Example 36 with TokenCredentials
use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit by apache.
the class TokenBasedLoginTest method testConcurrentLoginDifferentWorkspaces.
/**
* Tests concurrent login on the Repository including token creation.
* Test copied and slightly adjusted from org.apache.jackrabbit.core.ConcurrentLoginTest
*/
public void testConcurrentLoginDifferentWorkspaces() throws RepositoryException, NotExecutableException {
final String testID = testuser.getID();
// check if test is executable
// - multiple workspaces must be present
final List<String> wspNames = Arrays.asList(superuser.getWorkspace().getAccessibleWorkspaceNames());
if (wspNames.size() <= 1) {
throw new NotExecutableException();
}
// - testuser must be present for all workspaces
for (String wspName : wspNames) {
JackrabbitSession s = null;
try {
s = (JackrabbitSession) getHelper().getSuperuserSession(wspName);
if (s.getUserManager().getAuthorizable(testID) == null) {
throw new NotExecutableException();
}
} finally {
if (s != null) {
s.logout();
}
}
}
final Exception[] exception = new Exception[1];
List<Thread> testRunner = new ArrayList<Thread>();
for (int i = 0; i < 10; i++) {
testRunner.add(new Thread(new Runnable() {
public void run() {
for (int i = 0; i < 100; i++) {
try {
double rand = wspNames.size() * Math.random();
int index = (int) Math.floor(rand);
String wspName = wspNames.get(index);
SimpleCredentials sc = new SimpleCredentials(testID, testID.toCharArray());
sc.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE, "");
Session s = getHelper().getRepository().login(sc, wspName);
try {
Set<TokenCredentials> tcs = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
assertFalse(tcs.isEmpty());
} finally {
s.logout();
}
} catch (Exception e) {
exception[0] = e;
break;
}
}
}
}));
}
// start threads
for (Object aTestRunner : testRunner) {
((Thread) aTestRunner).start();
}
// join threads
for (Object aTestRunner : testRunner) {
try {
((Thread) aTestRunner).join();
} catch (InterruptedException e) {
fail(e.toString());
}
}
if (exception[0] != null) {
fail(exception[0].toString());
}
}
Also used :
ArrayList(java.util.ArrayList)
LoginException(javax.jcr.LoginException)
RepositoryException(javax.jcr.RepositoryException)
NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)
SimpleCredentials(javax.jcr.SimpleCredentials)
NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)
Example 37 with TokenCredentials
use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit by apache.
the class TokenBasedLoginTest method testLogin.
public void testLogin() throws RepositoryException {
Repository repo = getHelper().getRepository();
// make sure regular simple login works.
Session s = repo.login(creds);
s.logout();
// test if token creation works.
creds.setAttribute(TOKEN_ATTRIBUTE, "");
// an additional attribute that must match
creds.setAttribute(TOKEN_ATTRIBUTE + ".any", "any");
// an attribute just for info purposes
creds.setAttribute("attr", "attr");
String token = null;
s = repo.login(creds);
try {
// token credentials must be created
Set<TokenCredentials> tokenCreds = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
assertFalse(tokenCreds.isEmpty());
assertEquals(1, tokenCreds.size());
TokenCredentials tc = tokenCreds.iterator().next();
token = tc.getToken();
// original simple credentials: token attribute should be updated
assertNotNull(creds.getAttribute(TOKEN_ATTRIBUTE));
assertFalse("".equals(creds.getAttribute(TOKEN_ATTRIBUTE)));
// simple credentials must also be present on the subject
Set<SimpleCredentials> scs = ((SessionImpl) s).getSubject().getPublicCredentials(SimpleCredentials.class);
assertFalse(scs.isEmpty());
assertEquals(1, scs.size());
SimpleCredentials sc = scs.iterator().next();
assertNotNull(sc.getAttribute(TOKEN_ATTRIBUTE));
assertFalse("".equals(sc.getAttribute(TOKEN_ATTRIBUTE)));
// test if session attributes only exposed non-mandatory attributes
assertNull(s.getAttribute(TOKEN_ATTRIBUTE));
for (String attrName : tc.getAttributeNames()) {
if (TokenBasedAuthentication.isMandatoryAttribute(attrName)) {
assertNull(s.getAttribute(attrName));
} else {
assertEquals(tc.getAttribute(attrName), s.getAttribute(attrName));
}
}
// workspace as 'superuser' has been created for.
if (superuser.nodeExists(testuserPath)) {
Node userNode = superuser.getNode(testuserPath);
assertTrue(userNode.hasNode(TOKENS_NAME));
Node tNode = userNode.getNode(TOKENS_NAME);
assertTrue(tNode.hasNodes());
Node ttNode = tNode.getNodes().nextNode();
assertTrue(ttNode.hasProperty("attr"));
assertEquals("attr", ttNode.getProperty("attr").getString());
assertTrue(ttNode.hasProperty(TOKEN_ATTRIBUTE + ".any"));
assertEquals("any", ttNode.getProperty(TOKEN_ATTRIBUTE + ".any").getString());
String id = ttNode.getIdentifier();
assertTrue(token.startsWith(id));
}
} finally {
s.logout();
}
// login with token only must succeed as well.
