Example 6 with AuthInfoImpl
use of org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl in project jackrabbit-oak by apache.
the class Jackrabbit2ConfigurationTest method testTokenCreationAndImpersonation.
@Test
public void testTokenCreationAndImpersonation() throws Exception {
ContentSession cs = null;
try {
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
sc.setAttribute(".token", "");
ImpersonationCredentials ic = new ImpersonationCredentials(sc, new AuthInfoImpl(((SimpleCredentials) getAdminCredentials()).getUserID(), Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet()));
cs = login(ic);
Object token = sc.getAttribute(".token").toString();
assertNotNull(token);
TokenCredentials tc = new TokenCredentials(token.toString());
cs.close();
cs = login(tc);
} finally {
if (cs != null) {
cs.close();
}
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
AuthInfoImpl(org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl)
ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
Principal(java.security.Principal)
TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 7 with AuthInfoImpl
use of org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl in project jackrabbit-oak by apache.
the class PreAuthTest method testValidSubjectWithAuthInfo.
@Test
public void testValidSubjectWithAuthInfo() throws Exception {
AuthInfo info = new AuthInfoImpl("testUserId", Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet());
Set<AuthInfo> publicCreds = Collections.singleton(info);
final Subject subject = new Subject(false, Collections.singleton(new TestPrincipal()), publicCreds, Collections.<Object>emptySet());
ContentSession cs = Subject.doAsPrivileged(subject, new PrivilegedAction<ContentSession>() {
@Override
public ContentSession run() {
try {
return login(null);
} catch (Exception e) {
return null;
}
}
}, null);
try {
assertSame(info, cs.getAuthInfo());
} finally {
if (cs != null) {
cs.close();
}
}
}
Also used :
AuthInfo(org.apache.jackrabbit.oak.api.AuthInfo)
AuthInfoImpl(org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl)
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
Subject(javax.security.auth.Subject)
SystemSubject(org.apache.jackrabbit.oak.spi.security.authentication.SystemSubject)
LoginException(javax.security.auth.login.LoginException)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 8 with AuthInfoImpl
use of org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl in project jackrabbit-oak by apache.
the class Jackrabbit2ConfigurationTest method testTokenCreationWithImpersonationAttributes.
@Test
public void testTokenCreationWithImpersonationAttributes() throws Exception {
ContentSession cs = null;
try {
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
sc.setAttribute(".token", "");
sc.setAttribute(".token.mandatory", "something");
sc.setAttribute("attr", "val");
ImpersonationCredentials ic = new ImpersonationCredentials(sc, new AuthInfoImpl(((SimpleCredentials) getAdminCredentials()).getUserID(), Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet()));
cs = login(ic);
AuthInfo ai = cs.getAuthInfo();
Set<String> attrNames = ImmutableSet.copyOf(ai.getAttributeNames());
assertTrue(attrNames.contains("attr"));
assertFalse(attrNames.contains(".token"));
assertFalse(attrNames.contains(".token.mandatory"));
} finally {
if (cs != null) {
cs.close();
}
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
AuthInfo(org.apache.jackrabbit.oak.api.AuthInfo)
AuthInfoImpl(org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl)
ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)
ContentSession(org.apache.jackrabbit.oak.api.ContentSession)
Principal(java.security.Principal)
AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest)
Test(org.junit.Test)
Example 9 with AuthInfoImpl
use of org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl in project jackrabbit-oak by apache.
the class TestLoginModule method commit.
@Override
public boolean commit() throws LoginException {
if (userId != null) {
subject.getPrincipals().add(EveryonePrincipal.getInstance());
setAuthInfo(new AuthInfoImpl(userId, credentialsSupport.getAttributes(credentials), subject.getPrincipals()), subject);
return true;
} else {
return false;
}
}
Also used :
AuthInfoImpl(org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl)
Example 10 with AuthInfoImpl
use of org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl in project jackrabbit-oak by apache.
the class IndexInitializer method createAdministrativeSession.
private Session createAdministrativeSession() throws RepositoryException {
//Admin ID here can be any string and need not match the actual admin userId
final String adminId = "admin";
Principal admin = new AdminPrincipal() {
@Override
public String getName() {
return adminId;
}
};
AuthInfo authInfo = new AuthInfoImpl(adminId, null, singleton(admin));
Subject subject = new Subject(true, singleton(admin), singleton(authInfo), Collections.emptySet());
Session adminSession;
try {
adminSession = Subject.doAsPrivileged(subject, new PrivilegedExceptionAction<Session>() {
@Override
public Session run() throws Exception {
return repository.login();
}
}, null);
} catch (PrivilegedActionException e) {
throw new RepositoryException("failed to retrieve admin session.", e);
}
return adminSession;
}
Also used :
AdminPrincipal(org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal)
AuthInfo(org.apache.jackrabbit.oak.api.AuthInfo)
AuthInfoImpl(org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl)
PrivilegedActionException(java.security.PrivilegedActionException)
RepositoryException(javax.jcr.RepositoryException)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
AdminPrincipal(org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal)
Principal(java.security.Principal)
Subject(javax.security.auth.Subject)
Session(javax.jcr.Session)
Aggregations
AuthInfoImpl (org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl)11
AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)5
Principal (java.security.Principal)4
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)4
ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)4
Test (org.junit.Test)4
HashMap (java.util.HashMap)3
SimpleCredentials (javax.jcr.SimpleCredentials)3
Subject (javax.security.auth.Subject)3
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)3
PrivilegedActionException (java.security.PrivilegedActionException)2
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)2
Map (java.util.Map)2
Credentials (javax.jcr.Credentials)2
RepositoryException (javax.jcr.RepositoryException)2
Session (javax.jcr.Session)2
AdminPrincipal (org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal)2
Nonnull (javax.annotation.Nonnull)1
GuestCredentials (javax.jcr.GuestCredentials)1
LoginException (javax.security.auth.login.LoginException)1
