Examples with PrimaryPrincipal org.apache.knox.gateway.security.PrimaryPrincipal used on opensource projects

Search in sources :

Example 16 with PrimaryPrincipal

use of org.apache.knox.gateway.security.PrimaryPrincipal in project knox by apache.

the class RegexIdentityAssertionFilterTest method testExtractUsernameFromEmail.

@Test
public void testExtractUsernameFromEmail() throws Exception {
    FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
    EasyMock.expect(config.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
    EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    EasyMock.replay(config);
    EasyMock.replay(context);
    RegexIdentityAssertionFilter filter = new RegexIdentityAssertionFilter();
    Subject subject = new Subject();
    subject.getPrincipals().add(new PrimaryPrincipal("member@us.apache.org"));
    subject.getPrincipals().add(new GroupPrincipal("user"));
    subject.getPrincipals().add(new GroupPrincipal("admin"));
    // First test is with no config.  Since the output template is the empty string that should be the result.
    filter.init(config);
    String actual = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
    String[] groups = filter.mapGroupPrincipals(actual, subject);
    assertThat(actual, is(""));
    // means for the caller to use the existing subject groups
    assertThat(groups, is(nullValue()));
    // Test what is effectively a static mapping
    config = EasyMock.createNiceMock(FilterConfig.class);
    EasyMock.expect(config.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
    EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    EasyMock.expect(config.getInitParameter("output")).andReturn("test-output").anyTimes();
    EasyMock.replay(config);
    EasyMock.replay(context);
    filter.init(config);
    actual = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
    assertEquals(actual, "test-output");
    // Test username extraction.
    config = EasyMock.createNiceMock(FilterConfig.class);
    EasyMock.expect(config.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
    EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    EasyMock.expect(config.getInitParameter("input")).andReturn("(.*)@.*").anyTimes();
    EasyMock.expect(config.getInitParameter("output")).andReturn("prefix_{1}_suffix").anyTimes();
    EasyMock.replay(config);
    EasyMock.replay(context);
    filter.init(config);
    actual = filter.mapUserPrincipal("member@us.apache.org");
    assertEquals(actual, "prefix_member_suffix");
}
Also used : GroupPrincipal(org.apache.knox.gateway.security.GroupPrincipal) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) ServletContext(javax.servlet.ServletContext) FilterConfig(javax.servlet.FilterConfig) Subject(javax.security.auth.Subject) Principal(java.security.Principal) GroupPrincipal(org.apache.knox.gateway.security.GroupPrincipal) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) Test(org.junit.Test)

Example 17 with PrimaryPrincipal

use of org.apache.knox.gateway.security.PrimaryPrincipal in project knox by apache.

the class SwitchCaseIdentityAssertionFilterTest method testDefaultGroupsConfFromUsers.

@Test
public void testDefaultGroupsConfFromUsers() throws Exception {
    FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
    EasyMock.expect(config.getInitParameter("principal.case")).andReturn("UPPER").anyTimes();
    EasyMock.expect(config.getInitParameter("group.principal.case")).andReturn(null).anyTimes();
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
    EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    EasyMock.replay(config);
    EasyMock.replay(context);
    SwitchCaseIdentityAssertionFilter filter = new SwitchCaseIdentityAssertionFilter();
    Subject subject = new Subject();
    subject.getPrincipals().add(new PrimaryPrincipal("Member@us.apache.org"));
    subject.getPrincipals().add(new GroupPrincipal("users"));
    subject.getPrincipals().add(new GroupPrincipal("Admin"));
    filter.init(config);
    String actual = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
    String[] groups = filter.mapGroupPrincipals(actual, subject);
    assertThat(actual, is("MEMBER@US.APACHE.ORG"));
    assertThat(groups, is(arrayContainingInAnyOrder("ADMIN", "USERS")));
}
Also used : GroupPrincipal(org.apache.knox.gateway.security.GroupPrincipal) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) ServletContext(javax.servlet.ServletContext) FilterConfig(javax.servlet.FilterConfig) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 18 with PrimaryPrincipal

use of org.apache.knox.gateway.security.PrimaryPrincipal in project knox by apache.

the class SwitchCaseIdentityAssertionFilterTest method testNone.

