Search in sources :

Example 81 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class AccessMgrImplTest method createSessionsWithRolesTrusted.

/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void createSessionsWithRolesTrusted(String msg, String[][] uArray, String[][] rArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            List<UserRole> rlsRequested = new ArrayList<>();
            int cnt = 0;
            for (String[] rle : rArray) {
                rlsRequested.add(RoleTestData.getUserRole(user.getUserId(), rle));
                user.setRoles(rlsRequested);
                Session session = accessMgr.createSession(user, true);
                assertTrue(CLS_NM + ".createSessionsWithRolesTrusted failed role search USER [" + user.getUserId() + "] CNT [" + ++cnt + "] size [" + session.getRoles().size() + "]", cnt == session.getRoles().size());
                String userId = accessMgr.getUserId(session);
                assertTrue(CLS_NM + ".createSessionsWithRolesTrusted failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
                UserTestData.assertEquals(user, usr);
            }
        }
        LOG.debug("createSessionsWithRolesTrusted successful");
    } catch (SecurityException ex) {
        LOG.error("createSessionsWithRolesTrusted: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) UserRole(org.apache.directory.fortress.core.model.UserRole) ArrayList(java.util.ArrayList) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Example 82 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class AccessMgrImplTest method createSessionsDSD.

/**
 * @param msg
 * @param uArray
 * @param dsdArray
 */
public static void createSessionsDSD(String msg, String[][] uArray, String[][] dsdArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        int i = 0;
        for (String[] usr : uArray) {
            SDSet dsd = RoleTestData.getSDSet(dsdArray[i++]);
            User user = UserTestData.getUser(usr);
            Session session = accessMgr.createSession(user, false);
            assertNotNull(session);
            String userId = accessMgr.getUserId(session);
            assertTrue(CLS_NM + ".createSessionsDSD failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
            UserTestData.assertEquals(user, usr);
            List<UserRole> uRoles = session.getRoles();
            assertNotNull(uRoles);
            // was the number of members in test DSD greater than the cardinality?
            if (dsd.getMembers().size() < dsd.getCardinality()) {
                assertEquals(CLS_NM + ".createSessionsDSD role list size check failed user-role user [" + user.getUserId() + "]", dsd.getMembers().size(), uRoles.size());
            } else {
                assertEquals(CLS_NM + ".createSessionsDSD role cardinality check failed user-role list size user [" + user.getUserId() + "] dsd set [" + dsd.getName() + "] card [" + dsd.getCardinality() + "] listsize [" + uRoles.size() + "]", dsd.getCardinality() - 1, uRoles.size());
            }
        }
        LOG.debug("createSessionsDSD successful");
    } catch (SecurityException ex) {
        LOG.error("createSessionsDSD: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : SDSet(org.apache.directory.fortress.core.model.SDSet) User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) UserRole(org.apache.directory.fortress.core.model.UserRole) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Example 83 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class AccessMgrImplTest method authenticateResetUsers.

/**
 * @param msg
 * @param uArray
 */
private static void authenticateResetUsers(String msg, String[][] uArray, String[] plcy) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        PwPolicyMgr policyMgr = PswdPolicyMgrImplTest.getManagedPswdMgr();
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            // update this user with pw policy that requires change after reset:
            policyMgr.updateUserPolicy(user.getUserId(), PolicyTestData.getName(plcy));
            // now try negative test case:
            try {
                accessMgr.authenticate(user.getUserId(), user.getPassword());
                // accessMgr.authenticate( user.getUserId(), user.getPassword() );
                fail(CLS_NM + ".authenticateResetUsers failed test");
            } catch (SecurityException se) {
                assertTrue(CLS_NM + "authenticateResetUsers reset excep id check", se.getErrorId() == GlobalErrIds.USER_PW_RESET);
            // pass
            }
        }
        LOG.debug("authenticateResetUsers successful");
    } catch (SecurityException ex) {
        LOG.error("authenticateResetUsers: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) PwPolicyMgr(org.apache.directory.fortress.core.PwPolicyMgr) SecurityException(org.apache.directory.fortress.core.SecurityException)

Example 84 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class AccessMgrImplTest method dropActiveRoles.