TokenCredentials tokenOnly = new TokenCredentials(token);
tokenOnly.setAttribute(TOKEN_ATTRIBUTE + ".any", "any");
s = repo.login(tokenOnly);
try {
assertEquals(creds.getUserID(), s.getUserID());
Set<TokenCredentials> tokenCreds = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
assertFalse(tokenCreds.isEmpty());
assertEquals(1, tokenCreds.size());
TokenCredentials tc = tokenCreds.iterator().next();
String tk = tc.getToken();
assertEquals(token, tk);
assertNull(s.getAttribute(TOKEN_ATTRIBUTE));
for (String attrName : tc.getAttributeNames()) {
if (TokenBasedAuthentication.isMandatoryAttribute(attrName)) {
assertNull(s.getAttribute(attrName));
} else {
assertEquals(tc.getAttribute(attrName), s.getAttribute(attrName));
}
}
} finally {
s.logout();
}
// the non-mandatory attribute may have any value if present with the creds.
tokenOnly.setAttribute("attr", "another");
s = repo.login(tokenOnly);
try {
assertEquals(creds.getUserID(), s.getUserID());
} finally {
s.logout();
tokenOnly.removeAttribute("attr");
}
// login with token but wrong mandatory attribute
tokenOnly.setAttribute(TOKEN_ATTRIBUTE + ".any", "another");
try {
s = repo.login(tokenOnly);
s.logout();
fail("The additional mandatory attr doesn't match. login must fail.");
} catch (LoginException e) {
// success
}
// login with token but missing the mandatory attribute
tokenOnly.removeAttribute(TOKEN_ATTRIBUTE + ".any");
try {
s = repo.login(tokenOnly);
s.logout();
fail("The additional mandatory attr is missing. login must fail.");
} catch (LoginException e) {
// success
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
Repository(javax.jcr.Repository)
Node(javax.jcr.Node)
LoginException(javax.jcr.LoginException)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)
Example 38 with TokenCredentials
use of org.apache.jackrabbit.api.security.authentication.token.TokenCredentials in project jackrabbit by apache.
the class TokenBasedLoginTest method testConcurrentLogin.
/**
* Tests concurrent login on the Repository including token creation.
* Test copied and slightly adjusted from org.apache.jackrabbit.core.ConcurrentLoginTest
*/
public void testConcurrentLogin() throws RepositoryException, NotExecutableException {
final Exception[] exception = new Exception[1];
List<Thread> testRunner = new ArrayList<Thread>();
for (int i = 0; i < 10; i++) {
testRunner.add(new Thread(new Runnable() {
public void run() {
for (int i = 0; i < 100; i++) {
try {
SimpleCredentials sc = new SimpleCredentials(testuser.getID(), testuser.getID().toCharArray());
sc.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE, "");
Session s = getHelper().getRepository().login(sc);
try {
Set<TokenCredentials> tcs = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
assertFalse(tcs.isEmpty());
} finally {
s.logout();
}
} catch (Exception e) {
exception[0] = e;
break;
}
}
}
}));
}
// start threads
for (Object aTestRunner : testRunner) {
((Thread) aTestRunner).start();
}
// join threads
for (Object aTestRunner : testRunner) {
try {
((Thread) aTestRunner).join();
} catch (InterruptedException e) {
fail(e.toString());
}
}
if (exception[0] != null) {
fail(exception[0].toString());
}
}
Also used :
ArrayList(java.util.ArrayList)
LoginException(javax.jcr.LoginException)
RepositoryException(javax.jcr.RepositoryException)
NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)
SimpleCredentials(javax.jcr.SimpleCredentials)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)
Aggregations
TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)38
Test (org.junit.Test)23
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)17
SimpleCredentials (javax.jcr.SimpleCredentials)16
TokenInfo (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)12
LoginException (javax.security.auth.login.LoginException)9
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)9
Credentials (javax.jcr.Credentials)7
RepositoryException (javax.jcr.RepositoryException)6
Session (javax.jcr.Session)6
ArrayList (java.util.ArrayList)5
LoginException (javax.jcr.LoginException)5
GuestCredentials (javax.jcr.GuestCredentials)4
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)4
Root (org.apache.jackrabbit.oak.api.Root)4
TokenProvider (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider)4
Subject (javax.security.auth.Subject)3
ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)3
TokenConfiguration (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration)3
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)3
