Examples with Session org.apache.directory.fortress.core.model.Session used on opensource projects

Example 61 with Session

use of org.apache.directory.fortress.core.model.Session in project directory-fortress-core by apache.

the class AccessMgrSample method testSessionPermissions.

/**
 * The sessionPermissions API is useful for GUI programs that need to cache all of the User's Permissions in the
 * HTTP Session or application cache.  This is useful when providing access control lists for menu items and other
 * controls that sometimes need to check authorizations on.  This API will return all permissions that are granted
 * to User's activated Roles along with Permissions that have been granted directly to the User entity itself.
 */
public static void testSessionPermissions() {
    String szLocation = ".testSessionPermissions";
    try {
        // Instantiate the AccessMgr implementation.
        AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
        // utility function will create an Fortress Session.  The Session contains the user's activated
        // roles along with other related attributes and status information (i.e. password status)
        Session session = createSession(CreateUserSample.TEST_USERID, CreateUserSample.TEST_PASSWORD, accessMgr);
        assertNotNull(session);
        List<Permission> perms = accessMgr.sessionPermissions(session);
        assertNotNull(perms);
        assertTrue(szLocation + " list check, expected: 5, actual:" + perms.size(), perms.size() == 5);
        // iterate over expected permissions to make sure they are returned from sessionPermissions API.
        for (int i = 1; i < 6; i++) {
            // A Permission consists of an object name and operation name.
            Permission checkPerm = new Permission(CreatePermSample.TEST_PERM_OBJECT, CreatePermSample.TEST_PERM_OPERATION_PREFIX + i);
            boolean result = accessMgr.checkAccess(session, checkPerm);
            assertTrue(szLocation, result);
            LOG.info(szLocation + " user [" + session.getUserId() + "] permission object [" + checkPerm.getObjName() + "] operation name [" + checkPerm.getOpName() + "] success");
        }
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 62 with Session

use of org.apache.directory.fortress.core.model.Session in project directory-fortress-core by apache.

the class TestAccelerator method testCreateSession.

@Test
public void testCreateSession() {
    LOG.info("testCreateSession...");
    try {
        AccelMgr accelMgr = AccelMgrFactory.createInstance(TestUtils.getContext());
        Session session;
        User user = new User();
        // positive test case:
        user.setUserId("rbacuser1");
        user.setPassword("secret");
        user.setRoleName("rbacrole1");
        user.setRoleName("rbacrole2");
        session = accelMgr.createSession(user, false);
        assertNotNull(session);
        assertTrue(session.isAuthenticated());
        try {
            // negative test case:
            user.setUserId("rbacuser1");
            user.setPassword("secretx");
            session = null;
            session = accelMgr.createSession(user, false);
            fail("failed negative createSession for rbacuser1");
        } catch (SecurityException se) {
        // sucess
        }
        // negative case should leave the session null.
        assertNull(session);
    } catch (SecurityException se) {
        se.printStackTrace();
        fail();
    }
}

Example 63 with Session

use of org.apache.directory.fortress.core.model.Session in project directory-fortress-core by apache.

the class TestAccelerator method testDeleteSession.

@Test
public void testDeleteSession() {
    LOG.info("testDeleteSession...");
    User user = new User();
    user.setUserId("rbacuser1");
    user.setPassword("secret");
    try {
        AccelMgr accelMgr = AccelMgrFactory.createInstance(TestUtils.getContext());
        Session session;
        session = accelMgr.createSession(user, false);
        assertNotNull(session);
        accelMgr.deleteSession(session);
    } catch (SecurityException se) {
        se.printStackTrace();
    }
}

Example 64 with Session

use of org.apache.directory.fortress.core.model.Session in project directory-fortress-core by apache.

the class TestAccelerator method testCombinedCalls.

