Example 96 with User
use of org.apache.directory.fortress.core.model.User in project directory-fortress-core by apache.
the class SessionPermissions method setupTest.
/**
* Description of the Method
*
* @param samplerContext Description of the Parameter
*/
public void setupTest(JavaSamplerContext samplerContext) {
ctr = 0;
if (StringUtils.isEmpty(userId)) {
// Load userids are format: loadtestuserN - where N is a number between 0 and 99.
// i.e. loadtestuser0, loadtestuser1, ... loadtestuser99
// N is threadid mod 100.
key = getKey();
userId = "loadtestuser" + key % 100;
}
try {
String val = samplerContext.getParameter("type");
System.out.println("PARAMETER VALUE = " + val);
if (session == null) {
String message;
User user = new User(userId);
// positive test case:
user.setPassword("secret");
if (StringUtils.isNotEmpty(val) && val.equals("1")) {
message = "AC SETUP CreateSession, User: " + user.getUserId() + ", key: " + key + ", TID: " + getThreadId();
isFortress = false;
LOG.info(message);
System.out.println(message);
message = "ThreadId:" + getThreadId() + ", createSession user: " + user.getUserId();
LOG.info(message);
System.out.println(message);
accelMgr = AccelMgrFactory.createInstance(TestUtils.getContext());
session = accelMgr.createSession(user, false);
} else {
message = "FT SETUP CreateSession, User: " + user.getUserId() + ", key: " + key + ", TID: " + getThreadId();
isFortress = true;
LOG.info(message);
System.out.println(message);
message = "ThreadId:" + getThreadId() + ", createSession user: " + user.getUserId();
LOG.info(message);
System.out.println(message);
accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
session = accessMgr.createSession(user, false);
}
/*
if( StringUtils.isNotEmpty( val ) && val.equals( "1" ))
{
message = "FT SETUP CreateSession, User: " + user.getUserId() + ", key: " + key + ", TID: " + getThreadId();
isFortress = true;
accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() );
session = accessMgr.createSession( user, false );
}
else
{
message = "AC SETUP CreateSession, User: " + user.getUserId() + ", key: " + key + ", TID: " + getThreadId();
isFortress = false;
accelMgr = AccelMgrFactory.createInstance( TestUtils.getContext() );
session = accelMgr.createSession( user, false );
}
*/
/*
LOG.info( message );
System.out.println( message );
*/
}
assertNotNull(session);
assertTrue(session.isAuthenticated());
} catch (SecurityException se) {
String error = "ThreadId:" + getThreadId() + " Error starting test: " + se;
System.out.println(error);
LOG.error(error);
se.printStackTrace();
fail(error);
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Example 97 with User
use of org.apache.directory.fortress.core.model.User in project directory-fortress-core by apache.
the class PswdPolicyMgrImplTest method mustChange.
/**
* PT11
* This attribute specifies with a value of "TRUE" that users must
* change their passwords when they first bind to the directory after a
* password is set or reset by a password administrator. If this
* attribute is not present, or if the value is "FALSE", users are not
* required to change their password upon binding after the password
* administrator sets or resets the password. This attribute is not set
* due to any actions specified by this document, it is typically set by
* a password administrator after resetting a user's password.
*
* @param msg
* @param usr
* @param plcy
*/
public void mustChange(String msg, String[] usr, String[] plcy) {
LogUtil.logIt(msg);
try {
PwPolicyMgr policyMgr = getManagedPswdMgr();
AdminMgr adminMgr = AdminMgrImplTest.getManagedAdminMgr();
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
User user = UserTestData.getUser(usr);
policyMgr.updateUserPolicy(user.getUserId(), PolicyTestData.getName(plcy));
boolean mustChange = PolicyTestData.getMustChange(plcy);
adminMgr.resetPassword(user, "newpassword");
if (mustChange) {
try {
// because mustchange flag is set, this better fail:
User badUser = new User(user.getUserId(), "newpassword");
accessMgr.createSession(badUser, false);
fail(CLS_NM + ".mustChange name [" + PolicyTestData.getName(plcy) + "] user [" + UserTestData.getUserId(usr) + "] failed must change test flag=" + mustChange);
} catch (SecurityException ex) {
assertTrue(CLS_NM + ".mustChange invalid error message userId [" + UserTestData.getUserId(usr) + "]", ex.getErrorId() == GlobalErrIds.USER_PW_RESET);
// still good
TestUtils.sleep(1);
}
} else {
// this better work:
User goodUser = new User(user.getUserId(), "newpassword");
accessMgr.createSession(goodUser, false);
}
} catch (SecurityException ex) {
LOG.error(CLS_NM + ".mustChange policy [" + PolicyTestData.getName(plcy) + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
PwPolicyMgr(org.apache.directory.fortress.core.PwPolicyMgr)
SecurityException(org.apache.directory.fortress.core.SecurityException)
AdminMgr(org.apache.directory.fortress.core.AdminMgr)
Example 98 with User
use of org.apache.directory.fortress.core.model.User in project directory-fortress-core by apache.
