Search in sources :

Example 1 with RememberMeUsernamePasswordCredential

use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.

the class RememberMeAuthenticationMetaDataPopulatorTests method verifyWithTrueRememberMeCredentials.

@Test
public void verifyWithTrueRememberMeCredentials() {
    final RememberMeUsernamePasswordCredential c = new RememberMeUsernamePasswordCredential();
    c.setRememberMe(true);
    final AuthenticationBuilder builder = newBuilder(c);
    final Authentication auth = builder.build();
    assertEquals(true, auth.getAttributes().get(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME));
}
Also used : DefaultAuthenticationBuilder(org.apereo.cas.authentication.DefaultAuthenticationBuilder) AuthenticationBuilder(org.apereo.cas.authentication.AuthenticationBuilder) Authentication(org.apereo.cas.authentication.Authentication) RememberMeUsernamePasswordCredential(org.apereo.cas.authentication.RememberMeUsernamePasswordCredential) Test(org.junit.Test)

Example 2 with RememberMeUsernamePasswordCredential

use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.

the class RememberMeAuthenticationMetaDataPopulatorTests method verifyWithFalseRememberMeCredentials.

@Test
public void verifyWithFalseRememberMeCredentials() {
    final RememberMeUsernamePasswordCredential c = new RememberMeUsernamePasswordCredential();
    c.setRememberMe(false);
    final AuthenticationBuilder builder = newBuilder(c);
    final Authentication auth = builder.build();
    assertNull(auth.getAttributes().get(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME));
}
Also used : DefaultAuthenticationBuilder(org.apereo.cas.authentication.DefaultAuthenticationBuilder) AuthenticationBuilder(org.apereo.cas.authentication.AuthenticationBuilder) Authentication(org.apereo.cas.authentication.Authentication) RememberMeUsernamePasswordCredential(org.apereo.cas.authentication.RememberMeUsernamePasswordCredential) Test(org.junit.Test)

Example 3 with RememberMeUsernamePasswordCredential

use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.

the class ShiroAuthenticationHandlerTests method checkAuthenticationSuccessfulMissingPermission.

@Test
public void checkAuthenticationSuccessfulMissingPermission() throws Exception {
    final ShiroAuthenticationHandler shiro = new ShiroAuthenticationHandler("", null, null, Collections.emptySet(), Collections.singleton("dosomething"));
    shiro.loadShiroConfiguration(new ClassPathResource("shiro.ini"));
    final RememberMeUsernamePasswordCredential creds = new RememberMeUsernamePasswordCredential();
    creds.setRememberMe(true);
    creds.setUsername("casuser");
    creds.setPassword("Mellon");
    this.thrown.expect(FailedLoginException.class);
    this.thrown.expectMessage("Required permission dosomething cannot be located");
    shiro.authenticate(creds);
}
Also used : ClassPathResource(org.springframework.core.io.ClassPathResource) RememberMeUsernamePasswordCredential(org.apereo.cas.authentication.RememberMeUsernamePasswordCredential) Test(org.junit.Test)

Example 4 with RememberMeUsernamePasswordCredential

use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.

the class ShiroAuthenticationHandlerTests method checkAuthenticationSuccessfulMissingRole.

@Test
public void checkAuthenticationSuccessfulMissingRole() throws Exception {
    final ShiroAuthenticationHandler shiro = new ShiroAuthenticationHandler("", null, null, Collections.singleton("student"), Collections.emptySet());
    shiro.loadShiroConfiguration(new ClassPathResource("shiro.ini"));
    final RememberMeUsernamePasswordCredential creds = new RememberMeUsernamePasswordCredential();
    creds.setRememberMe(true);
    creds.setUsername("casuser");
    creds.setPassword("Mellon");
    this.thrown.expect(FailedLoginException.class);
    this.thrown.expectMessage("Required role student does not exist");
    shiro.authenticate(creds);
}
Also used : ClassPathResource(org.springframework.core.io.ClassPathResource) RememberMeUsernamePasswordCredential(org.apereo.cas.authentication.RememberMeUsernamePasswordCredential) Test(org.junit.Test)

Example 5 with RememberMeUsernamePasswordCredential

use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.

the class ShiroAuthenticationHandler method authenticateUsernamePasswordInternal.

