Example 41 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project ART-TIME by Artezio.
the class ActiveDirectoryRealmTest method testDoGetAuthorizationInfo_ifExistManagedProjects.
@Test
public void testDoGetAuthorizationInfo_ifExistManagedProjects() throws Exception {
activeDirectoryRealm = PowerMock.createPartialMock(ActiveDirectoryRealm.class, "queryForAuthorizationInfo");
setField(activeDirectoryRealm, "projectRepository", projectRepository);
List<Project> projects = Arrays.asList(new Project());
PrincipalCollection principals = new SimplePrincipalCollection("principal", "ldapRealm");
AuthorizationInfo info = new SimpleAccount(principals, "credential", new HashSet<String>());
PowerMock.expectPrivate(activeDirectoryRealm, "queryForAuthorizationInfo", anyObject(PrincipalCollection.class), anyObject(LdapContextFactory.class)).andReturn(info);
expect(projectRepository.getProjectsByManager("principal")).andReturn(projects);
PowerMock.replayAll(projectRepository, activeDirectoryRealm);
AuthorizationInfo actual = activeDirectoryRealm.doGetAuthorizationInfo(principals);
PowerMock.verifyAll();
assertTrue(actual.getRoles().contains(UserRoles.EMPLOYEE_ROLE));
assertTrue(actual.getRoles().contains(UserRoles.PM_ROLE));
}
Also used :
SimpleAccount(org.apache.shiro.authc.SimpleAccount)
Project(com.artezio.arttime.datamodel.Project)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
AuthorizationInfo(org.apache.shiro.authz.AuthorizationInfo)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Test(org.junit.Test)
Example 42 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project wechat by dllwh.
the class CustomSessionManager method getSessionEntity.
/**
* ----------------------------------------------- [私有方法]
*/
private OnlineUser getSessionEntity(Session session) {
/**
* 获取登录信息
*/
Object obj = session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
if (null == obj) {
return null;
}
if (obj instanceof SimplePrincipalCollection) {
SimplePrincipalCollection spc = (SimplePrincipalCollection) obj;
obj = spc.getPrimaryPrincipal();
if (null != obj && obj instanceof SysUser) {
OnlineUser onlineUser = new OnlineUser((SysUser) obj);
// 最后一次和系统交互的时间
onlineUser.setLastAccess(session.getLastAccessTime());
// 主机的ip地址
onlineUser.setHost(session.getHost());
// session ID
onlineUser.setSessionId(session.getId().toString());
// 会话到期
onlineUser.setTimeout(session.getTimeout());
// 会话创建
onlineUser.setStartTime(session.getStartTimestamp());
SessionStatus sessionStatus = (SessionStatus) session.getAttribute(CacheConstans.SESSION_STATUS);
boolean status = Boolean.TRUE;
if (null != sessionStatus) {
status = sessionStatus.getOnlineStatus();
}
onlineUser.setSessionStatus(status);
return onlineUser;
}
}
return null;
}
Also used :
SysUser(com.cdeledu.model.rbac.SysUser)
OnlineUser(com.cdeledu.model.system.OnlineUser)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
Example 43 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project shiro by apache.
the class HashedCredentialsMatcherTest method testBackwardsCompatibleSaltedAuthenticationInfo.
/**
* Test backwards compatibility of salted credentials before
* <a href="https://issues.apache.org/jira/browse/SHIRO-186">SHIRO-186</a> edits.
*/
@Test
public void testBackwardsCompatibleSaltedAuthenticationInfo() {
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME);
// enable this for Shiro 1.0 backwards compatibility:
matcher.setHashSalted(true);
// simulate an account with SHA-1 hashed password, using the username as the salt
// (BAD IDEA, but backwards-compatible):
final String username = "username";
final String password = "password";
final Object hashedPassword = new Sha1Hash(password, username).getBytes();
AuthenticationInfo account = new AuthenticationInfo() {
public PrincipalCollection getPrincipals() {
return new SimplePrincipalCollection(username, "realmName");
}
public Object getCredentials() {
return hashedPassword;
}
};
// simulate a username/password (plaintext) token created in response to a login attempt:
AuthenticationToken token = new UsernamePasswordToken("username", "password");
// verify the hashed token matches what is in the account:
assertTrue(matcher.doCredentialsMatch(token, account));
}
Also used :
AuthenticationToken(org.apache.shiro.authc.AuthenticationToken)
Sha1Hash(org.apache.shiro.crypto.hash.Sha1Hash)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
AuthenticationInfo(org.apache.shiro.authc.AuthenticationInfo)
SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
Test(org.junit.Test)
Example 44 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project shiro by apache.
the class TextConfigurationRealmTest method testHasRole.
/*
* Tests that roles can't be read while the realm is being loaded.
*/
@Test
public void testHasRole() throws InterruptedException {
setUpForReadConfigurationTest();
executeTest(new Runnable() {
public void run() {
PrincipalCollection principalCollection = new SimplePrincipalCollection("user1", "realm1");
assertTrue("principal doesn't have role when it should", realm.hasRole(principalCollection, "role2"));
assertTrue("principal doesn't have all roles when it should", realm.hasAllRoles(principalCollection, Arrays.asList(new String[] { "role1", "role2" })));
}
});
}
Also used :
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
Test(org.junit.Test)
Example 45 with SimplePrincipalCollection
use of org.apache.shiro.subject.SimplePrincipalCollection in project shiro by apache.
the class TextConfigurationRealmTest method testCheckPermission.
/*
* Tests that a principal's permissions can't be checked while the realm is being loaded.
*/
@Test
public void testCheckPermission() throws InterruptedException {
setUpForReadConfigurationTest();
executeTest(new Runnable() {
public void run() {
PrincipalCollection principalCollection = new SimplePrincipalCollection("user1", "realm1");
try {
realm.checkPermission(principalCollection, "role1_permission1");
realm.checkPermissions(principalCollection, new String[] { "role1_permission1", "role2_permission2" });
} catch (AuthorizationException ae) {
fail("principal doesn't have permission when it should");
}
}
});
}
Also used :
AuthorizationException(org.apache.shiro.authz.AuthorizationException)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
Test(org.junit.Test)
Aggregations
SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)55
PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)26
Test (org.junit.Test)25
AuthorizationInfo (org.apache.shiro.authz.AuthorizationInfo)11
ArrayList (java.util.ArrayList)7
AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)7
DefaultSecurityManager (org.apache.shiro.mgt.DefaultSecurityManager)7
Realm (org.apache.shiro.realm.Realm)7
Principal (java.security.Principal)6
SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)6
UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)6
Subject (org.apache.shiro.subject.Subject)6
Subject (ddf.security.Subject)5
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)5
SimpleAccount (org.apache.shiro.authc.SimpleAccount)5
AuthorizingRealm (org.apache.shiro.realm.AuthorizingRealm)5
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)5
SecurityAssertion (ddf.security.assertion.SecurityAssertion)4
HashSet (java.util.HashSet)4
AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)4