the class PswdPolicyMgrImplTest method graceLoginLimit.
/**
* PT6
* 5.2.8 pwdGraceAuthNLimit
* <p>
* This attribute specifies the number of times an expired password can
* be used to authenticate. If this attribute is not present or if the
* value is 0, authentication will fail.
* @param msg
* @param usr
* @param plcy
*/
public void graceLoginLimit(String msg, String[] usr, String[] plcy) {
LogUtil.logIt(msg);
try {
AdminMgr adminMgr = AdminMgrImplTest.getManagedAdminMgr();
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
User user = UserTestData.getUser(usr);
user.setPwPolicy(PolicyTestData.getName(plcy));
adminMgr.updateUser(user);
String newPassword = user.getPassword() + "a";
adminMgr.changePassword(user, newPassword);
user.setPassword(newPassword);
TestUtils.sleep(PolicyTestData.getMaxAge(plcy));
TestUtils.sleep(1);
int numGrace = PolicyTestData.getGraceLoginLimit(plcy);
for (int i = 0; i < numGrace; i++) {
try {
accessMgr.createSession(user, false);
TestUtils.sleep(1);
} catch (SecurityException ex) {
fail(CLS_NM + ".graceLoginLimit name [" + PolicyTestData.getName(plcy) + "] user [" + UserTestData.getUserId(usr) + "] failed grace allowed=" + numGrace + " iteration=" + i);
assertTrue(CLS_NM + ".graceLoginLimit invalid error message userId [" + UserTestData.getUserId(usr) + "]", ex.getErrorId() == GlobalErrIds.USER_PW_EXPIRED);
// still good
}
}
try {
accessMgr.createSession(user, false);
fail(CLS_NM + ".graceLoginLimit name [" + PolicyTestData.getName(plcy) + "] user [" + UserTestData.getUserId(usr) + "] failed grace test 2");
} catch (SecurityException ex) {
assertTrue(CLS_NM + ".graceLoginLimit invalid error message userId [" + UserTestData.getUserId(usr) + "]", ex.getErrorId() == GlobalErrIds.USER_PW_EXPIRED);
// still good
}
} catch (SecurityException ex) {
LOG.error("graceLoginLimit caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
SecurityException(org.apache.directory.fortress.core.SecurityException)
AdminMgr(org.apache.directory.fortress.core.AdminMgr)
Example 99 with User
use of org.apache.directory.fortress.core.model.User in project directory-fortress-core by apache.
the class PswdPolicyMgrImplTest method failureCountInterval.
/**
* PT10
* <p>
* This attribute holds the number of seconds after which the password
* failures are purged from the failure counter, even though no
* successful authentication occurred.
* <p>
* If this attribute is not present, or if its value is 0, the failure
* counter is only reset by a successful authentication.
