Examples with Authentication - org.apache.jackrabbit.oak.spi.security.authentication.Authentication

Example 6 with Authentication

use of org.apache.jackrabbit.oak.spi.security.authentication.Authentication in project jackrabbit-oak by apache.

the class PasswordExpiryTest method testAuthenticatePasswordExpired.

@Test
public void testAuthenticatePasswordExpired() throws Exception {
    Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
    // set password last modified to beginning of epoch
    root.getTree(getTestUser().getPath()).getChild(UserConstants.REP_PWD).setProperty(UserConstants.REP_PASSWORD_LAST_MODIFIED, 0);
    root.commit();
    try {
        a.authenticate(new SimpleCredentials(userId, userId.toCharArray()));
        fail("Credentials should be expired");
    } catch (CredentialExpiredException e) {
    // success
    }
}

Also used : SimpleCredentials(javax.jcr.SimpleCredentials) Authentication(org.apache.jackrabbit.oak.spi.security.authentication.Authentication) CredentialExpiredException(javax.security.auth.login.CredentialExpiredException) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 7 with Authentication

use of org.apache.jackrabbit.oak.spi.security.authentication.Authentication in project jackrabbit-oak by apache.

the class ResetExpiredPasswordTest method authenticate.

private void authenticate(String expiredPw, Object newPw) throws LoginException {
    SimpleCredentials creds = new SimpleCredentials(userId, expiredPw.toCharArray());
    creds.setAttribute(UserConstants.CREDENTIALS_ATTRIBUTE_NEWPASSWORD, newPw);
    Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
    a.authenticate(creds);
}

Also used : SimpleCredentials(javax.jcr.SimpleCredentials) Authentication(org.apache.jackrabbit.oak.spi.security.authentication.Authentication)

Example 8 with Authentication

use of org.apache.jackrabbit.oak.spi.security.authentication.Authentication in project jackrabbit-oak by apache.

the class TokenAuthenticationTest method testAuthenticateWithoutTokenProvider.

@Test
public void testAuthenticateWithoutTokenProvider() throws Exception {
    Authentication authentication = new TokenAuthentication(null);
    assertFalse(authentication.authenticate(new TokenCredentials("token")));
}

Also used : Authentication(org.apache.jackrabbit.oak.spi.security.authentication.Authentication) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 9 with Authentication

use of org.apache.jackrabbit.oak.spi.security.authentication.Authentication in project jackrabbit-oak by apache.

the class LoginModuleImplTest method testCustomUserAuthentication.

@Test
public void testCustomUserAuthentication() throws Exception {
    LoginModuleImpl loginModule = new LoginModuleImpl();
    UserAuthenticationFactory factory = new UserAuthenticationFactory() {

        @CheckForNull
        @Override
        public Authentication getAuthentication(@Nonnull UserConfiguration configuration, @Nonnull Root root, @Nullable String userId) {
            return new Authentication() {

                @Override
                public boolean authenticate(@Nullable Credentials credentials) throws LoginException {
                    return true;
                }

                @CheckForNull
                @Override
                public String getUserId() {
                    return null;
                }

                @CheckForNull
                @Override
                public Principal getUserPrincipal() {
                    return null;
                }
            };
        }
    };
    CallbackHandler cbh = new TestCallbackHandler(factory);
    SimpleCredentials creds = new SimpleCredentials("loginId", new char[0]);
    Subject subject = new Subject(false, Sets.<Principal>newHashSet(), ImmutableSet.of(creds), Sets.newHashSet());
    loginModule.initialize(subject, cbh, Maps.<String, Object>newHashMap(), Maps.<String, Object>newHashMap());
    assertTrue(loginModule.login());
    assertTrue(loginModule.commit());
    AuthInfo authInfo = subject.getPublicCredentials(AuthInfo.class).iterator().next();
    assertEquals("loginId", authInfo.getUserID());
}

Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) AuthInfo(org.apache.jackrabbit.oak.api.AuthInfo) UserAuthenticationFactory(org.apache.jackrabbit.oak.spi.security.user.UserAuthenticationFactory) Root(org.apache.jackrabbit.oak.api.Root) Nonnull(javax.annotation.Nonnull) Subject(javax.security.auth.Subject) SimpleCredentials(javax.jcr.SimpleCredentials) Authentication(org.apache.jackrabbit.oak.spi.security.authentication.Authentication) Nullable(javax.annotation.Nullable) GuestCredentials(javax.jcr.GuestCredentials) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) SimpleCredentials(javax.jcr.SimpleCredentials) Credentials(javax.jcr.Credentials) UserConfiguration(org.apache.jackrabbit.oak.spi.security.user.UserConfiguration) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 10 with Authentication

use of org.apache.jackrabbit.oak.spi.security.authentication.Authentication in project jackrabbit-oak by apache.

the class PasswordExpiryTest method testAuthenticatePasswordExpiredChangePassword.

@Test
public void testAuthenticatePasswordExpiredChangePassword() throws Exception {
    Authentication a = new UserAuthentication(getUserConfiguration(), root, userId);
    // set password last modified to beginning of epoch
    root.getTree(getTestUser().getPath()).getChild(UserConstants.REP_PWD).setProperty(UserConstants.REP_PASSWORD_LAST_MODIFIED, 0);
    root.commit();
    // changing the password should reset the pw last mod and the pw no longer be expired
    getTestUser().changePassword(userId);
    root.commit();
    assertTrue(a.authenticate(new SimpleCredentials(userId, userId.toCharArray())));
}

Also used : SimpleCredentials(javax.jcr.SimpleCredentials) Authentication(org.apache.jackrabbit.oak.spi.security.authentication.Authentication) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Aggregations

Authentication (org.apache.jackrabbit.oak.spi.security.authentication.Authentication)19 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)17 Test (org.junit.Test)17 SimpleCredentials (javax.jcr.SimpleCredentials)16 CredentialExpiredException (javax.security.auth.login.CredentialExpiredException)7 User (org.apache.jackrabbit.api.security.user.User)6 LoginException (javax.security.auth.login.LoginException)3 FailedLoginException (javax.security.auth.login.FailedLoginException)2 PropertyState (org.apache.jackrabbit.oak.api.PropertyState)2 Nonnull (javax.annotation.Nonnull)1 Nullable (javax.annotation.Nullable)1 Credentials (javax.jcr.Credentials)1 GuestCredentials (javax.jcr.GuestCredentials)1 Subject (javax.security.auth.Subject)1 CallbackHandler (javax.security.auth.callback.CallbackHandler)1 AccountLockedException (javax.security.auth.login.AccountLockedException)1 AccountNotFoundException (javax.security.auth.login.AccountNotFoundException)1 TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)1 Group (org.apache.jackrabbit.api.security.user.Group)1 AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)1