use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.
the class AccessMgrImplTest method authenticateLockedUsers.
/**
* @param msg
* @param uArray
*/
private static void authenticateLockedUsers(String msg, String[][] uArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
// now try negative test case:
try {
accessMgr.authenticate(user.getUserId(), user.getPassword());
fail(CLS_NM + ".authenticateLockedUsers failed test");
} catch (SecurityException se) {
assertTrue(CLS_NM + "authenticateLockedUsers reset excep id check", se.getErrorId() == GlobalErrIds.USER_PW_LOCKED);
// pass
// LOG.error("locked=" + se.getMsgid() + " msg=" + se.getMessage());
}
}
LOG.debug("authenticateLockedUsers successful");
} catch (SecurityException ex) {
LOG.error("authenticateLockedUsers: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.
the class AccessMgrImplTest method addActiveRoles.
/**
* @param msg
* @param uArray
* @param rPosArray
* @param rNegArray
*/
public static void addActiveRoles(String msg, String[][] uArray, String[][] rPosArray, String[][] rNegArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
Session session = accessMgr.createSession(user, false);
assertNotNull(session);
List<UserRole> uRoles = session.getRoles();
assertNotNull(uRoles);
assertEquals(CLS_NM + ".addActiveRoles failed list size user[" + user.getUserId() + "]", rPosArray.length, uRoles.size());
for (String[] rle : rPosArray) {
assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should be present", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
}
// Attempt to activate roles that aren't assigned to user:
for (String[] badRle : rNegArray) {
try {
// Add Role (this better fail):
accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(badRle)));
String error = "addActiveRoles failed negative test 1 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(badRle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_ACTIVATE_FAILED);
// pass
}
}
// remove all roles from the user's session:
int ctr = rPosArray.length;
for (String[] rle : rPosArray) {
// Drop Role:
accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
assertEquals(CLS_NM + ".addActiveRoles failed list size user[" + user.getUserId() + "]", (--ctr), session.getRoles().size());
assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should not contain role", !session.getRoles().contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
// Drop Role again: (This better fail because role has already been deactivated from user's session)
try {
// Drop Role3 (this better fail):
accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
String error = "addActiveRoles failed negative test 2 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_NOT_ACTIVE);
}
}
// Now activate the list of assigned roles:
ctr = 0;
for (String[] rle : rPosArray) {
// Activate Role(s):
accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(rle)));
uRoles = session.getRoles();
assertEquals(CLS_NM + ".addActiveRoles failed list size user [" + user.getUserId() + "]", ++ctr, uRoles.size());
assertTrue(CLS_NM + ".addActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should contain role", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
try {
// Activate Role again (this should throw SecurityException):
accessMgr.addActiveRole(session, new UserRole(RoleTestData.getName(rle)));
String error = "addActiveRoles failed test 3 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
LOG.info(error);
fail(error);
} catch (SecurityException se) {
assertTrue(CLS_NM + "addActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_ALREADY_ACTIVE);
// this is good
}
}
}
} catch (SecurityException ex) {
LOG.error("addActiveRoles: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.
the class AccessMgrImplTest method getUserIds.
/**
* @param msg
* @param uArray
*/
public static void getUserIds(String msg, String[][] uArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
Session session = accessMgr.authenticate(user.getUserId(), user.getPassword());
assertNotNull(session);
String userId = accessMgr.getUserId(session);
assertTrue("getUserIds failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
}
LOG.debug("getUserIds successful");
} catch (SecurityException ex) {
LOG.error("getUserIds: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.
the class AccessMgrImplTest method createSessionsWithRolesTrusted.
/**
* @param msg
* @param uArray
* @param rArray
*/
public static void createSessionsWithRolesTrusted(String msg, String[][] uArray, String[][] rArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
List<UserRole> rlsRequested = new ArrayList<>();
int cnt = 0;
for (String[] rle : rArray) {
rlsRequested.add(RoleTestData.getUserRole(user.getUserId(), rle));
user.setRoles(rlsRequested);
Session session = accessMgr.createSession(user, true);
assertTrue(CLS_NM + ".createSessionsWithRolesTrusted failed role search USER [" + user.getUserId() + "] CNT [" + ++cnt + "] size [" + session.getRoles().size() + "]", cnt == session.getRoles().size());
String userId = accessMgr.getUserId(session);
assertTrue(CLS_NM + ".createSessionsWithRolesTrusted failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
UserTestData.assertEquals(user, usr);
}
}
LOG.debug("createSessionsWithRolesTrusted successful");
} catch (SecurityException ex) {
LOG.error("createSessionsWithRolesTrusted: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
use of org.apache.directory.fortress.core.AccessMgr in project directory-fortress-core by apache.
the class AccessMgrImplTest method createSessionsDSD.
/**
* @param msg
* @param uArray
* @param dsdArray
*/
public static void createSessionsDSD(String msg, String[][] uArray, String[][] dsdArray) {
LogUtil.logIt(msg);
try {
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
int i = 0;
for (String[] usr : uArray) {
SDSet dsd = RoleTestData.getSDSet(dsdArray[i++]);
User user = UserTestData.getUser(usr);
Session session = accessMgr.createSession(user, false);
assertNotNull(session);
String userId = accessMgr.getUserId(session);
assertTrue(CLS_NM + ".createSessionsDSD failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
UserTestData.assertEquals(user, usr);
List<UserRole> uRoles = session.getRoles();
assertNotNull(uRoles);
// was the number of members in test DSD greater than the cardinality?
if (dsd.getMembers().size() < dsd.getCardinality()) {
assertEquals(CLS_NM + ".createSessionsDSD role list size check failed user-role user [" + user.getUserId() + "]", dsd.getMembers().size(), uRoles.size());
} else {
assertEquals(CLS_NM + ".createSessionsDSD role cardinality check failed user-role list size user [" + user.getUserId() + "] dsd set [" + dsd.getName() + "] card [" + dsd.getCardinality() + "] listsize [" + uRoles.size() + "]", dsd.getCardinality() - 1, uRoles.size());
}
}
LOG.debug("createSessionsDSD successful");
} catch (SecurityException ex) {
LOG.error("createSessionsDSD: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Aggregations