@Test
public void testCombinedCalls() {
    LOG.info("testCombinedCalls...");
    try {
        AccelMgr accelMgr = AccelMgrFactory.createInstance(TestUtils.getContext());
        Session session;
        User user = new User();
        // positive test case:
        user.setUserId("rbacuser1");
        user.setPassword("secret");
        session = accelMgr.createSession(user, false);
        // positive test case:
        Permission perm = new Permission();
        perm.setObjName("/impl/cal2.jsp");
        perm.setOpName("8am");
        boolean result = accelMgr.checkAccess(session, perm);
        assertTrue(result);
        // drop role1:
        UserRole userRole = new UserRole(user.getUserId(), "rbacrole1");
        accelMgr.dropActiveRole(session, userRole);
        // this should return false:
        result = accelMgr.checkAccess(session, perm);
        assertTrue(!result);
        // now add role1 back again:
        userRole = new UserRole(user.getUserId(), "rbacrole1");
        accelMgr.addActiveRole(session, userRole);
        // this should return true:
        result = accelMgr.checkAccess(session, perm);
        assertTrue(result);
    } catch (SecurityException se) {
        se.printStackTrace();
        fail();
    }
}

Example 65 with Session

use of org.apache.directory.fortress.core.model.Session in project directory-fortress-core by apache.

the class AdminMgrConsole method updateUser.

/**
 * Description of the Method
 */
protected void updateUser() {
    User ue = new User();
    try {
        ReaderUtil.clearScreen();
        System.out.println("Enter userId");
        ue.setUserId(ReaderUtil.readLn());
        System.out.println("Enter pw");
        ue.setPassword(ReaderUtil.readLn());
        System.out.println("Do you want to test Admin User update - Y or N");
        String choice = ReaderUtil.readLn();
        if (choice != null && choice.equalsIgnoreCase("Y")) {
            AccessMgr accessMgr = AccessMgrFactory.createInstance(GlobalIds.HOME);
            User admin = new User();
            System.out.println("Enter userId");
            admin.setUserId(ReaderUtil.readLn());
            System.out.println("Enter pw");
            admin.setPassword(ReaderUtil.readLn());
            Session session = accessMgr.createSession(admin, false);
            am.setAdmin(session);
        }
        System.out.println("Enter user's description field");
        ue.setDescription(ReaderUtil.readLn());
        // System.out.println("Enter User's common name");
        // ue.cn = ReaderUtil.readLn();
        // System.out.println("Enter User's surname");
        // ue.sn = ReaderUtil.readLn();
        System.out.println("Enter organization unit, blank for default");
        ue.setOu(ReaderUtil.readLn());
        System.out.println("Do you want to set temporal constraints on User - Y or N");
        choice = ReaderUtil.readLn();
        if (choice != null && choice.equalsIgnoreCase("Y")) {
            enterTemporal(ue);
        }
        System.out.println("Enter prop key (or NULL to skip):");
        String key = ReaderUtil.readLn();
        for (int i = 0; key != null && key.length() > 0; i++) {
            System.out.println("Enter prop val:");
            String val = ReaderUtil.readLn();
            ue.addProperty(key, val);
            System.out.println("Enter next prop key (or NULL if done entering properties)");
            key = ReaderUtil.readLn();
        }
        System.out.println("Enter OpenLDAP password policy name or NULL to skip");
        String plcyNm = ReaderUtil.readLn();
        if (plcyNm != null && plcyNm.length() > 0)
            ue.setPwPolicy(plcyNm);
        am.updateUser(ue);
        System.out.println("userId [" + ue.getUserId() + "]");
        System.out.println("internalId [" + ue.getInternalId() + "]");
        System.out.println("user description [" + ue.getDescription() + "]");
        // System.out.println("user common name [" + ue.cn + "]");
        // System.out.println("user surname [" + ue.sn + "]");
        System.out.println("organizational unit [" + ue.getOu() + "]");
        System.out.println("has been updated");
        System.out.println("ENTER to continue");
    } catch (SecurityException e) {
        LOG.error("updateUser caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
    }
    ReaderUtil.readChar();
}