Search in sources :

Example 1 with AccessMgr

use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.

the class AccessMgrImplTest method authenticateLockedUsers.

/**
 * @param msg
 * @param uArray
 */
private static void authenticateLockedUsers(String msg, String[][] uArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            // now try negative test case:
            try {
                accessMgr.authenticate(user.getUserId(), user.getPassword());
                fail(CLS_NM + ".authenticateLockedUsers failed test");
            } catch (SecurityException se) {
                assertTrue(CLS_NM + "authenticateLockedUsers reset excep id check", se.getErrorId() == GlobalErrIds.USER_PW_LOCKED);
            // pass
            // LOG.error("locked=" + se.getMsgid() + " msg=" + se.getMessage());
            }
        }
        LOG.debug("authenticateLockedUsers successful");
    } catch (SecurityException ex) {
        LOG.error("authenticateLockedUsers: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) SecurityException(org.apache.directory.fortress.core.SecurityException)

Example 2 with AccessMgr

use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.

the class AccessMgrImplTest method addActiveRoles.

/**
 * @param msg
 * @param uArray
 * @param rPosArray
 * @param rNegArray
 */
public static void addActiveRoles(String msg, String[][] uArray, String[][] rPosArray, String[][] rNegArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            Session session = accessMgr.createSession(user, false);
            assertNotNull(session);
            List<UserRole> uRoles = session.getRoles();
            assertNotNull(uRoles);
            assertEquals(CLS_NM + ".addActiveRoles failed list size user[" + user.getUserId() + "]", rPosArray.length, uRoles.size());
            for (String[] rle : rPosArray) {
                assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should be present", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
            }
            // Attempt to activate roles that aren't assigned to user:
            for (String[] badRle : rNegArray) {
                try {
                    // Add Role (this better fail):
                    accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(badRle)));
                    String error = "addActiveRoles failed negative test 1 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(badRle) + "]";
                    LOG.info(error);
                    fail(error);
                } catch (SecurityException se) {
                    assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_ACTIVATE_FAILED);
                // pass
                }
            }
            // remove all roles from the user's session:
            int ctr = rPosArray.length;
            for (String[] rle : rPosArray) {
                // Drop Role:
                accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
                assertEquals(CLS_NM + ".addActiveRoles failed list size user[" + user.getUserId() + "]", (--ctr), session.getRoles().size());
                assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should not contain role", !session.getRoles().contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
                // Drop Role again: (This better fail because role  has already been deactivated from user's session)
                try {
                    // Drop Role3 (this better fail):
                    accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
                    String error = "addActiveRoles failed negative test 2 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
                    LOG.info(error);
                    fail(error);
                } catch (SecurityException se) {
                    assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_NOT_ACTIVE);
                }
            }
            // Now activate the list of assigned roles:
            ctr = 0;
            for (String[] rle : rPosArray) {
                // Activate Role(s):
                accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(rle)));
                uRoles = session.getRoles();
                assertEquals(CLS_NM + ".addActiveRoles failed list size user [" + user.getUserId() + "]", ++ctr, uRoles.size());
                assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should contain role", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
                try {
                    // Activate Role again (this should throw SecurityException):
                    accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(rle)));
                    String error = "addActiveRoles failed test 3 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
                    LOG.info(error);
                    fail(error);
                } catch (SecurityException se) {
                    assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_ALREADY_ACTIVE);
                // this is good
                }
            }
        }
    } catch (SecurityException ex) {
        LOG.error("addActiveRoles: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) UserRole(org.apache.directory.fortress.core.model.UserRole) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Example 3 with AccessMgr

use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.

the class AccessMgrImplTest method getUserIds.

/**
 * @param msg
 * @param uArray
 */
public static void getUserIds(String msg, String[][] uArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            Session session = accessMgr.authenticate(user.getUserId(), user.getPassword());
            assertNotNull(session);
            String userId = accessMgr.getUserId(session);
            assertTrue("getUserIds failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
        }
        LOG.debug("getUserIds successful");
    } catch (SecurityException ex) {
        LOG.error("getUserIds: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Example 4 with AccessMgr

use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.

the class AccessMgrImplTest method createSessionsWithRolesTrusted.