@Test
public void testNone() throws Exception {
    FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
    EasyMock.expect(config.getInitParameter("principal.case")).andReturn("none").anyTimes();
    EasyMock.expect(config.getInitParameter("group.principal.case")).andReturn("none").anyTimes();
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
    EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    EasyMock.replay(config);
    EasyMock.replay(context);
    SwitchCaseIdentityAssertionFilter filter = new SwitchCaseIdentityAssertionFilter();
    Subject subject = new Subject();
    subject.getPrincipals().add(new PrimaryPrincipal("Member@us.apache.org"));
    subject.getPrincipals().add(new GroupPrincipal("users"));
    subject.getPrincipals().add(new GroupPrincipal("Admin"));
    filter.init(config);
    String actual = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
    String[] groups = filter.mapGroupPrincipals(actual, subject);
    assertThat(actual, is("Member@us.apache.org"));
    assertThat(groups, is(nullValue()));
}
Also used : GroupPrincipal(org.apache.knox.gateway.security.GroupPrincipal) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) ServletContext(javax.servlet.ServletContext) FilterConfig(javax.servlet.FilterConfig) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 19 with PrimaryPrincipal

use of org.apache.knox.gateway.security.PrimaryPrincipal in project knox by apache.

the class SwitchCaseIdentityAssertionFilterTest method testDefaultGroupsConfOverride.

@Test
public void testDefaultGroupsConfOverride() throws Exception {
    FilterConfig config = EasyMock.createNiceMock(FilterConfig.class);
    EasyMock.expect(config.getInitParameter("principal.case")).andReturn("UPPER").anyTimes();
    EasyMock.expect(config.getInitParameter("group.principal.case")).andReturn("none").anyTimes();
    ServletContext context = EasyMock.createNiceMock(ServletContext.class);
    EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
    EasyMock.expect(context.getInitParameter("principal.mapping")).andReturn("").anyTimes();
    EasyMock.replay(config);
    EasyMock.replay(context);
    SwitchCaseIdentityAssertionFilter filter = new SwitchCaseIdentityAssertionFilter();
    Subject subject = new Subject();
    subject.getPrincipals().add(new PrimaryPrincipal("Member@us.apache.org"));
    subject.getPrincipals().add(new GroupPrincipal("users"));
    subject.getPrincipals().add(new GroupPrincipal("Admin"));
    filter.init(config);
    String actual = filter.mapUserPrincipal(((Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]).getName());
    String[] groups = filter.mapGroupPrincipals(actual, subject);
    assertThat(actual, is("MEMBER@US.APACHE.ORG"));
    assertThat(groups, is(nullValue()));
}
Also used : GroupPrincipal(org.apache.knox.gateway.security.GroupPrincipal) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) ServletContext(javax.servlet.ServletContext) FilterConfig(javax.servlet.FilterConfig) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 20 with PrimaryPrincipal

use of org.apache.knox.gateway.security.PrimaryPrincipal in project knox by apache.

the class UsernameFunctionProcessorTest method testResolve.

@Test
public void testResolve() throws Exception {
    final UsernameFunctionProcessor processor = new UsernameFunctionProcessor();
    assertThat(processor.resolve(null, null), nullValue());
    assertThat(processor.resolve(null, Arrays.asList("test-input")), contains("test-input"));
    Subject subject = new Subject();
    subject.getPrincipals().add(new PrimaryPrincipal("test-username"));
    subject.setReadOnly();
    Subject.doAs(subject, new PrivilegedExceptionAction<Object>() {

        @Override
        public Object run() throws Exception {
            assertThat(processor.resolve(null, null), contains("test-username"));
            assertThat(processor.resolve(null, Arrays.asList("test-ignored")), contains("test-username"));
            return null;
        }
    });
}
Also used : PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) UsernameFunctionProcessor(org.apache.knox.gateway.identityasserter.common.function.UsernameFunctionProcessor) Subject(javax.security.auth.Subject) ServletException(javax.servlet.ServletException) URISyntaxException(java.net.URISyntaxException) PrivilegedActionException(java.security.PrivilegedActionException) IOException(java.io.IOException) Test(org.junit.Test)

Aggregations

PrimaryPrincipal (org.apache.knox.gateway.security.PrimaryPrincipal)42 Subject (javax.security.auth.Subject)30 Test (org.junit.Test)30 HttpServletRequest (javax.servlet.http.HttpServletRequest)19 ServletContext (javax.servlet.ServletContext)18 FilterConfig (javax.servlet.FilterConfig)17 HttpServletResponse (javax.servlet.http.HttpServletResponse)17 GroupPrincipal (org.apache.knox.gateway.security.GroupPrincipal)16 Principal (java.security.Principal)13 ServletException (javax.servlet.ServletException)12 SignedJWT (com.nimbusds.jwt.SignedJWT)10 Properties (java.util.Properties)10 Date (java.util.Date)9 ImpersonatedPrincipal (org.apache.knox.gateway.security.ImpersonatedPrincipal)4 HashSet (java.util.HashSet)3 IOException (java.io.IOException)2 PrintWriter (java.io.PrintWriter)2 StringWriter (java.io.StringWriter)2 URISyntaxException (java.net.URISyntaxException)2 PrivilegedActionException (java.security.PrivilegedActionException)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial