Search in sources :

Example 1 with DelegatingSubject

use of org.apache.shiro.subject.support.DelegatingSubject in project killbill by killbill.

the class TestKillbillJdbcTenantRealm method testAuthentication.

@Test(groups = "slow")
public void testAuthentication() throws Exception {
    final DelegatingSubject subject = new DelegatingSubject(securityManager);
    // Good combo
    final AuthenticationToken goodToken = new UsernamePasswordToken(tenant.getApiKey(), tenant.getApiSecret());
    try {
        securityManager.login(subject, goodToken);
        Assert.assertTrue(true);
    } catch (final AuthenticationException e) {
        Assert.fail();
    }
    // Bad login
    final AuthenticationToken badPasswordToken = new UsernamePasswordToken(tenant.getApiKey(), tenant.getApiSecret() + "T");
    try {
        securityManager.login(subject, badPasswordToken);
        Assert.fail();
    } catch (final AuthenticationException e) {
        Assert.assertTrue(true);
    }
    // Bad password
    final AuthenticationToken badLoginToken = new UsernamePasswordToken(tenant.getApiKey() + "U", tenant.getApiSecret());
    try {
        securityManager.login(subject, badLoginToken);
        Assert.fail();
    } catch (final AuthenticationException e) {
        Assert.assertTrue(true);
    }
}
Also used : DelegatingSubject(org.apache.shiro.subject.support.DelegatingSubject) AuthenticationToken(org.apache.shiro.authc.AuthenticationToken) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) Test(org.testng.annotations.Test)

Example 2 with DelegatingSubject

use of org.apache.shiro.subject.support.DelegatingSubject in project killbill by killbill.

the class TestKillBillJdbcRealm method testAuthentication.

@Test(groups = "slow")
public void testAuthentication() throws SecurityApiException {
    final String username = "toto";
    final String password = "supperCompli43cated";
    securityApi.addRoleDefinition("root", ImmutableList.of("*"), callContext);
    securityApi.addUserRoles(username, password, ImmutableList.of("root"), callContext);
    final DelegatingSubject subject = new DelegatingSubject(securityManager);
    final AuthenticationToken goodToken = new UsernamePasswordToken(username, password);
    securityManager.login(subject, goodToken);
    Assert.assertTrue(true);
    try {
        final AuthenticationToken badToken = new UsernamePasswordToken(username, "somethingelse");
        securityManager.login(subject, badToken);
        Assert.assertTrue(true);
        securityManager.logout(subject);
        securityManager.login(subject, badToken);
        Assert.fail("Should not succeed to login with an incorrect password");
    } catch (final AuthenticationException e) {
    }
    // Update password and try again
    final String newPassword = "suppersimple";
    securityApi.updateUserPassword(username, newPassword, callContext);
    try {
        final AuthenticationToken notGoodTokenAnyLonger = goodToken;
        securityManager.login(subject, notGoodTokenAnyLonger);
        Assert.fail("Should not succeed to login with an incorrect password");
    } catch (final AuthenticationException e) {
    }
    final AuthenticationToken newGoodToken = new UsernamePasswordToken(username, newPassword);
    securityManager.login(subject, newGoodToken);
    Assert.assertTrue(true);
    securityManager.logout(subject);
    securityApi.invalidateUser(username, callContext);
    try {
        final AuthenticationToken notGoodTokenAnyLonger = goodToken;
        securityManager.login(subject, notGoodTokenAnyLonger);
        Assert.fail("Should not succeed to login with an incorrect password");
    } catch (final AuthenticationException e) {
    }
}
Also used : DelegatingSubject(org.apache.shiro.subject.support.DelegatingSubject) AuthenticationToken(org.apache.shiro.authc.AuthenticationToken) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) Test(org.testng.annotations.Test)

Example 3 with DelegatingSubject

use of org.apache.shiro.subject.support.DelegatingSubject in project ddf by codice.

the class SubjectImplTest method testFiveParamConstructor.

@Test
public void testFiveParamConstructor() {
    DelegatingSubject testSubject = new SubjectImpl(createTestCollection(), false, TEST_HOST, TEST_SESSION, TEST_MANAGER);
    assertEquals(createTestCollection(), testSubject.getPrincipals());
    assertFalse(testSubject.isAuthenticated());
    assertEquals(TEST_HOST, testSubject.getHost());
    assertEquals(TEST_SESSION.getId(), testSubject.getSession().getId());
    assertEquals(TEST_MANAGER, testSubject.getSecurityManager());
}
Also used : DelegatingSubject(org.apache.shiro.subject.support.DelegatingSubject) Test(org.junit.Test)

Example 4 with DelegatingSubject

use of org.apache.shiro.subject.support.DelegatingSubject in project ddf by codice.

the class SubjectImplTest method testFourParamConstructor.

@Test
public void testFourParamConstructor() {
    DelegatingSubject testSubject = new SubjectImpl(createTestCollection(), false, TEST_SESSION, TEST_MANAGER);
    assertEquals(createTestCollection(), testSubject.getPrincipals());
    assertFalse(testSubject.isAuthenticated());
    assertEquals(TEST_SESSION.getId(), testSubject.getSession().getId());
    assertEquals(TEST_MANAGER, testSubject.getSecurityManager());
}
Also used : DelegatingSubject(org.apache.shiro.subject.support.DelegatingSubject) Test(org.junit.Test)

Example 5 with DelegatingSubject

use of org.apache.shiro.subject.support.DelegatingSubject in project ddf by codice.

the class SubjectImplTest method testSixParamConstructor.

/**
     * Checks to make sure that the values are being passed through our implementation to the backed
     * implementation correctly.
     */
@Test
public void testSixParamConstructor() {
    DelegatingSubject testSubject = new SubjectImpl(createTestCollection(), false, TEST_HOST, TEST_SESSION, false, TEST_MANAGER);
    assertEquals(createTestCollection(), testSubject.getPrincipals());
    assertFalse(testSubject.isAuthenticated());
    assertEquals(TEST_HOST, testSubject.getHost());
    assertEquals(TEST_SESSION.getId(), testSubject.getSession().getId());
    assertEquals(TEST_MANAGER, testSubject.getSecurityManager());
}
Also used : DelegatingSubject(org.apache.shiro.subject.support.DelegatingSubject) Test(org.junit.Test)

Aggregations

DelegatingSubject (org.apache.shiro.subject.support.DelegatingSubject)5 Test (org.junit.Test)3 AuthenticationException (org.apache.shiro.authc.AuthenticationException)2 AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)2 UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)2 Test (org.testng.annotations.Test)2