/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void createSessionsWithRolesTrusted(String msg, String[][] uArray, String[][] rArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            List<UserRole> rlsRequested = new ArrayList<>();
            int cnt = 0;
            for (String[] rle : rArray) {
                rlsRequested.add(RoleTestData.getUserRole(user.getUserId(), rle));
                user.setRoles(rlsRequested);
                Session session = accessMgr.createSession(user, true);
                assertTrue(CLS_NM + ".createSessionsWithRolesTrusted failed role search USER [" + user.getUserId() + "] CNT [" + ++cnt + "] size [" + session.getRoles().size() + "]", cnt == session.getRoles().size());
                String userId = accessMgr.getUserId(session);
                assertTrue(CLS_NM + ".createSessionsWithRolesTrusted failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
                UserTestData.assertEquals(user, usr);
            }
        }
        LOG.debug("createSessionsWithRolesTrusted successful");
    } catch (SecurityException ex) {
        LOG.error("createSessionsWithRolesTrusted: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) UserRole(org.apache.directory.fortress.core.model.UserRole) ArrayList(java.util.ArrayList) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Example 5 with AccessMgr

use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.

the class AccessMgrImplTest method createSessionsDSD.

/**
 * @param msg
 * @param uArray
 * @param dsdArray
 */
public static void createSessionsDSD(String msg, String[][] uArray, String[][] dsdArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        int i = 0;
        for (String[] usr : uArray) {
            SDSet dsd = RoleTestData.getSDSet(dsdArray[i++]);
            User user = UserTestData.getUser(usr);
            Session session = accessMgr.createSession(user, false);
            assertNotNull(session);
            String userId = accessMgr.getUserId(session);
            assertTrue(CLS_NM + ".createSessionsDSD failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
            UserTestData.assertEquals(user, usr);
            List<UserRole> uRoles = session.getRoles();
            assertNotNull(uRoles);
            // was the number of members in test DSD greater than the cardinality?
            if (dsd.getMembers().size() < dsd.getCardinality()) {
                assertEquals(CLS_NM + ".createSessionsDSD role list size check failed user-role user [" + user.getUserId() + "]", dsd.getMembers().size(), uRoles.size());
            } else {
                assertEquals(CLS_NM + ".createSessionsDSD role cardinality check failed user-role list size user [" + user.getUserId() + "] dsd set [" + dsd.getName() + "] card [" + dsd.getCardinality() + "] listsize [" + uRoles.size() + "]", dsd.getCardinality() - 1, uRoles.size());
            }
        }
        LOG.debug("createSessionsDSD successful");
    } catch (SecurityException ex) {
        LOG.error("createSessionsDSD: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : SDSet(org.apache.directory.fortress.core.model.SDSet) User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) UserRole(org.apache.directory.fortress.core.model.UserRole) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Aggregations

AccessMgr (org.apache.directory.fortress.core.AccessMgr)41 SecurityException (org.apache.directory.fortress.core.SecurityException)41 User (org.apache.directory.fortress.core.model.User)37 Session (org.apache.directory.fortress.core.model.Session)32 UserRole (org.apache.directory.fortress.core.model.UserRole)17 Permission (org.apache.directory.fortress.core.model.Permission)7 AdminMgr (org.apache.directory.fortress.core.AdminMgr)6 PwPolicyMgr (org.apache.directory.fortress.core.PwPolicyMgr)6 DelAccessMgr (org.apache.directory.fortress.core.DelAccessMgr)4 ArrayList (java.util.ArrayList)3 UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)3 AdminRole (org.apache.directory.fortress.core.model.AdminRole)2 Role (org.apache.directory.fortress.core.model.Role)2 SDSet (org.apache.directory.fortress.core.model.SDSet)2 CSVWriter (au.com.bytecode.opencsv.CSVWriter)1 FileWriter (java.io.FileWriter)1 IOException (java.io.IOException)1 SimpleDateFormat (java.text.SimpleDateFormat)1 Date (java.util.Date)1 Enumeration (java.util.Enumeration)1