Search in sources :

Example 76 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class AbstractLoginModuleTest method testLogoutSuccess.

@Test
public void testLogoutSuccess() throws LoginException {
    Subject subject = new Subject(false, ImmutableSet.<Principal>of(new PrincipalImpl("pName")), ImmutableSet.of(new TestCredentials()), ImmutableSet.of());
    AbstractLoginModule loginModule = new TestLoginModule(TestCredentials.class);
    loginModule.initialize(subject, null, ImmutableMap.<String, Object>of(), null);
    assertTrue(loginModule.logout());
    assertTrue(subject.getPublicCredentials().isEmpty());
    assertTrue(subject.getPrincipals().isEmpty());
}
Also used : Subject(javax.security.auth.Subject) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Example 77 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class AbstractLoginModuleTest method testGetPrincipalsFromPrincipalMissingProvider.

@Test
public void testGetPrincipalsFromPrincipalMissingProvider() {
    AbstractLoginModule loginModule = initLoginModule(TestCredentials.class, new TestCallbackHandler());
    Set<? extends Principal> principals = loginModule.getPrincipals(new PrincipalImpl("principalName"));
    assertTrue(principals.isEmpty());
}
Also used : PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Example 78 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class L5_AccessControlListImplTest method testAddEntryWithInvalidPrincipals.

public void testAddEntryWithInvalidPrincipals() throws Exception {
    // EXERCISE: explain for each principal in the list why using it for an ACE fails
    List<Principal> invalidPrincipals = ImmutableList.of(new InvalidTestPrincipal("unknown"), null, new PrincipalImpl(""), new Principal() {

        @Override
        public String getName() {
            return "unknown";
        }
    });
    for (Principal principal : invalidPrincipals) {
        try {
            acl.addAccessControlEntry(principal, testPrivileges);
            fail("Adding an ACE with an invalid principal should fail");
        } catch (AccessControlException e) {
        // success
        }
    }
}
Also used : AccessControlException(javax.jcr.security.AccessControlException) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) InvalidTestPrincipal(org.apache.jackrabbit.oak.security.authorization.accesscontrol.InvalidTestPrincipal) Principal(java.security.Principal) InvalidTestPrincipal(org.apache.jackrabbit.oak.security.authorization.accesscontrol.InvalidTestPrincipal)

Example 79 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class L3_UserVsPrincipalTest method testCreateWithReverse.

@Test
public void testCreateWithReverse() throws RepositoryException, CommitFailedException {
    // EXERCISE: fix the test-case with the correct assertions and exception catching!
    // EXERCISE: if creating the user suceeds : verify if the testUser and user2 are equal. explain why!
    User user2 = null;
    try {
        user2 = getUserManager(root).createUser(testPrincipal.getName(), ExerciseUtility.TEST_PW, new PrincipalImpl(testId), null);
        root.commit();
        // EXERCISE
        Boolean expectedEquals = null;
        assertEquals(expectedEquals.booleanValue(), testUser.equals(user2));
    } finally {
        if (user2 != null) {
            user2.remove();
            root.commit();
        }
    }
}
Also used : User(org.apache.jackrabbit.api.security.user.User) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test) L2_AuthInfoTest(org.apache.jackrabbit.oak.exercise.security.authentication.L2_AuthInfoTest)

Example 80 with PrincipalImpl

use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.

the class UserManagementTest method testCreateWithIntermediateReadDeny.

@Test
public void testCreateWithIntermediateReadDeny() throws Exception {
    String path = UserConstants.DEFAULT_GROUP_PATH + "/a/b/c";
    Node groupRoot = JcrUtils.getOrCreateByPath(path, UserConstants.NT_REP_AUTHORIZABLE_FOLDER, superuser);
    superuser.save();
    try {
        deny(UserConstants.DEFAULT_GROUP_PATH, privilegesFromName(Privilege.JCR_READ));
        Privilege[] privs = privilegesFromNames(new String[] { Privilege.JCR_READ, PrivilegeConstants.REP_USER_MANAGEMENT, PrivilegeConstants.REP_WRITE });
        allow(path, privs);
        Group gr = getUserManager(testSession).createGroup(groupId, new PrincipalImpl(groupId), "a/b/c");
        testSession.save();
    } finally {
        superuser.refresh(false);
        superuser.getNode(UserConstants.DEFAULT_GROUP_PATH + "/a").remove();
        JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, UserConstants.DEFAULT_GROUP_PATH);
        if (acl != null) {
            acMgr.removePolicy(UserConstants.DEFAULT_GROUP_PATH, acl);
        }
        superuser.save();
    }
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) Node(javax.jcr.Node) Privilege(javax.jcr.security.Privilege) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) Test(org.junit.Test)

Aggregations

PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)87 Test (org.junit.Test)59 Principal (java.security.Principal)39 Group (org.apache.jackrabbit.api.security.user.Group)23 User (org.apache.jackrabbit.api.security.user.User)20 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)20 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)19 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)15 UserManager (org.apache.jackrabbit.api.security.user.UserManager)14 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)11 Session (javax.jcr.Session)8 SimpleCredentials (javax.jcr.SimpleCredentials)7 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)6 ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)6 CugPolicy (org.apache.jackrabbit.oak.spi.security.authorization.cug.CugPolicy)6 HashSet (java.util.HashSet)5 Nonnull (javax.annotation.Nonnull)4 SystemPrincipal (org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal)4 ArrayList (java.util.ArrayList)3 AccessControlList (javax.jcr.security.AccessControlList)3