Examples with ClaimCollection org.apache.cxf.rt.security.claims.ClaimCollection used on opensource projects

Search in sources :

Example 66 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cas by apereo.

the class WrappingSecurityTokenServiceClaimsHandlerTests method verifyClaimNoPrincipal.

@Test
public void verifyClaimNoPrincipal() {
    val claims = new ClaimCollection();
    val claim = new Claim();
    claim.setClaimType(WSFederationClaims.COMMON_NAME.getUri());
    claims.add(claim);
    val parameters = new ClaimsParameters();
    parameters.setRealm("CAS");
    val handler = new WrappingSecurityTokenServiceClaimsHandler("CAS", "https://apereo.org/cas");
    assertTrue(handler.retrieveClaimValues(claims, parameters).isEmpty());
}
Also used : lombok.val(lombok.val) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) Claim(org.apache.cxf.rt.security.claims.Claim) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters) Test(org.junit.jupiter.api.Test)

Example 67 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cas by apereo.

the class WrappingSecurityTokenServiceClaimsHandlerTests method verifyClaims.

@Test
public void verifyClaims() {
    val claims = new ClaimCollection();
    val claim = new Claim();
    claim.setClaimType(WSFederationClaims.COMMON_NAME.getUri());
    claims.add(claim);
    val parameters = new ClaimsParameters();
    parameters.setRealm("CAS");
    parameters.setPrincipal(mock(Principal.class));
    val handler = new WrappingSecurityTokenServiceClaimsHandler("CAS", "https://apereo.org/cas");
    assertFalse(handler.retrieveClaimValues(claims, parameters).isEmpty());
}
Also used : lombok.val(lombok.val) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) Claim(org.apache.cxf.rt.security.claims.Claim) Principal(java.security.Principal) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters) Test(org.junit.jupiter.api.Test)

Example 68 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class SAMLClaimsTest method testSAML2MultipleRoles.

@org.junit.Test
public void testSAML2MultipleRoles() throws Exception {
    AttributeBean attributeBean = new AttributeBean();
    attributeBean.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT);
    attributeBean.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
    attributeBean.addAttributeValue("employee");
    attributeBean.addAttributeValue("boss");
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
    samlCallbackHandler.setAttributes(Collections.singletonList(attributeBean));
    // Create the SAML Assertion via the CallbackHandler
    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
    SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
    Document doc = DOMUtils.newDocument();
    samlAssertion.toDOM(doc);
    ClaimCollection claims = SAMLUtils.getClaims(samlAssertion);
    assertEquals(claims.getDialect().toString(), "http://schemas.xmlsoap.org/ws/2005/05/identity");
    assertEquals(1, claims.size());
    // Check Claim values
    Claim claim = claims.get(0);
    assertEquals(claim.getClaimType(), SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT);
    assertEquals(2, claim.getValues().size());
    assertTrue(claim.getValues().contains("employee"));
    assertTrue(claim.getValues().contains("boss"));
    // Check SAMLClaim values
    assertTrue(claim instanceof SAMLClaim);
    assertEquals(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT, ((SAMLClaim) claim).getName());
    assertEquals(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED, ((SAMLClaim) claim).getNameFormat());
    // Check roles
    Set<Principal> roles = SAMLUtils.parseRolesFromClaims(claims, SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT, SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
    assertEquals(2, roles.size());
}
Also used : SAMLClaim(org.apache.cxf.rt.security.claims.SAMLClaim) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean) Document(org.w3c.dom.Document) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) SAMLClaim(org.apache.cxf.rt.security.claims.SAMLClaim) Claim(org.apache.cxf.rt.security.claims.Claim) Principal(java.security.Principal)

Example 69 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class ClaimsAuthorizingInterceptorTest method prepareMessage.

private Message prepareMessage(Class<?> cls, String methodName, String roleName, org.apache.cxf.rt.security.claims.Claim... claim) throws Exception {
    ClaimCollection claims = new ClaimCollection();
    Collections.addAll(claims, claim);
    Set<Principal> roles = parseRolesFromClaims(claims, roleName, "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
    ClaimsSecurityContext sc = new ClaimsSecurityContext() {

        private Principal p = new SimplePrincipal("user");

