Search in sources :

Example 91 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class ModifyAceTest method testMergeAceForUserDenyPrivilegeAfterGrantPrivilege.

/**
	 * Test ACE update with a deny privilege for an ACE that already contains
	 * a grant privilege 
	 */
@Test
public void testMergeAceForUserDenyPrivilegeAfterGrantPrivilege() throws IOException, JsonException {
    testUserId = H.createTestUser();
    testFolderUrl = H.createTestFolder();
    String postUrl = testFolderUrl + ".modifyAce.html";
    //1. create an initial set of privileges
    List<NameValuePair> postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:write", "granted"));
    Credentials creds = new UsernamePasswordCredentials("admin", "admin");
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    //fetch the JSON for the acl to verify the settings.
    String getUrl = testFolderUrl + ".acl.json";
    String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObject = JsonUtil.parseObject(json);
    assertEquals(1, jsonObject.size());
    JsonObject aceObject = jsonObject.getJsonObject(testUserId);
    assertNotNull(aceObject);
    assertEquals(testUserId, aceObject.getString("principal"));
    JsonArray grantedArray = aceObject.getJsonArray("granted");
    assertNotNull(grantedArray);
    assertEquals(1, grantedArray.size());
    Set<String> grantedPrivilegeNames = new HashSet<String>();
    for (int i = 0; i < grantedArray.size(); i++) {
        grantedPrivilegeNames.add(grantedArray.getString(i));
    }
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:write");
    assertFalse(aceObject.containsKey("denied"));
    //2. post a new set of privileges to merge with the existing privileges
    List<NameValuePair> postParams2 = new ArrayList<NameValuePair>();
    postParams2.add(new NameValuePair("principalId", testUserId));
    //jcr:write is not posted, so it should remain in the granted ACE
    //deny the jcr:nodeTypeManagement privilege, which should merge with the
    //existing ACE.
    //add a new privilege
    postParams2.add(new NameValuePair("privilege@jcr:nodeTypeManagement", "denied"));
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams2, null);
    //fetch the JSON for the acl to verify the settings.
    String json2 = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json2);
    JsonObject jsonObject2 = JsonUtil.parseObject(json2);
    assertEquals(1, jsonObject2.size());
    JsonObject aceObject2 = jsonObject2.getJsonObject(testUserId);
    assertNotNull(aceObject2);
    assertEquals(testUserId, aceObject2.getString("principal"));
    JsonArray grantedArray2 = aceObject2.getJsonArray("granted");
    assertNotNull(grantedArray2);
    assertEquals(1, grantedArray2.size());
    Set<String> grantedPrivilegeNames2 = new HashSet<String>();
    for (int i = 0; i < grantedArray2.size(); i++) {
        grantedPrivilegeNames2.add(grantedArray2.getString(i));
    }
    H.assertPrivilege(grantedPrivilegeNames2, true, "jcr:write");
    JsonArray deniedArray2 = aceObject2.getJsonArray("denied");
    assertNotNull(deniedArray2);
    assertEquals(1, deniedArray2.size());
    Set<String> deniedPrivilegeNames2 = new HashSet<String>();
    for (int i = 0; i < deniedArray2.size(); i++) {
        deniedPrivilegeNames2.add(deniedArray2.getString(i));
    }
    H.assertPrivilege(deniedPrivilegeNames2, true, "jcr:nodeTypeManagement");
}
Also used : JsonArray(javax.json.JsonArray) NameValuePair(org.apache.commons.httpclient.NameValuePair) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HashSet(java.util.HashSet) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Example 92 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class ModifyAceTest method testMergeAceForUserSplitAggregatePrincipal.

