Examples with Session org.apache.wiki.api.core.Session used on opensource projects

Example 1 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class WikiSessionTest method testAuthenticationCookieWhenOn.

@Test
public void testAuthenticationCookieWhenOn() throws WikiException, ServletException, IOException {
    final Properties props = TestEngine.getTestProperties();
    props.setProperty(AuthenticationManager.PROP_ALLOW_COOKIE_AUTH, "true");
    m_engine = new TestEngine(props);
    final MockHttpServletRequest request;
    final Session wikiSession;
    // Set the authentication cookie first
    MockHttpServletResponse response = new MockHttpServletResponse();
    CookieAuthenticationLoginModule.setLoginCookie(m_engine, response, "Fred Flintstone");
    final Cookie[] cookies = response.getCookies();
    Assertions.assertEquals(1, cookies.length);
    final String uid = cookies[0].getValue();
    // Adding the magic "authentication cookie" should count as authenticated
    request = m_engine.newHttpRequest();
    request.setUserPrincipal(null);
    request.setCookies(new Cookie[] { new Cookie("JSPWikiUID", uid) });
    runSecurityFilter(m_engine, request);
    wikiSession = Wiki.session().find(m_engine, request);
    Assertions.assertFalse(wikiSession.isAnonymous());
    Assertions.assertTrue(wikiSession.isAuthenticated());
    Assertions.assertEquals("Fred Flintstone", wikiSession.getUserPrincipal().getName());
    // Clear the authentication cookie
    response = new MockHttpServletResponse();
    CookieAuthenticationLoginModule.clearLoginCookie(m_engine, request, response);
}

Example 2 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class WikiSessionTest method testAuthenticationCookieDefaults.

@Test
public void testAuthenticationCookieDefaults() throws ServletException, IOException {
    final MockHttpServletRequest request;
    final Session wikiSession;
    // Set the authentication cookie first
    MockHttpServletResponse response = new MockHttpServletResponse();
    CookieAuthenticationLoginModule.setLoginCookie(m_engine, response, "Fred Flintstone");
    final Cookie[] cookies = response.getCookies();
    Assertions.assertEquals(1, cookies.length);
    final String uid = cookies[0].getValue();
    // Adding the magic "authentication cookie" should NOT count as authenticated in the default case
    // (because cookie authentication is OFF).
    request = m_engine.newHttpRequest();
    request.setUserPrincipal(null);
    request.setCookies(new Cookie[] { new Cookie("JSPWikiUID", uid) });
    runSecurityFilter(m_engine, request);
    wikiSession = Wiki.session().find(m_engine, request);
    Assertions.assertTrue(wikiSession.isAnonymous());
    Assertions.assertFalse(wikiSession.isAuthenticated());
    Assertions.assertEquals("127.0.0.1", wikiSession.getUserPrincipal().getName());
    // Clear the authentication cookie
    response = new MockHttpServletResponse();
    CookieAuthenticationLoginModule.clearLoginCookie(m_engine, request, response);
}

Example 3 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class WikiSessionTest method testIPAddress.

@Test
public void testIPAddress() throws ServletException, IOException {
    final MockHttpServletRequest request;
    final Session wikiSession;
    // A naked HTTP request without userPrincipal/remoteUser should be anonymous
    request = m_engine.newHttpRequest();
    request.setUserPrincipal(null);
    runSecurityFilter(m_engine, request);
    wikiSession = Wiki.session().find(m_engine, request);
    Assertions.assertTrue(wikiSession.isAnonymous());
}

Example 4 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class WikiSessionTest method authenticatedSession.

public static Session authenticatedSession(final TestEngine engine, final String id, final String password) throws Exception {
    // Build anon session
    final MockHttpServletRequest request = engine.newHttpRequest();
    // Log in as anon
    runSecurityFilter(engine, request);
    // Log in the user with credentials
    final Session session = Wiki.session().find(engine, request);
    engine.getManager(AuthenticationManager.class).login(session, request, id, password);
    // Make sure the user is actually authenticated
    if (!session.isAuthenticated()) {
        throw new IllegalStateException("Could not log in authenticated user '" + id + "'");
    }
    return session;
}

Example 5 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class WikiSessionTest method testUserPrincipal.

@Test
public void testUserPrincipal() throws ServletException, IOException {
    final MockHttpServletRequest request;
    final Session wikiSession;
    // Changing the UserPrincipal value should cause the user to be authenticated...
    request = m_engine.newHttpRequest();
    request.setUserPrincipal(new WikiPrincipal("Fred Flintstone"));
    runSecurityFilter(m_engine, request);
    wikiSession = Wiki.session().find(m_engine, request);
    Assertions.assertTrue(wikiSession.isAuthenticated());
    Assertions.assertEquals("Fred Flintstone", wikiSession.getUserPrincipal().getName());
}