 Context (org.apache.catalina.Context)8 Tomcat (org.apache.catalina.startup.Tomcat)8 ByteChunk (org.apache.tomcat.util.buf.ByteChunk)8 TesterMapRealm (org.apache.catalina.startup.TesterMapRealm)5 SecurityCollection (org.apache.tomcat.util.descriptor.web.SecurityCollection)5 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)5 ServletContext (jakarta.servlet.ServletContext)4 HttpConstraint (jakarta.servlet.annotation.HttpConstraint)4 HttpMethodConstraint (jakarta.servlet.annotation.HttpMethodConstraint)4 LoginConfig (org.apache.catalina.deploy.LoginConfig)4 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)4 Test (org.junit.Test)4 ArrayList (java.util.ArrayList)3 List (java.util.List)3 Wrapper (org.apache.catalina.Wrapper)3 MapRealm (org.apache.catalina.startup.TestTomcat.MapRealm)3 ServletContainerInitializer (jakarta.servlet.ServletContainerInitializer)2 ServletContext (javax.servlet.ServletContext)2