/**
	 * Test for SLING-997, preserve privileges that were not posted with the modifyAce 
	 * request.
	 */
@Test
public void testMergeAceForUserSplitAggregatePrincipal() throws IOException, JsonException {
    testUserId = H.createTestUser();
    testFolderUrl = H.createTestFolder();
    String postUrl = testFolderUrl + ".modifyAce.html";
    //1. create an initial set of privileges
    List<NameValuePair> postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:read", "granted"));
    postParams.add(new NameValuePair("privilege@jcr:write", "denied"));
    Credentials creds = new UsernamePasswordCredentials("admin", "admin");
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    //fetch the JSON for the acl to verify the settings.
    String getUrl = testFolderUrl + ".acl.json";
    String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObject = JsonUtil.parseObject(json);
    assertEquals(1, jsonObject.size());
    JsonObject aceObject = jsonObject.getJsonObject(testUserId);
    assertNotNull(aceObject);
    assertEquals(testUserId, aceObject.getString("principal"));
    JsonArray grantedArray = aceObject.getJsonArray("granted");
    assertNotNull(grantedArray);
    assertEquals(1, grantedArray.size());
    Set<String> grantedPrivilegeNames = new HashSet<String>();
    for (int i = 0; i < grantedArray.size(); i++) {
        grantedPrivilegeNames.add(grantedArray.getString(i));
    }
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:read");
    JsonArray deniedArray = aceObject.getJsonArray("denied");
    assertNotNull(deniedArray);
    assertEquals(1, deniedArray.size());
    Set<String> deniedPrivilegeNames = new HashSet<String>();
    for (int i = 0; i < deniedArray.size(); i++) {
        deniedPrivilegeNames.add(deniedArray.getString(i));
    }
    H.assertPrivilege(deniedPrivilegeNames, true, "jcr:write");
    //2. post a new set of privileges to merge with the existing privileges
    List<NameValuePair> postParams2 = new ArrayList<NameValuePair>();
    postParams2.add(new NameValuePair("principalId", testUserId));
    //jcr:read is not posted, so it should remain in the granted ACE
    //add a new privilege
    postParams2.add(new NameValuePair("privilege@jcr:modifyProperties", "granted"));
    //jcr:write is not posted, but one of the aggregate privileges is now granted, so the aggregate priviledge should be disagreaged into
    //  the remaining denied privileges in the denied ACE
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams2, null);
    //fetch the JSON for the acl to verify the settings.
    String json2 = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json2);
    JsonObject jsonObject2 = JsonUtil.parseObject(json2);
    assertEquals(1, jsonObject2.size());
    JsonObject aceObject2 = jsonObject2.getJsonObject(testUserId);
    assertNotNull(aceObject2);
    assertEquals(testUserId, aceObject2.getString("principal"));
    JsonArray grantedArray2 = aceObject2.getJsonArray("granted");
    assertNotNull(grantedArray2);
    assertEquals(2, grantedArray2.size());
    Set<String> grantedPrivilegeNames2 = new HashSet<String>();
    for (int i = 0; i < grantedArray2.size(); i++) {
        grantedPrivilegeNames2.add(grantedArray2.getString(i));
    }
    H.assertPrivilege(grantedPrivilegeNames2, true, "jcr:read");
    H.assertPrivilege(grantedPrivilegeNames2, true, "jcr:modifyProperties");
    JsonArray deniedArray2 = aceObject2.getJsonArray("denied");
    assertNotNull(deniedArray2);
    assertEquals(3, deniedArray2.size());
    Set<String> deniedPrivilegeNames2 = new HashSet<String>();
    for (int i = 0; i < deniedArray2.size(); i++) {
        deniedPrivilegeNames2.add(deniedArray2.getString(i));
    }
    H.assertPrivilege(deniedPrivilegeNames2, false, "jcr:write");
    //only the remaining privileges from the disaggregated jcr:write collection should remain.
    H.assertPrivilege(deniedPrivilegeNames2, true, "jcr:addChildNodes");
    H.assertPrivilege(deniedPrivilegeNames2, true, "jcr:removeNode");
    H.assertPrivilege(deniedPrivilegeNames2, true, "jcr:removeChildNodes");
}
Also used : JsonArray(javax.json.JsonArray) NameValuePair(org.apache.commons.httpclient.NameValuePair) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HashSet(java.util.HashSet) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Example 93 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class AuthRequestLoginTest method testForcedLogin.

