Search in sources :

Example 1 with SimpleAccountRealm

use of org.apache.shiro.realm.SimpleAccountRealm in project graylog2-server by Graylog2.

the class SessionCreatorTest method serviceUnavailableStateIsCleared.

/**
 * Test that the service unavailable exception is cleared when the service becomes available again
 */
@Test
public void serviceUnavailableStateIsCleared() {
    setUpUserMock();
    assertFalse(SecurityUtils.getSubject().isAuthenticated());
    final AtomicBoolean doThrow = new AtomicBoolean(true);
    final SimpleAccountRealm switchableRealm = new SimpleAccountRealm() {

        @Override
        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
            if (doThrow.get()) {
                throw new AuthenticationServiceUnavailableException("not available");
            } else {
                return super.doGetAuthenticationInfo(token);
            }
        }
    };
    securityManager.setRealms(ImmutableList.of(switchableRealm, new SimpleAccountRealm()));
    // realm will throw an exception on auth attempt
    assertThatThrownBy(() -> sessionCreator.create(null, "host", validToken)).isInstanceOf(AuthenticationServiceUnavailableException.class);
    assertThat(SecurityUtils.getSubject().isAuthenticated()).isFalse();
    // switch realm to not throw an exception but simply reject the credentials
    doThrow.set(false);
    sessionCreator.create(null, "host", validToken);
    assertThat(SecurityUtils.getSubject().isAuthenticated()).isFalse();
}
Also used : AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) AuthenticationToken(org.apache.shiro.authc.AuthenticationToken) SimpleAccountRealm(org.apache.shiro.realm.SimpleAccountRealm) Test(org.junit.Test)

Example 2 with SimpleAccountRealm

use of org.apache.shiro.realm.SimpleAccountRealm in project graylog2-server by Graylog2.

the class SessionCreatorTest method setUp.

@Before
public void setUp() throws Exception {
    MockitoAnnotations.initMocks(this);
    SimpleAccountRealm realm = new SimpleAccountRealm();
    realm.addAccount(validToken.getUsername(), String.valueOf(validToken.getPassword()));
    // Set up a security manager like in DefaultSecurityManagerProvider
    securityManager = new DefaultSecurityManager(realm);
    FirstSuccessfulStrategy strategy = new ThrowingFirstSuccessfulStrategy();
    strategy.setStopAfterFirstSuccess(true);
    ((ModularRealmAuthenticator) securityManager.getAuthenticator()).setAuthenticationStrategy(strategy);
    SecurityUtils.setSecurityManager(securityManager);
}
Also used : ModularRealmAuthenticator(org.apache.shiro.authc.pam.ModularRealmAuthenticator) SimpleAccountRealm(org.apache.shiro.realm.SimpleAccountRealm) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) FirstSuccessfulStrategy(org.apache.shiro.authc.pam.FirstSuccessfulStrategy) Before(org.junit.Before)

Aggregations

SimpleAccountRealm (org.apache.shiro.realm.SimpleAccountRealm)2 AtomicBoolean (java.util.concurrent.atomic.AtomicBoolean)1 AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)1 FirstSuccessfulStrategy (org.apache.shiro.authc.pam.FirstSuccessfulStrategy)1 ModularRealmAuthenticator (org.apache.shiro.authc.pam.ModularRealmAuthenticator)1 DefaultSecurityManager (org.apache.shiro.mgt.DefaultSecurityManager)1 Before (org.junit.Before)1 Test (org.junit.Test)1