        @Override
        public Principal getUserPrincipal() {
            return p;
        }

        @Override
        public boolean isUserInRole(String role) {
            if (roles == null) {
                return false;
            }
            for (Principal principalRole : roles) {
                if (principalRole != p && principalRole.getName().equals(role)) {
                    return true;
                }
            }
            return false;
        }

        @Override
        public Subject getSubject() {
            return null;
        }

        @Override
        public Set<Principal> getUserRoles() {
            return roles;
        }

        @Override
        public ClaimCollection getClaims() {
            return claims;
        }
    };
    Message m = new MessageImpl();
    m.setExchange(new ExchangeImpl());
    m.put(SecurityContext.class, sc);
    m.put("org.apache.cxf.resource.method", cls.getMethod(methodName, new Class[] {}));
    return m;
}
Also used : Message(org.apache.cxf.message.Message) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ClaimsSecurityContext(org.apache.cxf.rt.security.claims.ClaimsSecurityContext) MessageImpl(org.apache.cxf.message.MessageImpl) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) Principal(java.security.Principal) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) ExchangeImpl(org.apache.cxf.message.ExchangeImpl)

Example 70 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class SAMLClaimsTest method testSAML2MultipleClaims.

@org.junit.Test
public void testSAML2MultipleClaims() throws Exception {
    AttributeBean attributeBean = new AttributeBean();
    attributeBean.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT);
    attributeBean.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
    attributeBean.addAttributeValue("employee");
    AttributeBean attributeBean2 = new AttributeBean();
    attributeBean2.setQualifiedName("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname");
    attributeBean2.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
    attributeBean2.addAttributeValue("smith");
    SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
    List<AttributeBean> attributes = new ArrayList<>();
    attributes.add(attributeBean);
    attributes.add(attributeBean2);
    samlCallbackHandler.setAttributes(attributes);
    // Create the SAML Assertion via the CallbackHandler
    SAMLCallback samlCallback = new SAMLCallback();
    SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
    SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
    Document doc = DOMUtils.newDocument();
    samlAssertion.toDOM(doc);
    ClaimCollection claims = SAMLUtils.getClaims(samlAssertion);
    assertEquals(claims.getDialect().toString(), "http://schemas.xmlsoap.org/ws/2005/05/identity");
    assertEquals(2, claims.size());
    // Check roles
    Set<Principal> roles = SAMLUtils.parseRolesFromClaims(claims, SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT, SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
    assertEquals(1, roles.size());
    Principal p = roles.iterator().next();
    assertEquals("employee", p.getName());
}
Also used : ArrayList(java.util.ArrayList) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback) AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean) Document(org.w3c.dom.Document) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) Principal(java.security.Principal)

Aggregations

ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)100 Claim (org.apache.cxf.rt.security.claims.Claim)63 ClaimsManager (org.apache.cxf.sts.claims.ClaimsManager)46 ClaimsParameters (org.apache.cxf.sts.claims.ClaimsParameters)43 ProcessedClaimCollection (org.apache.cxf.sts.claims.ProcessedClaimCollection)42 ProcessedClaim (org.apache.cxf.sts.claims.ProcessedClaim)31 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)26 ClaimsHandler (org.apache.cxf.sts.claims.ClaimsHandler)23 Principal (java.security.Principal)22 CustomClaimsHandler (org.apache.cxf.sts.common.CustomClaimsHandler)22 URI (java.net.URI)21 Element (org.w3c.dom.Element)21 StaticClaimsHandler (org.apache.cxf.sts.claims.StaticClaimsHandler)15 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)13 ArrayList (java.util.ArrayList)12 LdapClaimsHandler (org.apache.cxf.sts.claims.LdapClaimsHandler)12 JAXBElement (javax.xml.bind.JAXBElement)10 Test (org.junit.Test)10 SAMLSecurityContext (org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext)9 StaticEndpointClaimsHandler (org.apache.cxf.sts.claims.StaticEndpointClaimsHandler)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial