use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.
the class Jackrabbit2ConfigurationTest method testTokenCreationAndImpersonation.
@Test
public void testTokenCreationAndImpersonation() throws Exception {
ContentSession cs = null;
try {
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
sc.setAttribute(".token", "");
ImpersonationCredentials ic = new ImpersonationCredentials(sc, new AuthInfoImpl(((SimpleCredentials) getAdminCredentials()).getUserID(), Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet()));
cs = login(ic);
Object token = sc.getAttribute(".token").toString();
assertNotNull(token);
TokenCredentials tc = new TokenCredentials(token.toString());
cs.close();
cs = login(tc);
} finally {
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.
the class Jackrabbit2ConfigurationTest method testTokenCreationWithImpersonationAttributes.
@Test
public void testTokenCreationWithImpersonationAttributes() throws Exception {
ContentSession cs = null;
try {
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
sc.setAttribute(".token", "");
sc.setAttribute(".token.mandatory", "something");
sc.setAttribute("attr", "val");
ImpersonationCredentials ic = new ImpersonationCredentials(sc, new AuthInfoImpl(((SimpleCredentials) getAdminCredentials()).getUserID(), Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet()));
cs = login(ic);
AuthInfo ai = cs.getAuthInfo();
Set<String> attrNames = ImmutableSet.copyOf(ai.getAttributeNames());
assertTrue(attrNames.contains("attr"));
assertFalse(attrNames.contains(".token"));
assertFalse(attrNames.contains(".token.mandatory"));
} finally {
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.
the class TokenProviderImplTest method testCreateTokenFromCredentials.
@Test
public void testCreateTokenFromCredentials() throws Exception {
SimpleCredentials sc = new SimpleCredentials(userId, new char[0]);
List<Credentials> valid = new ArrayList<Credentials>();
valid.add(sc);
valid.add(new ImpersonationCredentials(sc, null));
for (Credentials creds : valid) {
TokenInfo info = tokenProvider.createToken(creds);
assertTokenInfo(info, userId);
}
}
use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.
the class LoginModuleImplTest method testImpersonationWithAttributes.
@Test
public void testImpersonationWithAttributes() throws Exception {
ContentSession cs = null;
try {
createTestUser();
SimpleCredentials sc = new SimpleCredentials(USER_ID, USER_PW.toCharArray());
cs = login(sc);
AuthInfo authInfo = cs.getAuthInfo();
cs.close();
cs = null;
sc = new SimpleCredentials(USER_ID, new char[0]);
sc.setAttribute("attr", "value");
ImpersonationCredentials ic = new ImpersonationCredentials(sc, authInfo);
cs = login(ic);
authInfo = cs.getAuthInfo();
assertTrue(Arrays.asList(authInfo.getAttributeNames()).contains("attr"));
assertEquals("value", authInfo.getAttribute("attr"));
} finally {
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.
the class LoginModuleImplTest method testInvalidImpersonation.
@Test
public void testInvalidImpersonation() throws Exception {
ContentSession cs = null;
try {
createTestUser();
SimpleCredentials sc = new SimpleCredentials(USER_ID, USER_PW.toCharArray());
cs = login(sc);
AuthInfo authInfo = cs.getAuthInfo();
assertEquals(USER_ID, authInfo.getUserID());
cs.close();
cs = null;
ConfigurationParameters config = securityProvider.getConfiguration(UserConfiguration.class).getParameters();
String adminId = UserUtil.getAdminId(config);
sc = new SimpleCredentials(adminId, new char[0]);
ImpersonationCredentials ic = new ImpersonationCredentials(sc, authInfo);
try {
cs = login(ic);
fail("User 'test' should not be allowed to impersonate " + adminId);
} catch (LoginException e) {
// success
}
} finally {
if (cs != null) {
cs.close();
}
}
}
Aggregations