Search in sources :

Example 11 with ImpersonationCredentials

use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.

the class Jackrabbit2ConfigurationTest method testTokenCreationAndImpersonation.

@Test
public void testTokenCreationAndImpersonation() throws Exception {
    ContentSession cs = null;
    try {
        SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
        sc.setAttribute(".token", "");
        ImpersonationCredentials ic = new ImpersonationCredentials(sc, new AuthInfoImpl(((SimpleCredentials) getAdminCredentials()).getUserID(), Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet()));
        cs = login(ic);
        Object token = sc.getAttribute(".token").toString();
        assertNotNull(token);
        TokenCredentials tc = new TokenCredentials(token.toString());
        cs.close();
        cs = login(tc);
    } finally {
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) AuthInfoImpl(org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) Principal(java.security.Principal) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 12 with ImpersonationCredentials

use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.

the class Jackrabbit2ConfigurationTest method testTokenCreationWithImpersonationAttributes.

@Test
public void testTokenCreationWithImpersonationAttributes() throws Exception {
    ContentSession cs = null;
    try {
        SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
        sc.setAttribute(".token", "");
        sc.setAttribute(".token.mandatory", "something");
        sc.setAttribute("attr", "val");
        ImpersonationCredentials ic = new ImpersonationCredentials(sc, new AuthInfoImpl(((SimpleCredentials) getAdminCredentials()).getUserID(), Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet()));
        cs = login(ic);
        AuthInfo ai = cs.getAuthInfo();
        Set<String> attrNames = ImmutableSet.copyOf(ai.getAttributeNames());
        assertTrue(attrNames.contains("attr"));
        assertFalse(attrNames.contains(".token"));
        assertFalse(attrNames.contains(".token.mandatory"));
    } finally {
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) AuthInfo(org.apache.jackrabbit.oak.api.AuthInfo) AuthInfoImpl(org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) Principal(java.security.Principal) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 13 with ImpersonationCredentials

use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.

the class TokenProviderImplTest method testCreateTokenFromCredentials.

@Test
public void testCreateTokenFromCredentials() throws Exception {
    SimpleCredentials sc = new SimpleCredentials(userId, new char[0]);
    List<Credentials> valid = new ArrayList<Credentials>();
    valid.add(sc);
    valid.add(new ImpersonationCredentials(sc, null));
    for (Credentials creds : valid) {
        TokenInfo info = tokenProvider.createToken(creds);
        assertTokenInfo(info, userId);
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) ArrayList(java.util.ArrayList) TokenInfo(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo) GuestCredentials(javax.jcr.GuestCredentials) TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) SimpleCredentials(javax.jcr.SimpleCredentials) Credentials(javax.jcr.Credentials) Test(org.junit.Test)

Example 14 with ImpersonationCredentials

use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.

the class LoginModuleImplTest method testImpersonationWithAttributes.

@Test
public void testImpersonationWithAttributes() throws Exception {
    ContentSession cs = null;
    try {
        createTestUser();
        SimpleCredentials sc = new SimpleCredentials(USER_ID, USER_PW.toCharArray());
        cs = login(sc);
        AuthInfo authInfo = cs.getAuthInfo();
        cs.close();
        cs = null;
        sc = new SimpleCredentials(USER_ID, new char[0]);
        sc.setAttribute("attr", "value");
        ImpersonationCredentials ic = new ImpersonationCredentials(sc, authInfo);
        cs = login(ic);
        authInfo = cs.getAuthInfo();
        assertTrue(Arrays.asList(authInfo.getAttributeNames()).contains("attr"));
        assertEquals("value", authInfo.getAttribute("attr"));
    } finally {
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) AuthInfo(org.apache.jackrabbit.oak.api.AuthInfo) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 15 with ImpersonationCredentials

use of org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials in project jackrabbit-oak by apache.

the class LoginModuleImplTest method testInvalidImpersonation.

@Test
public void testInvalidImpersonation() throws Exception {
    ContentSession cs = null;
    try {
        createTestUser();
        SimpleCredentials sc = new SimpleCredentials(USER_ID, USER_PW.toCharArray());
        cs = login(sc);
        AuthInfo authInfo = cs.getAuthInfo();
        assertEquals(USER_ID, authInfo.getUserID());
        cs.close();
        cs = null;
        ConfigurationParameters config = securityProvider.getConfiguration(UserConfiguration.class).getParameters();
        String adminId = UserUtil.getAdminId(config);
        sc = new SimpleCredentials(adminId, new char[0]);
        ImpersonationCredentials ic = new ImpersonationCredentials(sc, authInfo);
        try {
            cs = login(ic);
            fail("User 'test' should not be allowed to impersonate " + adminId);
        } catch (LoginException e) {
        // success
        }
    } finally {
        if (cs != null) {
            cs.close();
        }
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) AuthInfo(org.apache.jackrabbit.oak.api.AuthInfo) ImpersonationCredentials(org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) LoginException(javax.security.auth.login.LoginException) ConfigurationParameters(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters) UserConfiguration(org.apache.jackrabbit.oak.spi.security.user.UserConfiguration) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Aggregations

ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)17 SimpleCredentials (javax.jcr.SimpleCredentials)15 Test (org.junit.Test)12 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)10 Credentials (javax.jcr.Credentials)7 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)7 GuestCredentials (javax.jcr.GuestCredentials)6 AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)5 LoginException (javax.security.auth.login.LoginException)4 TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)4 AuthInfoImpl (org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl)4 ArrayList (java.util.ArrayList)3 Principal (java.security.Principal)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 Nonnull (javax.annotation.Nonnull)2 FailedLoginException (javax.security.auth.login.FailedLoginException)2 User (org.apache.jackrabbit.api.security.user.User)2 IOException (java.io.IOException)1 CheckForNull (javax.annotation.CheckForNull)1