use of org.apache.tomcat.util.descriptor.web.SecurityConstraint in project tomcat by apache.
the class TestRealmBase method doRoleTest.
private void doRoleTest(List<String> userRoles, List<String> constraintOneRoles, List<String> constraintTwoRoles, List<String> applicationRoles, boolean expected) throws IOException {
TesterMapRealm mapRealm = new TesterMapRealm();
// Configure the security constraints for the resource
SecurityConstraint constraintOne = new SecurityConstraint();
if (constraintOneRoles != null) {
constraintOne.setAuthConstraint(true);
for (String constraintRole : constraintOneRoles) {
constraintOne.addAuthRole(constraintRole);
if (applicationRoles.contains(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS)) {
constraintOne.treatAllAuthenticatedUsersAsApplicationRole();
}
}
}
SecurityConstraint constraintTwo = new SecurityConstraint();
if (constraintTwoRoles != null) {
constraintTwo.setAuthConstraint(true);
for (String constraintRole : constraintTwoRoles) {
constraintTwo.addAuthRole(constraintRole);
if (applicationRoles.contains(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS)) {
constraintTwo.treatAllAuthenticatedUsersAsApplicationRole();
}
}
}
SecurityConstraint[] constraints = new SecurityConstraint[] { constraintOne, constraintTwo };
// Set up the mock request and response
Request request = new Request(null);
Response response = new TesterResponse();
Context context = new TesterContext();
for (String applicationRole : applicationRoles) {
context.addSecurityRole(applicationRole);
}
request.getMappingData().context = context;
// Configure the users in the Realm
if (userRoles != null) {
GenericPrincipal gp = new GenericPrincipal(USER1, PWD, userRoles);
request.setUserPrincipal(gp);
}
// Check if user meets constraints
boolean result = mapRealm.hasResourcePermission(request, response, constraints, null);
Assert.assertEquals(Boolean.valueOf(expected), Boolean.valueOf(result));
}
use of org.apache.tomcat.util.descriptor.web.SecurityConstraint in project tomcat by apache.
the class TestRestCsrfPreventionFilter2 method setUpApplication.
private void setUpApplication() throws Exception {
context = tomcat.addContext(CONTEXT_PATH_LOGIN, System.getProperty("java.io.tmpdir"));
context.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
Tomcat.addServlet(context, SERVLET_NAME, new TesterServlet());
context.addServletMappingDecoded(URI_PROTECTED, SERVLET_NAME);
FilterDef filterDef = new FilterDef();
filterDef.setFilterName(FILTER_NAME);
filterDef.setFilterClass(RestCsrfPreventionFilter.class.getCanonicalName());
filterDef.addInitParameter(FILTER_INIT_PARAM, REMOVE_CUSTOMER + "," + ADD_CUSTOMER);
context.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName(FILTER_NAME);
filterMap.addURLPatternDecoded(URI_CSRF_PROTECTED);
context.addFilterMap(filterMap);
SecurityCollection collection = new SecurityCollection();
collection.addPatternDecoded(URI_PROTECTED);
SecurityConstraint sc = new SecurityConstraint();
sc.addAuthRole(ROLE);
sc.addCollection(collection);
context.addConstraint(sc);
LoginConfig lc = new LoginConfig();
lc.setAuthMethod(METHOD);
context.setLoginConfig(lc);
AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
context.getPipeline().addValve(basicAuthenticator);
}
use of org.apache.tomcat.util.descriptor.web.SecurityConstraint in project cas by apereo.
the class CasEmbeddedContainerTomcatConfiguration method configureBasicAuthn.
private void configureBasicAuthn(final TomcatEmbeddedServletContainerFactory tomcat) {
final CasEmbeddedApacheTomcatBasicAuthenticationProperties basic = casProperties.getServer().getBasicAuthn();
if (basic.isEnabled()) {
tomcat.addContextCustomizers(ctx -> {
final LoginConfig config = new LoginConfig();
config.setAuthMethod("BASIC");
ctx.setLoginConfig(config);
basic.getSecurityRoles().forEach(ctx::addSecurityRole);
basic.getAuthRoles().forEach(r -> {
final SecurityConstraint constraint = new SecurityConstraint();
constraint.addAuthRole(r);
final SecurityCollection collection = new SecurityCollection();
basic.getPatterns().forEach(collection::addPattern);
constraint.addCollection(collection);
ctx.addConstraint(constraint);
});
});
tomcat.addContextValves(new BasicAuthenticator());
}
}
Aggregations