/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void dropActiveRoles(String msg, String[][] uArray, String[][] rArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            Session session = accessMgr.createSession(user, false);
            assertNotNull(session);
            List<UserRole> uRoles = session.getRoles();
            assertNotNull(uRoles);
            assertEquals(CLS_NM + ".dropActiveRoles failed list size user[" + user.getUserId() + "]", rArray.length, uRoles.size());
            for (String[] rle : rArray) {
                assertTrue(CLS_NM + ".dropActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should be present", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
            }
            // remove all roles from the user's session:
            int ctr = rArray.length;
            for (String[] rle : rArray) {
                // Drop Role:
                accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
                assertEquals(CLS_NM + ".dropActiveRoles failed list size user[" + user.getUserId() + "]", (--ctr), session.getRoles().size());
                assertTrue(CLS_NM + ".dropActiveRoles failed role search USER [" + user.getUserId() + "] ROLE [" + RoleTestData.getName(rle) + "] should not contain role", !session.getRoles().contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
                // Drop Role again: (This better fail because role  has already been deactivated from user's session)
                try {
                    // Drop Role3 (this better fail):
                    accessMgr.dropActiveRole(session, new UserRole(RoleTestData.getName(rle)));
                    String error = "dropActiveRoles failed negative test 2 User [" + user.getUserId() + "] Role [" + RoleTestData.getName(rle) + "]";
                    LOG.info(error);
                    fail(error);
                } catch (SecurityException se) {
                    assertTrue("dropActiveRoles excep id check", se.getErrorId() == GlobalErrIds.URLE_NOT_ACTIVE);
                }
            }
        }
    } catch (SecurityException ex) {
        LOG.error("dropActiveRoles: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) UserRole(org.apache.directory.fortress.core.model.UserRole) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Example 85 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class AccessMgrImplTest method createSessions.

/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void createSessions(String msg, String[][] uArray, String[][] rArray) {
    LogUtil.logIt(msg);
    try {
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        for (String[] usr : uArray) {
            User user = UserTestData.getUser(usr);
            Session session = accessMgr.createSession(user, false);
            assertNotNull(session);
            String userId = accessMgr.getUserId(session);
            assertTrue(CLS_NM + ".createSessions failed compare found userId [" + userId + "] valid userId [" + UserTestData.getUserId(usr) + "]", userId.equalsIgnoreCase(UserTestData.getUserId(usr)));
            UserTestData.assertEquals(user, usr);
            List<UserRole> uRoles = session.getRoles();
            assertNotNull(uRoles);
            assertEquals(CLS_NM + ".createSessions user role check failed list size user [" + user.getUserId() + "]", rArray.length, uRoles.size());
            for (String[] rle : rArray) {
                assertTrue(CLS_NM + ".createSessions failed role search USER [" + user.getUserId() + "] ROLE1 [" + RoleTestData.getName(rle) + "] should be present", uRoles.contains(RoleTestData.getUserRole(UserTestData.getUserId(usr), rle)));
            }
            // now try negative test case:
            try {
                User userBad = new User(user.getUserId(), "badpw");
                accessMgr.createSession(userBad, false);
                fail(CLS_NM + ".createSessions failed negative test");
            } catch (SecurityException se) {
                assertTrue(CLS_NM + "createSessions excep id check", se.getErrorId() == GlobalErrIds.USER_PW_INVLD);
            // pass
            }
        }
        LOG.debug("createSessions successful");
    } catch (SecurityException ex) {
        LOG.error("createSessions: failed with SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : User(org.apache.directory.fortress.core.model.User) AccessMgr(org.apache.directory.fortress.core.AccessMgr) UserRole(org.apache.directory.fortress.core.model.UserRole) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Aggregations

SecurityException (org.apache.directory.fortress.core.SecurityException)441 FortRequest (org.apache.directory.fortress.core.model.FortRequest)152 FortResponse (org.apache.directory.fortress.core.model.FortResponse)152 User (org.apache.directory.fortress.core.model.User)125 AdminMgr (org.apache.directory.fortress.core.AdminMgr)89 UserRole (org.apache.directory.fortress.core.model.UserRole)88 Role (org.apache.directory.fortress.core.model.Role)66 ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)65 Session (org.apache.directory.fortress.core.model.Session)59 Permission (org.apache.directory.fortress.core.model.Permission)56 AccessMgr (org.apache.directory.fortress.core.AccessMgr)41 DelAdminMgr (org.apache.directory.fortress.core.DelAdminMgr)39 SDSet (org.apache.directory.fortress.core.model.SDSet)37 OrgUnit (org.apache.directory.fortress.core.model.OrgUnit)36 RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)34 UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)33 AdminRole (org.apache.directory.fortress.core.model.AdminRole)25 PermObj (org.apache.directory.fortress.core.model.PermObj)22 Group (org.apache.directory.fortress.core.model.Group)19 PwPolicyMgr (org.apache.directory.fortress.core.PwPolicyMgr)17