*
* @param msg
* @param usr
* @param plcy
*/
public void failureCountInterval(String msg, String[] usr, String[] plcy) {
LogUtil.logIt(msg);
try {
PwPolicyMgr policyMgr = getManagedPswdMgr();
AccessMgr accessMgr = AccessMgrFactory.createInstance(TestUtils.getContext());
User user = UserTestData.getUser(usr);
policyMgr.updateUserPolicy(user.getUserId(), PolicyTestData.getName(plcy));
int maxFailures = PolicyTestData.getMaxFailure(plcy);
int failureInterval = PolicyTestData.getFailureCountInterval(plcy);
for (int i = 0; i < maxFailures - 1; i++) {
try {
User badUser = new User(user.getUserId(), "wrongpw");
accessMgr.createSession(badUser, false);
fail(CLS_NM + ".failureCountInterval name [" + PolicyTestData.getName(plcy) + "] user [" + UserTestData.getUserId(usr) + "] failed failure count interval test, maxfailures=" + maxFailures + " iteration=" + i);
} catch (SecurityException ex) {
assertTrue(CLS_NM + ".failureCountInterval invalid error message userId [" + UserTestData.getUserId(usr) + "]", ex.getErrorId() == GlobalErrIds.USER_PW_INVLD);
// still good
TestUtils.sleep(1);
}
}
// now sleep for failure count interval - password failure count should reset automatically:
TestUtils.sleep(failureInterval);
// sleep one more second for good measure.
TestUtils.sleep(1);
// now loop thru another set of bad pw tries:
for (int i = 0; i < maxFailures - 1; i++) {
try {
User badUser = new User(user.getUserId(), "wrongpw");
accessMgr.createSession(badUser, false);
fail(CLS_NM + ".failureCountInterval name [" + PolicyTestData.getName(plcy) + "] user [" + UserTestData.getUserId(usr) + "] failed failure count interval test 2, maxfailures=" + maxFailures + " iteration=" + i);
} catch (SecurityException ex) {
assertTrue(CLS_NM + ".failureCountInterval invalid error message userId [" + UserTestData.getUserId(usr) + "]", ex.getErrorId() == GlobalErrIds.USER_PW_INVLD);
// still good
TestUtils.sleep(1);
}
}
// now sleep for failure count interval - password failure count should reset automatically:
TestUtils.sleep(failureInterval);
// sleep one more second for good measure.
TestUtils.sleep(1);
// now try with valid password - it should work...
accessMgr.createSession(user, false);
} catch (SecurityException ex) {
LOG.error("failureCountInterval caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
AccessMgr(org.apache.directory.fortress.core.AccessMgr)
PwPolicyMgr(org.apache.directory.fortress.core.PwPolicyMgr)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Example 100 with User
use of org.apache.directory.fortress.core.model.User in project directory-fortress-realm by apache.
the class J2eePolicyMgrImpl method authorizedRoles.
/**
* {@inheritDoc}
*/
@Override
public List<String> authorizedRoles(String userId) throws SecurityException {
List<String> list = null;
// This will check temporal constraints on User and Roles.
Session session = createSession(new User(userId), true);
// Get the Set of authorized Roles.
Set<String> authZRoleSet = accessMgr.authorizedRoles(session);
// If User has authorized roles.
if ((authZRoleSet != null) && (authZRoleSet.size() > 0)) {
// Convert the Set into a List before returning:
list = new ArrayList<String>(authZRoleSet);
}
return list;
}Aggregations
User (org.apache.directory.fortress.core.model.User)202
SecurityException (org.apache.directory.fortress.core.SecurityException)134
UserRole (org.apache.directory.fortress.core.model.UserRole)72
Session (org.apache.directory.fortress.core.model.Session)54
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)43
AdminMgr (org.apache.directory.fortress.core.AdminMgr)41
AccessMgr (org.apache.directory.fortress.core.AccessMgr)34
Role (org.apache.directory.fortress.core.model.Role)33
ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)32
Permission (org.apache.directory.fortress.core.model.Permission)27
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)27
AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)18
AdminRole (org.apache.directory.fortress.core.model.AdminRole)17
ArrayList (java.util.ArrayList)12
AccelMgr (org.apache.directory.fortress.core.AccelMgr)12
PwPolicyMgr (org.apache.directory.fortress.core.PwPolicyMgr)10
Constraint (org.apache.directory.fortress.core.model.Constraint)9
FortRequest (org.apache.directory.fortress.core.model.FortRequest)9
FortResponse (org.apache.directory.fortress.core.model.FortResponse)9
Enumeration (java.util.Enumeration)6
