Example 56 with ExternalUser
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class DefaultSyncContextTest method testSyncMembershipGroupIsExternalUser.
@Test
public void testSyncMembershipGroupIsExternalUser() throws Exception {
// sync the 'wrong' external group into the repository
ExternalIdentity externalIdentity = idp.listUsers().next();
sync(externalIdentity);
// create external user with an synced-ext-user as declared group
ExternalUser withWrongDeclaredGroup = new ExternalUserWithDeclaredGroup(externalIdentity.getExternalId());
try {
Authorizable a = syncCtx.createUser(withWrongDeclaredGroup);
root.commit();
syncCtx.syncMembership(withWrongDeclaredGroup, a, 1);
assertFalse(root.hasPendingChanges());
} finally {
Authorizable a = userManager.getAuthorizable(withWrongDeclaredGroup.getId());
if (a != null) {
a.remove();
root.commit();
}
}
}
Also used :
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)
Test(org.junit.Test)
Example 57 with ExternalUser
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class DynamicSyncContextTest method testSyncExternalUserDepthInfinite.
@Test
public void testSyncExternalUserDepthInfinite() throws Exception {
syncConfig.user().setMembershipNestingDepth(Long.MAX_VALUE);
ExternalUser externalUser = idp.getUser(USER_ID);
sync(externalUser, SyncResult.Status.ADD);
Tree tree = r.getTree(userManager.getAuthorizable(USER_ID).getPath());
PropertyState extPrincipalNames = tree.getProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES);
assertNotNull(extPrincipalNames);
Set<String> pNames = Sets.newHashSet(extPrincipalNames.getValue(Type.STRINGS));
Set<String> expected = Sets.newHashSet();
collectGroupPrincipals(expected, externalUser.getDeclaredGroups(), Long.MAX_VALUE);
assertEquals(expected, pNames);
}
Also used :
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
Tree(org.apache.jackrabbit.oak.api.Tree)
PropertyState(org.apache.jackrabbit.oak.api.PropertyState)
AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)
Test(org.junit.Test)
Example 58 with ExternalUser
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class DefaultSyncContextTest method testSyncMembershipDepth1.
@Test
public void testSyncMembershipDepth1() throws Exception {
ExternalUser externalUser = idp.listUsers().next();
Authorizable a = syncCtx.createUser(externalUser);
syncCtx.syncMembership(externalUser, a, 1);
assertTrue(root.hasPendingChanges());
for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) {
Group g = userManager.getAuthorizable(ref.getId(), Group.class);
assertNotNull(g);
assertTrue(g.isDeclaredMember(a));
}
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)
Test(org.junit.Test)
Example 59 with ExternalUser
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class LdapProviderTest method testGetUserByRef.
@Test
public void testGetUserByRef() throws Exception {
ExternalIdentityRef ref = new ExternalIdentityRef(TEST_USER1_DN, IDP_NAME);
ExternalIdentity id = idp.getIdentity(ref);
assertTrue("User instance", id instanceof ExternalUser);
assertEquals("User ID", TEST_USER1_UID, id.getId());
}
Also used :
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)
Test(org.junit.Test)
Example 60 with ExternalUser
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class PrincipalProviderDeepNestingTest method testGetPrincipalInheritedGroups.
@Override
@Test
public void testGetPrincipalInheritedGroups() throws Exception {
ExternalUser externalUser = idp.getUser(USER_ID);
for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) {
ExternalIdentity externalGroup = idp.getIdentity(ref);
Principal grPrincipal = principalProvider.getPrincipal(externalGroup.getPrincipalName());
for (ExternalIdentityRef inheritedGroupRef : externalGroup.getDeclaredGroups()) {
String inheritedPrincName = idp.getIdentity(inheritedGroupRef).getPrincipalName();
Principal principal = principalProvider.getPrincipal(inheritedPrincName);
assertNotNull(principal);
assertTrue(principal instanceof java.security.acl.Group);
java.security.acl.Group inheritedGrPrincipal = (java.security.acl.Group) principal;
assertTrue(inheritedGrPrincipal.isMember(new PrincipalImpl(externalUser.getPrincipalName())));
assertFalse(inheritedGrPrincipal.isMember(grPrincipal));
}
}
}
Also used :
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)
Principal(java.security.Principal)
PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)
Test(org.junit.Test)
Aggregations
ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)63
Test (org.junit.Test)56
AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)28
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)23
ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)19
User (org.apache.jackrabbit.api.security.user.User)12
SimpleCredentials (javax.jcr.SimpleCredentials)10
Group (org.apache.jackrabbit.api.security.user.Group)8
ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)8
HashMap (java.util.HashMap)7
ExternalIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)6
SyncResult (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)6
PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)6
Tree (org.apache.jackrabbit.oak.api.Tree)5
Principal (java.security.Principal)4
Nonnull (javax.annotation.Nonnull)4
Value (javax.jcr.Value)4
UserManager (org.apache.jackrabbit.api.security.user.UserManager)4
LdapIdentityProvider (org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider)4
Collection (java.util.Collection)3
