Examples with SecuritySanityCheckFilter org.apache.druid.server.security.SecuritySanityCheckFilter used on opensource projects

Search in sources :

Example 1 with SecuritySanityCheckFilter

use of org.apache.druid.server.security.SecuritySanityCheckFilter in project druid by druid-io.

the class SecuritySanityCheckFilterTest method testValidRequest.

@Test
public void testValidRequest() throws Exception {
    HttpServletRequest req = EasyMock.createStrictMock(HttpServletRequest.class);
    HttpServletResponse resp = EasyMock.createStrictMock(HttpServletResponse.class);
    FilterChain filterChain = EasyMock.createStrictMock(FilterChain.class);
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(null).once();
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).once();
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn(null).once();
    filterChain.doFilter(req, resp);
    EasyMock.expectLastCall().once();
    EasyMock.replay(req, filterChain);
    SecuritySanityCheckFilter filter = new SecuritySanityCheckFilter(new DefaultObjectMapper());
    filter.doFilter(req, resp, filterChain);
    EasyMock.verify(req, filterChain);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) SecuritySanityCheckFilter(org.apache.druid.server.security.SecuritySanityCheckFilter) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) DefaultObjectMapper(org.apache.druid.jackson.DefaultObjectMapper) Test(org.junit.Test)

Example 2 with SecuritySanityCheckFilter

use of org.apache.druid.server.security.SecuritySanityCheckFilter in project druid by druid-io.

the class SecuritySanityCheckFilterTest method testInvalidRequest.

@Test
public void testInvalidRequest() throws Exception {
    HttpServletRequest req = EasyMock.createStrictMock(HttpServletRequest.class);
    HttpServletResponse resp = EasyMock.createStrictMock(HttpServletResponse.class);
    FilterChain filterChain = EasyMock.createStrictMock(FilterChain.class);
    ServletOutputStream outputStream = EasyMock.createNiceMock(ServletOutputStream.class);
    AuthenticationResult authenticationResult = new AuthenticationResult("does-not-belong", "does-not-belong", null, null);
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED)).andReturn(true).once();
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_ALLOW_UNSECURED_PATH)).andReturn(null).anyTimes();
    EasyMock.expect(req.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT)).andReturn(authenticationResult).once();
    EasyMock.expect(resp.getOutputStream()).andReturn(outputStream).once();
    resp.setStatus(403);
    EasyMock.expectLastCall().once();
    resp.setContentType("application/json");
    EasyMock.expectLastCall().once();
    resp.setCharacterEncoding("UTF-8");
    EasyMock.expectLastCall().once();
    EasyMock.replay(req, resp, filterChain, outputStream);
    SecuritySanityCheckFilter filter = new SecuritySanityCheckFilter(new DefaultObjectMapper());
    filter.doFilter(req, resp, filterChain);
    EasyMock.verify(req, resp, filterChain, outputStream);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletOutputStream(javax.servlet.ServletOutputStream) SecuritySanityCheckFilter(org.apache.druid.server.security.SecuritySanityCheckFilter) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) DefaultObjectMapper(org.apache.druid.jackson.DefaultObjectMapper) AuthenticationResult(org.apache.druid.server.security.AuthenticationResult) Test(org.junit.Test)

Aggregations

FilterChain (javax.servlet.FilterChain)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 DefaultObjectMapper (org.apache.druid.jackson.DefaultObjectMapper)2 SecuritySanityCheckFilter (org.apache.druid.server.security.SecuritySanityCheckFilter)2 Test (org.junit.Test)2 ServletOutputStream (javax.servlet.ServletOutputStream)1 AuthenticationResult (org.apache.druid.server.security.AuthenticationResult)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial