use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class AbstractJmxTest method assertSync.
static void assertSync(@Nonnull ExternalIdentity ei, @Nonnull UserManager userManager) throws Exception {
Authorizable authorizable;
if (ei instanceof ExternalUser) {
authorizable = userManager.getAuthorizable(ei.getId(), User.class);
} else {
authorizable = userManager.getAuthorizable(ei.getId(), Group.class);
}
assertNotNull(ei.getId(), authorizable);
assertEquals(ei.getId(), authorizable.getID());
assertEquals(ei.getExternalId(), ExternalIdentityRef.fromString(authorizable.getProperty(DefaultSyncContext.REP_EXTERNAL_ID)[0].getString()));
}
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class DynamicSyncContextTest method testSyncMembershipWithChangedGroups.
@Test
public void testSyncMembershipWithChangedGroups() throws Exception {
long nesting = 1;
syncConfig.user().setMembershipNestingDepth(nesting);
ExternalUser externalUser = idp.getUser(USER_ID);
sync(externalUser, SyncResult.Status.ADD);
Authorizable a = userManager.getAuthorizable(externalUser.getId());
assertDynamicMembership(a, externalUser, nesting);
// sync user with modified membership => must be reflected
// 1. empty set of declared groups
ExternalUser mod = new TestUserWithGroupRefs(externalUser, ImmutableSet.<ExternalIdentityRef>of());
syncContext.syncMembership(mod, a, nesting);
assertDynamicMembership(a, mod, nesting);
// 2. set with different groups that defined on IDP
mod = new TestUserWithGroupRefs(externalUser, ImmutableSet.<ExternalIdentityRef>of(idp.getGroup("a").getExternalId(), idp.getGroup("aa").getExternalId(), idp.getGroup("secondGroup").getExternalId()));
syncContext.syncMembership(mod, a, nesting);
assertDynamicMembership(a, mod, nesting);
}
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class DynamicSyncContextTest method testSyncMembershipWithChangedExistingGroups.
@Test
public void testSyncMembershipWithChangedExistingGroups() throws Exception {
long nesting = 1;
syncConfig.user().setMembershipNestingDepth(nesting);
ExternalUser externalUser = idp.getUser(USER_ID);
DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
ctx.sync(externalUser);
ctx.close();
Authorizable a = userManager.getAuthorizable(externalUser.getId());
assertSyncedMembership(userManager, a, externalUser);
// sync user with modified membership => must be reflected
// 1. empty set of declared groups
ExternalUser mod = new TestUserWithGroupRefs(externalUser, ImmutableSet.<ExternalIdentityRef>of());
syncContext.syncMembership(mod, a, nesting);
assertSyncedMembership(userManager, a, mod);
// 2. set with different groups that defined on IDP
mod = new TestUserWithGroupRefs(externalUser, ImmutableSet.<ExternalIdentityRef>of(idp.getGroup("a").getExternalId(), idp.getGroup("aa").getExternalId(), idp.getGroup("secondGroup").getExternalId()));
syncContext.syncMembership(mod, a, nesting);
assertSyncedMembership(userManager, a, mod);
}
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class ExternalGroupPrincipalProviderTest method testFindPrincipalsFiltersDuplicates.
@Test
public void testFindPrincipalsFiltersDuplicates() throws Exception {
ExternalGroup gr = idp.getGroup("a");
ExternalUser otherUser = new TestUser("anotherUser", ImmutableSet.of(gr.getExternalId()));
sync(otherUser);
Set<Principal> expected = new HashSet();
expected.add(new PrincipalImpl(gr.getPrincipalName()));
long depth = syncConfig.user().getMembershipNestingDepth();
if (depth > 1) {
collectExpectedPrincipals(expected, gr.getDeclaredGroups(), --depth);
}
Iterator<? extends Principal> res = principalProvider.findPrincipals("a", PrincipalManager.SEARCH_TYPE_ALL);
assertTrue(res.hasNext());
assertEquals(expected, ImmutableSet.copyOf(res));
}
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser in project jackrabbit-oak by apache.
the class LdapProviderTest method testAuthenticateCaseInsensitive.
@Test
public void testAuthenticateCaseInsensitive() throws Exception {
SimpleCredentials creds = new SimpleCredentials(TEST_USER1_UID.toUpperCase(), "pass".toCharArray());
ExternalUser user = idp.authenticate(creds);
assertNotNull("User 1 must authenticate", user);
assertEquals("User Ref", TEST_USER1_DN, user.getExternalId().getId());
}
Aggregations