Search in sources :

Example 21 with TokenCredentials

use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.

the class Jackrabbit2ConfigurationTest method testInvalidTokenCredentials.

@Test
public void testInvalidTokenCredentials() throws Exception {
    ContentSession cs = null;
    try {
        cs = login(new TokenCredentials("invalid"));
        fail("Invalid token credentials login should fail");
    } catch (LoginException e) {
    // success
    } finally {
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : ContentSession(org.apache.jackrabbit.oak.api.ContentSession) LoginException(javax.security.auth.login.LoginException) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 22 with TokenCredentials

use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.

the class Jackrabbit2ConfigurationTest method testTokenLoginForDisabledUser.

@Test
public void testTokenLoginForDisabledUser() throws Exception {
    ContentSession cs = null;
    try {
        User user = getTestUser();
        SimpleCredentials sc = new SimpleCredentials(user.getID(), user.getID().toCharArray());
        sc.setAttribute(".token", "");
        cs = login(sc);
        user.disable("disabled");
        root.commit();
        Object token = sc.getAttribute(".token").toString();
        assertNotNull(token);
        TokenCredentials tc = new TokenCredentials(token.toString());
        cs.close();
        cs = login(tc);
        fail("token login for a disabled user must fail.");
    } catch (LoginException e) {
    // success
    } finally {
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) User(org.apache.jackrabbit.api.security.user.User) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) LoginException(javax.security.auth.login.LoginException) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 23 with TokenCredentials

use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.

the class TokenAuthenticationTest method testAuthenticateWithInvalidTokenCredentials.

@Test
public void testAuthenticateWithInvalidTokenCredentials() throws Exception {
    try {
        authentication.authenticate(new TokenCredentials(UUID.randomUUID().toString()));
        fail("LoginException expected");
    } catch (LoginException e) {
    // success
    }
}
Also used : LoginException(javax.security.auth.login.LoginException) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 24 with TokenCredentials

use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.

the class TokenAuthenticationTest method testAuthenticateWithoutTokenProvider.

@Test
public void testAuthenticateWithoutTokenProvider() throws Exception {
    Authentication authentication = new TokenAuthentication(null);
    assertFalse(authentication.authenticate(new TokenCredentials("token")));
}
Also used : Authentication(org.apache.jackrabbit.oak.spi.security.authentication.Authentication) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 25 with TokenCredentials

use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit-oak by apache.

the class TokenAuthenticationTest method testGetUserId.

@Test
public void testGetUserId() throws LoginException {
    TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
    assertTrue(authentication.authenticate(new TokenCredentials(info.getToken())));
    assertEquals(userId, authentication.getUserId());
}
Also used : TokenInfo(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Aggregations

TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)38 Test (org.junit.Test)23 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)17 SimpleCredentials (javax.jcr.SimpleCredentials)16 TokenInfo (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)12 LoginException (javax.security.auth.login.LoginException)9 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)9 Credentials (javax.jcr.Credentials)7 RepositoryException (javax.jcr.RepositoryException)6 Session (javax.jcr.Session)6 ArrayList (java.util.ArrayList)5 LoginException (javax.jcr.LoginException)5 GuestCredentials (javax.jcr.GuestCredentials)4 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)4 Root (org.apache.jackrabbit.oak.api.Root)4 TokenProvider (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider)4 Subject (javax.security.auth.Subject)3 ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)3 TokenConfiguration (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration)3 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)3