public void testForcedLogin() throws Exception {
    // disable credentials -> anonymous session
    final URL url = new URL(HTTP_BASE_URL);
    final AuthScope scope = new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM);
    httpClient.getParams().setAuthenticationPreemptive(false);
    httpClient.getState().setCredentials(scope, null);
    {
        final String content = getContent(HTTP_BASE_URL + SESSION_INFO_PATH, CONTENT_TYPE_JSON);
        assertJavascript("anonymous", content, "out.println(data.userID)");
    }
    // root must return 20x or 30x
    final GetMethod get = new GetMethod(HTTP_BASE_URL + "/");
    final int status = httpClient.executeMethod(get);
    final int status10 = status / 10;
    if (status10 != 20 && status10 != 30) {
        fail("Expected 20x or 30x status, got " + status);
    }
    // root with sling:authRequestLogin=true must return 401
    assertHttpStatus(HTTP_BASE_URL + "/?sling:authRequestLogin=true", HttpServletResponse.SC_UNAUTHORIZED);
    // re-enable credentials -> admin session
    httpClient.getParams().setAuthenticationPreemptive(true);
    Credentials defaultcreds = new UsernamePasswordCredentials("admin", "admin");
    httpClient.getState().setCredentials(scope, defaultcreds);
    {
        final String content = getContent(HTTP_BASE_URL + SESSION_INFO_PATH, CONTENT_TYPE_JSON);
        assertJavascript("admin", content, "out.println(data.userID)");
    }
}
Also used : AuthScope(org.apache.commons.httpclient.auth.AuthScope) GetMethod(org.apache.commons.httpclient.methods.GetMethod) URL(java.net.URL) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)

Example 94 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class HttpOsgiClient method getHttpClient.

private HttpClient getHttpClient() {
    HttpClient client = new HttpClient();
    client.getHttpConnectionManager().getParams().setConnectionTimeout(DEFAULT_CONNECT_TIMEOUT_SECONDS * 1000);
    client.getHttpConnectionManager().getParams().setSoTimeout(DEFAULT_SOCKET_TIMEOUT_SECONDS * 1000);
    client.getParams().setAuthenticationPreemptive(true);
    Credentials defaultcreds = new UsernamePasswordCredentials(repositoryInfo.getUsername(), repositoryInfo.getPassword());
    client.getState().setCredentials(new AuthScope(repositoryInfo.getHost(), repositoryInfo.getPort(), AuthScope.ANY_REALM), defaultcreds);
    return client;
}
Also used : HttpClient(org.apache.commons.httpclient.HttpClient) AuthScope(org.apache.commons.httpclient.auth.AuthScope) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)

Example 95 with UsernamePasswordCredentials

use of org.apache.commons.httpclient.UsernamePasswordCredentials in project sling by apache.

the class CreateGroupTest method testCreateGroup.

public void testCreateGroup() throws IOException, JsonException {
    String postUrl = HTTP_BASE_URL + "/system/userManager/group.create.html";
    testGroupId = "testGroup" + random.nextInt();
    List<NameValuePair> postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair(":name", testGroupId));
    postParams.add(new NameValuePair("marker", testGroupId));
    assertAuthenticatedAdminPostStatus(postUrl, HttpServletResponse.SC_OK, postParams, null);
    //fetch the group profile json to verify the settings
    String getUrl = HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".json";
    Credentials creds = new UsernamePasswordCredentials("admin", "admin");
    String json = getAuthenticatedContent(creds, getUrl, CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObj = JsonUtil.parseObject(json);
    assertEquals(testGroupId, jsonObj.getString("marker"));
}
Also used : NameValuePair(org.apache.commons.httpclient.NameValuePair) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials)

Aggregations

UsernamePasswordCredentials (org.apache.commons.httpclient.UsernamePasswordCredentials)113 Credentials (org.apache.commons.httpclient.Credentials)97 ArrayList (java.util.ArrayList)65 NameValuePair (org.apache.commons.httpclient.NameValuePair)61 JsonObject (javax.json.JsonObject)52 HttpTest (org.apache.sling.commons.testing.integration.HttpTest)51 Test (org.junit.Test)51 JsonArray (javax.json.JsonArray)19 HttpClient (org.apache.commons.httpclient.HttpClient)19 AuthScope (org.apache.commons.httpclient.auth.AuthScope)17 HashSet (java.util.HashSet)14 GetMethod (org.apache.commons.httpclient.methods.GetMethod)14 HttpException (org.apache.commons.httpclient.HttpException)9 IOException (java.io.IOException)8 HttpMethod (org.apache.commons.httpclient.HttpMethod)8 HttpState (org.apache.commons.httpclient.HttpState)6 PostMethod (org.apache.commons.httpclient.methods.PostMethod)6 URL (java.net.URL)5 RepositoryException (org.apache.sling.ide.transport.RepositoryException)5 Header (org.apache.commons.httpclient.Header)4