use of org.apache.knox.gateway.security.GroupPrincipal in project knox by apache.
the class SwitchCaseIdentityAssertionFilterTest method testDefaultConfig.
@Test
public void testDefaultConfig() throws Exception {
FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
EasyMock.expect(config.getInitParameter("principal.mapping")).andReturn("").anyTimes();
ServletContext context = EasyMock.createNiceMock(ServletContext.class);
EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
EasyMock.replay(config);
EasyMock.replay(context);
SwitchCaseIdentityAssertionFilter filter = new SwitchCaseIdentityAssertionFilter();
Subject subject = new Subject();
subject.getPrincipals().add(new PrimaryPrincipal("Member@us.apache.org"));
subject.getPrincipals().add(new GroupPrincipal("users"));
subject.getPrincipals().add(new GroupPrincipal("Admin"));
filter.init(config);
String actual = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
String[] groups = filter.mapGroupPrincipals(actual, subject);
assertThat(actual, is("member@us.apache.org"));
assertThat(groups, is(arrayContainingInAnyOrder("admin", "users")));
}
use of org.apache.knox.gateway.security.GroupPrincipal in project knox by apache.
the class SwitchCaseIdentityAssertionFilterTest method testUpperPrincipalAndGroups.
@Test
public void testUpperPrincipalAndGroups() throws Exception {
FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
EasyMock.expect(config.getInitParameter("principal.case")).andReturn("Upper").anyTimes();
EasyMock.expect(config.getInitParameter("group.principal.case")).andReturn("Upper").anyTimes();
EasyMock.expect(config.getInitParameter("principal.mapping")).andReturn("").anyTimes();
ServletContext context = EasyMock.createNiceMock(ServletContext.class);
EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
EasyMock.replay(config);
EasyMock.replay(context);
SwitchCaseIdentityAssertionFilter filter = new SwitchCaseIdentityAssertionFilter();
Subject subject = new Subject();
subject.getPrincipals().add(new PrimaryPrincipal("Member@us.apache.org"));
subject.getPrincipals().add(new GroupPrincipal("users"));
subject.getPrincipals().add(new GroupPrincipal("Admin"));
filter.init(config);
String actual = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
String[] groups = filter.mapGroupPrincipals(actual, subject);
assertThat(actual, is("MEMBER@US.APACHE.ORG"));
assertThat(groups, is(arrayContainingInAnyOrder("ADMIN", "USERS")));
}
use of org.apache.knox.gateway.security.GroupPrincipal in project knox by apache.
the class SwitchCaseIdentityAssertionFilterTest method testLowerPrincipalAndGroups.
@Test
public void testLowerPrincipalAndGroups() throws Exception {
FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
EasyMock.expect(config.getInitParameter("principal.case")).andReturn("lower").anyTimes();
EasyMock.expect(config.getInitParameter("group.principal.case")).andReturn("LOWER").anyTimes();
ServletContext context = EasyMock.createNiceMock(ServletContext.class);
EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
EasyMock.replay(config);
EasyMock.replay(context);
SwitchCaseIdentityAssertionFilter filter = new SwitchCaseIdentityAssertionFilter();
Subject subject = new Subject();
subject.getPrincipals().add(new PrimaryPrincipal("Member@us.apache.org"));
subject.getPrincipals().add(new GroupPrincipal("users"));
subject.getPrincipals().add(new GroupPrincipal("Admin"));
filter.init(config);
String actual = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
String[] groups = filter.mapGroupPrincipals(actual, subject);
assertThat(actual, is("member@us.apache.org"));
assertThat(groups, is(arrayContainingInAnyOrder("admin", "users")));
}
use of org.apache.knox.gateway.security.GroupPrincipal in project knox by apache.
the class DefaultIdentityAssertionFilterTest method testInitParameters.
@Test
public void testInitParameters() throws Exception {
FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
EasyMock.expect(config.getInitParameter("principal.mapping")).andReturn("").anyTimes();
ServletContext context = EasyMock.createNiceMock(ServletContext.class);
EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
EasyMock.replay(config);
EasyMock.replay(context);
IdentityAsserterFilter filter = new IdentityAsserterFilter();
Subject subject = new Subject();
subject.getPrincipals().add(new PrimaryPrincipal("lmccay"));
subject.getPrincipals().add(new GroupPrincipal("users"));
subject.getPrincipals().add(new GroupPrincipal("admin"));
filter.init(config);
String username = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
String[] groups = filter.mapGroupPrincipals(username, subject);
assertEquals("lmccay", username);
// means for the caller to use the existing subject groups
assertNull(groups);
config = EasyMock.createNiceMock(FilterConfig.class);
EasyMock.expect(config.getInitParameter("principal.mapping")).andReturn("lmccay,kminder=hdfs;newuser=mapred").anyTimes();
EasyMock.expect(config.getInitParameter("group.principal.mapping")).andReturn("kminder=group1;lmccay=mrgroup,mrducks").anyTimes();
context = EasyMock.createNiceMock(ServletContext.class);
EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
EasyMock.replay(config);
filter.init(config);
username = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
String[] mappedGroups = filter.mapGroupPrincipals(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName(), subject);
assertEquals("hdfs", username);
assertTrue("mrgroup not found in groups: " + mappedGroups, groupFoundIn("mrgroup", mappedGroups));
assertTrue("mrducks not found in groups: " + mappedGroups, groupFoundIn("mrducks", mappedGroups));
assertFalse("group1 WAS found in groups: " + mappedGroups, groupFoundIn("group1", mappedGroups));
subject = new Subject();
subject.getPrincipals().add(new PrimaryPrincipal("kminder"));
subject.getPrincipals().add(new GroupPrincipal("users"));
subject.getPrincipals().add(new GroupPrincipal("admin"));
config = EasyMock.createNiceMock(FilterConfig.class);
EasyMock.expect(config.getInitParameter("principal.mapping")).andReturn("lmccay,kminder=hdfs;newuser=mapred").anyTimes();
EasyMock.expect(config.getInitParameter("group.principal.mapping")).andReturn("kminder=group1;lmccay=mrgroup,mrducks").anyTimes();
context = EasyMock.createNiceMock(ServletContext.class);
EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
EasyMock.replay(config);
filter.init(config);
username = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
mappedGroups = filter.mapGroupPrincipals(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName(), subject);
assertEquals("hdfs", username);
assertTrue("group1 not found in groups: " + mappedGroups, groupFoundIn("group1", mappedGroups));
}
Aggregations