Examples with PreResponseAuthorizationCheckFilter org.apache.druid.server.security.PreResponseAuthorizationCheckFilter used on opensource projects

Search in sources :

Example 1 with PreResponseAuthorizationCheckFilter

use of org.apache.druid.server.security.PreResponseAuthorizationCheckFilter in project druid by druid-io.

the class PreResponseAuthorizationCheckFilterTest method testValidRequest.

@Test
public void testValidRequest() throws Exception {
    AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
    HttpServletRequest req = EasyMock.createStrictMock(HttpServletRequest.class);
    HttpServletResponse resp = EasyMock.createStrictMock(HttpServletResponse.class);
    FilterChain filterChain = EasyMock.createNiceMock(FilterChain.class);
    ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn(authenticationResult).once();
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(true).once();
    EasyMock.replay(req, resp, filterChain, outputStream);
    PreResponseAuthorizationCheckFilter filter = new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper());
    filter.doFilter(req, resp, filterChain);
    EasyMock.verify(req, resp, filterChain, outputStream);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletOutputStream(javax.servlet.ServletOutputStream) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) PreResponseAuthorizationCheckFilter(org.apache.druid.server.security.PreResponseAuthorizationCheckFilter) DefaultObjectMapper(org.apache.druid.jackson.DefaultObjectMapper) AuthenticationResult(org.apache.druid.server.security.AuthenticationResult) Test(org.junit.Test)

Example 2 with PreResponseAuthorizationCheckFilter

use of org.apache.druid.server.security.PreResponseAuthorizationCheckFilter in project druid by druid-io.

the class PreResponseAuthorizationCheckFilterTest method testMissingAuthorizationCheckWithError.

@Test
public void testMissingAuthorizationCheckWithError() throws Exception {
    EmittingLogger.registerEmitter(EasyMock.createNiceMock(ServiceEmitter.class));
    AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
    HttpServletRequest req = EasyMock.createStrictMock(HttpServletRequest.class);
    HttpServletResponse resp = EasyMock.createStrictMock(HttpServletResponse.class);
    FilterChain filterChain = EasyMock.createNiceMock(FilterChain.class);
    ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn(authenticationResult).once();
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).once();
    EasyMock.expect(resp.getStatus()).andReturn(404).once();
    EasyMock.replay(req, resp, filterChain, outputStream);
    PreResponseAuthorizationCheckFilter filter = new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper());
    filter.doFilter(req, resp, filterChain);
    EasyMock.verify(req, resp, filterChain, outputStream);
}
Also used : ServiceEmitter(org.apache.druid.java.util.emitter.service.ServiceEmitter) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletOutputStream(javax.servlet.ServletOutputStream) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) PreResponseAuthorizationCheckFilter(org.apache.druid.server.security.PreResponseAuthorizationCheckFilter) DefaultObjectMapper(org.apache.druid.jackson.DefaultObjectMapper) AuthenticationResult(org.apache.druid.server.security.AuthenticationResult) Test(org.junit.Test)

Example 3 with PreResponseAuthorizationCheckFilter

use of org.apache.druid.server.security.PreResponseAuthorizationCheckFilter in project druid by druid-io.

the class PreResponseAuthorizationCheckFilterTest method testAuthenticationFailedRequest.

@Test
public void testAuthenticationFailedRequest() throws Exception {
    HttpServletRequest req = EasyMock.createStrictMock(HttpServletRequest.class);
    HttpServletResponse resp = EasyMock.createStrictMock(HttpServletResponse.class);
    FilterChain filterChain = EasyMock.createNiceMock(FilterChain.class);
    ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
    EasyMock.expect(resp.getOutputStream()).andReturn(outputStream).once();
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn(null).once();
    resp.setStatus(401);
    EasyMock.expectLastCall().once();
    resp.setContentType("application/json");
    EasyMock.expectLastCall().once();
    resp.setCharacterEncoding("UTF-8");
    EasyMock.expectLastCall().once();
    EasyMock.replay(req, resp, filterChain, outputStream);
    PreResponseAuthorizationCheckFilter filter = new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper());
    filter.doFilter(req, resp, filterChain);
    EasyMock.verify(req, resp, filterChain, outputStream);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletOutputStream(javax.servlet.ServletOutputStream) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) PreResponseAuthorizationCheckFilter(org.apache.druid.server.security.PreResponseAuthorizationCheckFilter) DefaultObjectMapper(org.apache.druid.jackson.DefaultObjectMapper) Test(org.junit.Test)

Example 4 with PreResponseAuthorizationCheckFilter

use of org.apache.druid.server.security.PreResponseAuthorizationCheckFilter in project druid by druid-io.

the class PreResponseAuthorizationCheckFilterTest method testMissingAuthorizationCheck.

@Test
public void testMissingAuthorizationCheck() throws Exception {
    EmittingLogger.registerEmitter(EasyMock.createNiceMock(ServiceEmitter.class));
    expectedException.expect(ISE.class);
    expectedException.expectMessage("Request did not have an authorization check performed.");
    AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
    HttpServletRequest req = EasyMock.createStrictMock(HttpServletRequest.class);
    HttpServletResponse resp = EasyMock.createStrictMock(HttpServletResponse.class);
    FilterChain filterChain = EasyMock.createNiceMock(FilterChain.class);
    ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn(authenticationResult).once();
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).once();
    EasyMock.expect(resp.getStatus()).andReturn(200).once();
    EasyMock.expect(req.getRequestURI()).andReturn("uri").once();
    EasyMock.expect(req.getMethod()).andReturn("GET").once();
    EasyMock.expect(req.getRemoteAddr()).andReturn("1.2.3.4").once();
    EasyMock.expect(req.getRemoteHost()).andReturn("ahostname").once();
    EasyMock.expect(resp.isCommitted()).andReturn(true).once();
    resp.setStatus(403);
    EasyMock.expectLastCall().once();
    resp.setContentType("application/json");
    EasyMock.expectLastCall().once();
    resp.setCharacterEncoding("UTF-8");
    EasyMock.expectLastCall().once();
    EasyMock.replay(req, resp, filterChain, outputStream);
    PreResponseAuthorizationCheckFilter filter = new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper());
    filter.doFilter(req, resp, filterChain);
    EasyMock.verify(req, resp, filterChain, outputStream);
}
Also used : ServiceEmitter(org.apache.druid.java.util.emitter.service.ServiceEmitter) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletOutputStream(javax.servlet.ServletOutputStream) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) PreResponseAuthorizationCheckFilter(org.apache.druid.server.security.PreResponseAuthorizationCheckFilter) DefaultObjectMapper(org.apache.druid.jackson.DefaultObjectMapper) AuthenticationResult(org.apache.druid.server.security.AuthenticationResult) Test(org.junit.Test)

Aggregations

FilterChain (javax.servlet.FilterChain)4 ServletOutputStream (javax.servlet.ServletOutputStream)4 HttpServletRequest (javax.servlet.http.HttpServletRequest)4 HttpServletResponse (javax.servlet.http.HttpServletResponse)4 DefaultObjectMapper (org.apache.druid.jackson.DefaultObjectMapper)4 PreResponseAuthorizationCheckFilter (org.apache.druid.server.security.PreResponseAuthorizationCheckFilter)4 Test (org.junit.Test)4 AuthenticationResult (org.apache.druid.server.security.AuthenticationResult)3 ServiceEmitter (org.apache.druid.java.util.emitter.service.ServiceEmitter)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial