Example 36 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class ExternalGroupPrincipalProviderTest method testGetPrincipalDynamicGroup.
@Test
public void testGetPrincipalDynamicGroup() throws Exception {
for (ExternalIdentityRef ref : idp.getUser(USER_ID).getDeclaredGroups()) {
String princName = idp.getIdentity(ref).getPrincipalName();
Principal principal = principalProvider.getPrincipal(princName);
assertNotNull(principal);
assertTrue(principal instanceof java.security.acl.Group);
}
}
Also used :
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
Principal(java.security.Principal)
Test(org.junit.Test)
Example 37 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class DelegateeTest method testSyncThrowingExternalUserSaveError.
@Test
public void testSyncThrowingExternalUserSaveError() throws Exception {
Root r = preventRootCommit(delegatee);
;
String[] result = delegatee.syncExternalUsers(new String[] { new ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION, idp.getName()).getString() });
assertResultMessages(result, TestIdentityProvider.ID_EXCEPTION, "ERR");
assertFalse(r.hasPendingChanges());
}
Also used :
Root(org.apache.jackrabbit.oak.api.Root)
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
Test(org.junit.Test)
Example 38 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class SyncMBeanImplTest method testSyncAllUsersException.
@Test
public void testSyncAllUsersException() throws Exception {
User u = getUserManager().createUser(TestIdentityProvider.ID_EXCEPTION, null);
u.setProperty(DefaultSyncContext.REP_EXTERNAL_ID, getValueFactory().createValue(new ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION, idp.getName()).getString()));
root.commit();
String[] result = syncMBean.syncAllUsers(false);
assertResultMessages(result, TestIdentityProvider.ID_EXCEPTION, "ERR");
result = syncMBean.syncAllUsers(true);
assertResultMessages(result, TestIdentityProvider.ID_EXCEPTION, "ERR");
}
Also used :
User(org.apache.jackrabbit.api.security.user.User)
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
Test(org.junit.Test)
Example 39 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class DynamicSyncContextTest method testSyncForeignExternalGroup.
@Test
public void testSyncForeignExternalGroup() throws Exception {
ExternalGroup foreign = new TestIdentityProvider.ForeignExternalGroup();
SyncResult res = syncContext.sync(foreign);
assertNotNull(res);
assertSame(SyncResult.Status.FOREIGN, res.getStatus());
// expect {@code SyncedIdentity} in accordance with {@code sync(String userId)},
// where the authorizable is found to be linked to a different IDP.
SyncedIdentity si = res.getIdentity();
assertNotNull(si);
assertEquals(foreign.getId(), si.getId());
ExternalIdentityRef ref = si.getExternalIdRef();
assertNotNull(ref);
assertEquals(foreign.getExternalId(), ref);
assertTrue(si.isGroup());
assertEquals(-1, si.lastSynced());
assertFalse(r.hasPendingChanges());
}
Also used :
ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
SyncedIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity)
SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)
AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)
Test(org.junit.Test)
Example 40 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class DynamicSyncContextTest method testSyncMembershipWithChangedGroups.
@Test
public void testSyncMembershipWithChangedGroups() throws Exception {
long nesting = 1;
syncConfig.user().setMembershipNestingDepth(nesting);
ExternalUser externalUser = idp.getUser(USER_ID);
sync(externalUser, SyncResult.Status.ADD);
Authorizable a = userManager.getAuthorizable(externalUser.getId());
assertDynamicMembership(a, externalUser, nesting);
// sync user with modified membership => must be reflected
// 1. empty set of declared groups
ExternalUser mod = new TestUserWithGroupRefs(externalUser, ImmutableSet.<ExternalIdentityRef>of());
syncContext.syncMembership(mod, a, nesting);
assertDynamicMembership(a, mod, nesting);
// 2. set with different groups that defined on IDP
mod = new TestUserWithGroupRefs(externalUser, ImmutableSet.<ExternalIdentityRef>of(idp.getGroup("a").getExternalId(), idp.getGroup("aa").getExternalId(), idp.getGroup("secondGroup").getExternalId()));
syncContext.syncMembership(mod, a, nesting);
assertDynamicMembership(a, mod, nesting);
}
Also used :
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)
Test(org.junit.Test)
Aggregations
ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)64
Test (org.junit.Test)47
ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)23
ExternalIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)18
ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)15
AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)14
Group (org.apache.jackrabbit.api.security.user.Group)11
User (org.apache.jackrabbit.api.security.user.User)10
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)7
SyncedIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity)6
Nonnull (javax.annotation.Nonnull)5
DebugTimer (org.apache.jackrabbit.oak.commons.DebugTimer)5
ExternalIdentityException (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException)5
SyncResult (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)5
Principal (java.security.Principal)4
HashMap (java.util.HashMap)4
LdapInvalidAttributeValueException (org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)4
UserManager (org.apache.jackrabbit.api.security.user.UserManager)4
Root (org.apache.jackrabbit.oak.api.Root)4
DefaultSyncedIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncedIdentity)4
