Examples with SimplePrincipalCollection - org.apache.shiro.subject.SimplePrincipalCollection

Example 61 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.

the class LoginFilterTest method setup.

@Before
public void setup() throws Exception {
    MockitoAnnotations.initMocks(this);
    SimplePrincipalCollection principalCollection = new SimplePrincipalCollection();
    principalHolder = new PrincipalHolder();
    principalHolder.setPrincipals(principalCollection);
    loginFilter = new LoginFilter();
    loginFilter.setSecurityManager(securityManagerMock);
    loginFilter.setSessionFactory(sessionFactory);
    loginFilter.setContextPolicyManager(contextPolicyManager);
    loginFilter.init();
    subject = new SubjectImpl(principalCollectionMock, true, null, mock(org.apache.shiro.mgt.SecurityManager.class));
    when(securityAssertionMock.getToken()).thenReturn(goodSecurityTokenMock);
    when(principalCollectionMock.byType(SecurityAssertion.class)).thenReturn(Collections.singletonList(securityAssertionMock));
    when(principalCollectionMock.asList()).thenReturn(Arrays.asList(goodSecurityTokenMock));
    when(securityManagerMock.getSubject(goodAuthenticationTokenMock)).thenReturn(subject);
    when(securityManagerMock.getSubject(badAuthenticationTokenMock)).thenReturn(null);
    when(sessionMock.getId()).thenReturn("sessionId");
    when(requestMock.getSession(any(boolean.class))).thenReturn(sessionMock);
    when(sessionFactory.getOrCreateSession(any())).thenReturn(sessionMock);
    when(sessionMock.getAttribute(SECURITY_TOKEN_KEY)).thenReturn(principalHolder);
    when(sessionFactory.getOrCreateSession(any())).thenReturn(sessionMock);
    when(sessionMock.getAttribute(SECURITY_TOKEN_KEY)).thenReturn(principalHolder);
    when(contextPolicyManager.getSessionAccess()).thenReturn(true);
}

Also used : SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SubjectImpl(ddf.security.impl.SubjectImpl) PrincipalHolder(ddf.security.common.PrincipalHolder) Before(org.junit.Before)

Example 62 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.

the class SamlAssertionValidatorImplTest method testValidateInvalidSignature.

@Test(expected = AuthenticationFailureException.class)
public void testValidateInvalidSignature() throws Exception {
    Assertion assertion = createAssertion(false, false, "WRONG", new DateTime().minusSeconds(10));
    Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
    simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
    SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
    samlAssertionValidator.validate(samlAuthenticationToken);
}

Also used : Element(org.w3c.dom.Element) Assertion(org.opensaml.saml.saml2.core.Assertion) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SAMLAuthenticationToken(org.codice.ddf.security.handler.SAMLAuthenticationToken) DateTime(org.joda.time.DateTime) SecurityAssertionSaml(ddf.security.assertion.saml.impl.SecurityAssertionSaml) Test(org.junit.Test)

Example 63 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.

the class SamlAssertionValidatorImplTest method testValidateIncorrectSamlVersion.

@Test(expected = AuthenticationFailureException.class)
public void testValidateIncorrectSamlVersion() throws Exception {
    org.opensaml.saml.saml1.core.Assertion assertion = new org.opensaml.saml.saml1.core.impl.AssertionBuilder().buildObject();
    Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
    simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
    SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
    samlAssertionValidator.validate(samlAuthenticationToken);
}

Also used : Element(org.w3c.dom.Element) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SAMLAuthenticationToken(org.codice.ddf.security.handler.SAMLAuthenticationToken) SecurityAssertionSaml(ddf.security.assertion.saml.impl.SecurityAssertionSaml) Test(org.junit.Test)

Example 64 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.

the class SamlAssertionValidatorImplTest method testValidateBearerAssertion.

@Test
public void testValidateBearerAssertion() throws Exception {
    Assertion assertion = createAssertion(true, true, ISSUER, new DateTime().plusDays(3));
    Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
    simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
    SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
    X509Certificate[] certs = { certificate };
    samlAuthenticationToken.setX509Certs(certs);
    samlAssertionValidator.validate(samlAuthenticationToken);
}

Example 65 with SimplePrincipalCollection

use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.

the class SamlAssertionValidatorImplTest method testValidateInvalidIssuer.

@Test(expected = AuthenticationFailureException.class)
public void testValidateInvalidIssuer() throws Exception {
    Assertion assertion = createAssertion(false, true, "WRONG", new DateTime().minusSeconds(10));
    Element securityToken = SAMLUtils.getInstance().getSecurityTokenFromSAMLAssertion(samlObjectToString(assertion));
    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
    simplePrincipalCollection.add(new SecurityAssertionSaml(securityToken), "default");
    SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken(simplePrincipalCollection, simplePrincipalCollection, "127.0.0.1");
    samlAssertionValidator.validate(samlAuthenticationToken);
}

Aggregations

SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)87 Test (org.junit.Test)38 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)34 SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)12 Element (org.w3c.dom.Element)12 SecurityAssertion (ddf.security.assertion.SecurityAssertion)11 AuthorizationInfo (org.apache.shiro.authz.AuthorizationInfo)11 DefaultSecurityManager (org.apache.shiro.mgt.DefaultSecurityManager)11 SecurityAssertionSaml (ddf.security.assertion.saml.impl.SecurityAssertionSaml)10 Principal (java.security.Principal)10 SAMLAuthenticationToken (org.codice.ddf.security.handler.SAMLAuthenticationToken)10 ArrayList (java.util.ArrayList)9 Subject (org.apache.shiro.subject.Subject)9 AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)8 Subject (ddf.security.Subject)7 AuthenticationException (org.apache.shiro.authc.AuthenticationException)7 Realm (org.apache.shiro.realm.Realm)7 SimpleSession (org.apache.shiro.session.mgt.SimpleSession)7 UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)6 Assertion (org.opensaml.saml.saml2.core.Assertion)6