use of org.apache.catalina.authenticator.BasicAuthenticator in project tomcat by apache.
the class TestStandardContext method doTestDenyUncoveredHttpMethodsSCI.
private void doTestDenyUncoveredHttpMethodsSCI(boolean enableDeny) throws Exception {
// Test that denying uncovered HTTP methods when adding servlet security
// constraints programmatically does work.
// Set up a container
Tomcat tomcat = getTomcatInstance();
// No file system docBase required
Context ctx = tomcat.addContext("", null);
ctx.setDenyUncoveredHttpMethods(enableDeny);
// Setup realm
TesterMapRealm realm = new TesterMapRealm();
realm.addUser("tomcat", "tomcat");
realm.addUserRole("tomcat", "tomcat");
ctx.setRealm(realm);
// Configure app for BASIC auth
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("BASIC");
ctx.setLoginConfig(lc);
ctx.getPipeline().addValve(new BasicAuthenticator());
// Add ServletContainerInitializer
ServletContainerInitializer sci = new DenyUncoveredHttpMethodsSCI();
ctx.addServletContainerInitializer(sci, null);
// Start the context
tomcat.start();
// Request the first servlet
ByteChunk bc = new ByteChunk();
int rc = getUrl("http://localhost:" + getPort() + "/test", bc, null);
// Check for a 401
if (enableDeny) {
// Should be default error page
Assert.assertTrue(bc.toString().contains("403"));
Assert.assertEquals(403, rc);
} else {
Assert.assertEquals("OK", bc.toString());
Assert.assertEquals(200, rc);
}
}
use of org.apache.catalina.authenticator.BasicAuthenticator in project tomcat by apache.
the class TestRestCsrfPreventionFilter2 method setUpApplication.
private void setUpApplication() throws Exception {
context = tomcat.addContext(CONTEXT_PATH_LOGIN, System.getProperty("java.io.tmpdir"));
context.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
Tomcat.addServlet(context, SERVLET_NAME, new TesterServlet());
context.addServletMappingDecoded(URI_PROTECTED, SERVLET_NAME);
FilterDef filterDef = new FilterDef();
filterDef.setFilterName(FILTER_NAME);
filterDef.setFilterClass(RestCsrfPreventionFilter.class.getCanonicalName());
filterDef.addInitParameter(FILTER_INIT_PARAM, REMOVE_CUSTOMER + "," + ADD_CUSTOMER);
context.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName(FILTER_NAME);
filterMap.addURLPatternDecoded(URI_CSRF_PROTECTED);
context.addFilterMap(filterMap);
SecurityCollection collection = new SecurityCollection();
collection.addPatternDecoded(URI_PROTECTED);
SecurityConstraint sc = new SecurityConstraint();
sc.addAuthRole(ROLE);
sc.addCollection(collection);
context.addConstraint(sc);
LoginConfig lc = new LoginConfig();
lc.setAuthMethod(METHOD);
context.setLoginConfig(lc);
AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
context.getPipeline().addValve(basicAuthenticator);
}
use of org.apache.catalina.authenticator.BasicAuthenticator in project cas by apereo.
the class CasEmbeddedContainerTomcatConfiguration method configureBasicAuthn.
private void configureBasicAuthn(final TomcatEmbeddedServletContainerFactory tomcat) {
final CasEmbeddedApacheTomcatBasicAuthenticationProperties basic = casProperties.getServer().getBasicAuthn();
if (basic.isEnabled()) {
tomcat.addContextCustomizers(ctx -> {
final LoginConfig config = new LoginConfig();
config.setAuthMethod("BASIC");
ctx.setLoginConfig(config);
basic.getSecurityRoles().forEach(ctx::addSecurityRole);
basic.getAuthRoles().forEach(r -> {
final SecurityConstraint constraint = new SecurityConstraint();
constraint.addAuthRole(r);
final SecurityCollection collection = new SecurityCollection();
basic.getPatterns().forEach(collection::addPattern);
constraint.addCollection(collection);
ctx.addConstraint(constraint);
});
});
tomcat.addContextValves(new BasicAuthenticator());
}
}
Aggregations