Example 1 with SimpleAccountRealm
use of org.apache.shiro.realm.SimpleAccountRealm in project graylog2-server by Graylog2.
the class SessionCreatorTest method serviceUnavailableStateIsCleared.
/**
* Test that the service unavailable exception is cleared when the service becomes available again
*/
@Test
public void serviceUnavailableStateIsCleared() {
setUpUserMock();
assertFalse(SecurityUtils.getSubject().isAuthenticated());
final AtomicBoolean doThrow = new AtomicBoolean(true);
final SimpleAccountRealm switchableRealm = new SimpleAccountRealm() {
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
if (doThrow.get()) {
throw new AuthenticationServiceUnavailableException("not available");
} else {
return super.doGetAuthenticationInfo(token);
}
}
};
securityManager.setRealms(ImmutableList.of(switchableRealm, new SimpleAccountRealm()));
// realm will throw an exception on auth attempt
assertThatThrownBy(() -> sessionCreator.create(null, "host", validToken)).isInstanceOf(AuthenticationServiceUnavailableException.class);
assertThat(SecurityUtils.getSubject().isAuthenticated()).isFalse();
// switch realm to not throw an exception but simply reject the credentials
doThrow.set(false);
sessionCreator.create(null, "host", validToken);
assertThat(SecurityUtils.getSubject().isAuthenticated()).isFalse();
}
Also used :
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
AuthenticationToken(org.apache.shiro.authc.AuthenticationToken)
SimpleAccountRealm(org.apache.shiro.realm.SimpleAccountRealm)
Test(org.junit.Test)
Example 2 with SimpleAccountRealm
use of org.apache.shiro.realm.SimpleAccountRealm in project graylog2-server by Graylog2.
the class SessionCreatorTest method setUp.
@Before
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
SimpleAccountRealm realm = new SimpleAccountRealm();
realm.addAccount(validToken.getUsername(), String.valueOf(validToken.getPassword()));
// Set up a security manager like in DefaultSecurityManagerProvider
securityManager = new DefaultSecurityManager(realm);
FirstSuccessfulStrategy strategy = new ThrowingFirstSuccessfulStrategy();
strategy.setStopAfterFirstSuccess(true);
((ModularRealmAuthenticator) securityManager.getAuthenticator()).setAuthenticationStrategy(strategy);
SecurityUtils.setSecurityManager(securityManager);
}
Also used :
ModularRealmAuthenticator(org.apache.shiro.authc.pam.ModularRealmAuthenticator)
SimpleAccountRealm(org.apache.shiro.realm.SimpleAccountRealm)
DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager)
FirstSuccessfulStrategy(org.apache.shiro.authc.pam.FirstSuccessfulStrategy)
Before(org.junit.Before)
Aggregations
SimpleAccountRealm (org.apache.shiro.realm.SimpleAccountRealm)2
AtomicBoolean (java.util.concurrent.atomic.AtomicBoolean)1
AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)1
FirstSuccessfulStrategy (org.apache.shiro.authc.pam.FirstSuccessfulStrategy)1
ModularRealmAuthenticator (org.apache.shiro.authc.pam.ModularRealmAuthenticator)1
DefaultSecurityManager (org.apache.shiro.mgt.DefaultSecurityManager)1
Before (org.junit.Before)1
Test (org.junit.Test)1
