Example 6 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.
the class RestSecurityTest method testSetSubjectOnClient.
@Test
public void testSetSubjectOnClient() throws Exception {
Element samlToken = readDocument("/saml.xml").getDocumentElement();
Subject subject = mock(Subject.class);
SecurityAssertion assertion = mock(SecurityAssertion.class);
SecurityToken token = new SecurityToken(UUID.randomUUID().toString(), samlToken, new Date(), new Date());
when(assertion.getSecurityToken()).thenReturn(token);
when(subject.getPrincipals()).thenReturn(new SimplePrincipalCollection(assertion, "sts"));
WebClient client = WebClient.create("https://example.org");
RestSecurity.setSubjectOnClient(subject, client);
assertNotNull(client.getHeaders().get(RestSecurity.AUTH_HEADER));
ArrayList headers = (ArrayList) client.getHeaders().get(RestSecurity.AUTH_HEADER);
boolean containsSaml = false;
for (Object header : headers) {
if (StringUtils.contains(header.toString(), RestSecurity.SAML_HEADER_PREFIX)) {
containsSaml = true;
}
}
assertTrue(containsSaml);
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
Subject(ddf.security.Subject)
Date(java.util.Date)
Test(org.junit.Test)
Example 7 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.
the class SecurityManagerImplTest method testAuthToken.
/**
* Creates mock objects and uses those to pass through the system when an authentication token
* is used.
*
* @throws SecurityServiceException
*/
@Test
public void testAuthToken() throws SecurityServiceException {
// mock setup
SimplePrincipalCollection principals = new SimplePrincipalCollection();
SecurityToken secToken = new SecurityToken();
principals.add(secToken, REALM_NAME);
AuthenticationToken authToken = mock(AuthenticationToken.class);
when(authToken.getCredentials()).thenReturn("testUser");
AuthenticationInfo info = mock(AuthenticationInfo.class);
when(info.getPrincipals()).thenReturn(principals);
// realm
Realm realm = mock(Realm.class);
when(realm.getAuthenticationInfo(authToken)).thenReturn(info);
when(realm.supports(authToken)).thenReturn(Boolean.TRUE);
when(realm.getName()).thenReturn(REALM_NAME);
SecurityManagerImpl manager = new SecurityManagerImpl();
manager.setRealms(Arrays.asList(new Realm[] { realm }));
Subject subject = manager.getSubject(authToken);
assertNotNull(subject);
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
AuthenticationToken(org.apache.shiro.authc.AuthenticationToken)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
Realm(org.apache.shiro.realm.Realm)
AuthenticationInfo(org.apache.shiro.authc.AuthenticationInfo)
Subject(ddf.security.Subject)
Test(org.junit.Test)
Example 8 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.
the class OperationPluginTest method setup.
@Before
public void setup() {
plugin = new OperationPlugin();
AuthorizingRealm realm = mock(AuthorizingRealm.class);
when(realm.getName()).thenReturn("mockRealm");
when(realm.isPermitted(any(PrincipalCollection.class), any(Permission.class))).then(makeDecision());
Collection<Realm> realms = new ArrayList<Realm>();
realms.add(realm);
DefaultSecurityManager manager = new DefaultSecurityManager();
manager.setRealms(realms);
SimplePrincipalCollection principalCollection = new SimplePrincipalCollection(new Principal() {
@Override
public String getName() {
return "testuser";
}
}, realm.getName());
subject = new MockSubject(manager, principalCollection);
}
Also used :
ArrayList(java.util.ArrayList)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager)
AuthorizingRealm(org.apache.shiro.realm.AuthorizingRealm)
CollectionPermission(ddf.security.permission.CollectionPermission)
Permission(org.apache.shiro.authz.Permission)
KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission)
Realm(org.apache.shiro.realm.Realm)
AuthorizingRealm(org.apache.shiro.realm.AuthorizingRealm)
Principal(java.security.Principal)
Before(org.junit.Before)
Example 9 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project ddf by codice.
the class TestResourceUsagePlugin method setSubject.
private void setSubject(String expectedUsername) {
AuthorizingRealm realm = mock(AuthorizingRealm.class);
when(realm.getName()).thenReturn("mockRealm");
when(realm.isPermitted(any(PrincipalCollection.class), any(Permission.class))).thenReturn(true);
Collection<Realm> realms = new ArrayList<>();
realms.add(realm);
DefaultSecurityManager manager = new DefaultSecurityManager();
manager.setRealms(realms);
SimplePrincipalCollection principalCollection = new SimplePrincipalCollection(new Principal() {
@Override
public String getName() {
return expectedUsername;
}
@Override
public String toString() {
return expectedUsername;
}
}, realm.getName());
subject = new MockSubject(manager, principalCollection);
}
Also used :
Permission(org.apache.shiro.authz.Permission)
ArrayList(java.util.ArrayList)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
Matchers.anyString(org.mockito.Matchers.anyString)
DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager)
AuthorizingRealm(org.apache.shiro.realm.AuthorizingRealm)
Realm(org.apache.shiro.realm.Realm)
AuthorizingRealm(org.apache.shiro.realm.AuthorizingRealm)
Principal(java.security.Principal)
Example 10 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project fruit-manage by liuzhaozhao.
the class ShiroDbRealm method clearCacheAuth.
public void clearCacheAuth(Object principal) {
SimplePrincipalCollection info = new SimplePrincipalCollection(principal, getName());
clearCachedAuthenticationInfo(info);
}
Also used :
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
Aggregations
SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)55
PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)26
Test (org.junit.Test)25
AuthorizationInfo (org.apache.shiro.authz.AuthorizationInfo)11
ArrayList (java.util.ArrayList)7
AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)7
DefaultSecurityManager (org.apache.shiro.mgt.DefaultSecurityManager)7
Realm (org.apache.shiro.realm.Realm)7
Principal (java.security.Principal)6
SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)6
UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)6
Subject (org.apache.shiro.subject.Subject)6
Subject (ddf.security.Subject)5
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)5
SimpleAccount (org.apache.shiro.authc.SimpleAccount)5
AuthorizingRealm (org.apache.shiro.realm.AuthorizingRealm)5
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)5
SecurityAssertion (ddf.security.assertion.SecurityAssertion)4
HashSet (java.util.HashSet)4
AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)4