@Override
protected HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential, final String originalPassword) throws GeneralSecurityException, PreventedException {
    try {
        final UsernamePasswordToken token = new UsernamePasswordToken(transformedCredential.getUsername(), transformedCredential.getPassword());
        if (transformedCredential instanceof RememberMeUsernamePasswordCredential) {
            token.setRememberMe(RememberMeUsernamePasswordCredential.class.cast(transformedCredential).isRememberMe());
        }
        final Subject currentUser = getCurrentExecutingSubject();
        currentUser.login(token);
        checkSubjectRolesAndPermissions(currentUser);
        return createAuthenticatedSubjectResult(transformedCredential, currentUser);
    } catch (final UnknownAccountException uae) {
        throw new AccountNotFoundException(uae.getMessage());
    } catch (final IncorrectCredentialsException ice) {
        throw new FailedLoginException(ice.getMessage());
    } catch (final LockedAccountException | ExcessiveAttemptsException lae) {
        throw new AccountLockedException(lae.getMessage());
    } catch (final ExpiredCredentialsException eae) {
        throw new CredentialExpiredException(eae.getMessage());
    } catch (final DisabledAccountException eae) {
        throw new AccountDisabledException(eae.getMessage());
    } catch (final AuthenticationException e) {
        throw new FailedLoginException(e.getMessage());
    }
}
Also used : DisabledAccountException(org.apache.shiro.authc.DisabledAccountException) IncorrectCredentialsException(org.apache.shiro.authc.IncorrectCredentialsException) AccountLockedException(javax.security.auth.login.AccountLockedException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) ExcessiveAttemptsException(org.apache.shiro.authc.ExcessiveAttemptsException) Subject(org.apache.shiro.subject.Subject) ExpiredCredentialsException(org.apache.shiro.authc.ExpiredCredentialsException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) FailedLoginException(javax.security.auth.login.FailedLoginException) AccountNotFoundException(javax.security.auth.login.AccountNotFoundException) CredentialExpiredException(javax.security.auth.login.CredentialExpiredException) RememberMeUsernamePasswordCredential(org.apereo.cas.authentication.RememberMeUsernamePasswordCredential) LockedAccountException(org.apache.shiro.authc.LockedAccountException) AccountDisabledException(org.apereo.cas.authentication.exceptions.AccountDisabledException)

Aggregations

RememberMeUsernamePasswordCredential (org.apereo.cas.authentication.RememberMeUsernamePasswordCredential)7 Test (org.junit.Test)6 ClassPathResource (org.springframework.core.io.ClassPathResource)4 Authentication (org.apereo.cas.authentication.Authentication)2 AuthenticationBuilder (org.apereo.cas.authentication.AuthenticationBuilder)2 DefaultAuthenticationBuilder (org.apereo.cas.authentication.DefaultAuthenticationBuilder)2 AccountLockedException (javax.security.auth.login.AccountLockedException)1 AccountNotFoundException (javax.security.auth.login.AccountNotFoundException)1 CredentialExpiredException (javax.security.auth.login.CredentialExpiredException)1 FailedLoginException (javax.security.auth.login.FailedLoginException)1 AuthenticationException (org.apache.shiro.authc.AuthenticationException)1 DisabledAccountException (org.apache.shiro.authc.DisabledAccountException)1 ExcessiveAttemptsException (org.apache.shiro.authc.ExcessiveAttemptsException)1 ExpiredCredentialsException (org.apache.shiro.authc.ExpiredCredentialsException)1 IncorrectCredentialsException (org.apache.shiro.authc.IncorrectCredentialsException)1 LockedAccountException (org.apache.shiro.authc.LockedAccountException)1 UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)1 UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)1 Subject (org.apache.shiro.subject.Subject)1 AccountDisabledException (org.apereo.cas.authentication.exceptions.AccountDisabledException)1