use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.
the class RememberMeAuthenticationMetaDataPopulatorTests method verifyWithTrueRememberMeCredentials.
@Test
public void verifyWithTrueRememberMeCredentials() {
final RememberMeUsernamePasswordCredential c = new RememberMeUsernamePasswordCredential();
c.setRememberMe(true);
final AuthenticationBuilder builder = newBuilder(c);
final Authentication auth = builder.build();
assertEquals(true, auth.getAttributes().get(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME));
}
use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.
the class RememberMeAuthenticationMetaDataPopulatorTests method verifyWithFalseRememberMeCredentials.
@Test
public void verifyWithFalseRememberMeCredentials() {
final RememberMeUsernamePasswordCredential c = new RememberMeUsernamePasswordCredential();
c.setRememberMe(false);
final AuthenticationBuilder builder = newBuilder(c);
final Authentication auth = builder.build();
assertNull(auth.getAttributes().get(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME));
}
use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.
the class ShiroAuthenticationHandlerTests method checkAuthenticationSuccessfulMissingPermission.
@Test
public void checkAuthenticationSuccessfulMissingPermission() throws Exception {
final ShiroAuthenticationHandler shiro = new ShiroAuthenticationHandler("", null, null, Collections.emptySet(), Collections.singleton("dosomething"));
shiro.loadShiroConfiguration(new ClassPathResource("shiro.ini"));
final RememberMeUsernamePasswordCredential creds = new RememberMeUsernamePasswordCredential();
creds.setRememberMe(true);
creds.setUsername("casuser");
creds.setPassword("Mellon");
this.thrown.expect(FailedLoginException.class);
this.thrown.expectMessage("Required permission dosomething cannot be located");
shiro.authenticate(creds);
}
use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.
the class ShiroAuthenticationHandlerTests method checkAuthenticationSuccessfulMissingRole.
@Test
public void checkAuthenticationSuccessfulMissingRole() throws Exception {
final ShiroAuthenticationHandler shiro = new ShiroAuthenticationHandler("", null, null, Collections.singleton("student"), Collections.emptySet());
shiro.loadShiroConfiguration(new ClassPathResource("shiro.ini"));
final RememberMeUsernamePasswordCredential creds = new RememberMeUsernamePasswordCredential();
creds.setRememberMe(true);
creds.setUsername("casuser");
creds.setPassword("Mellon");
this.thrown.expect(FailedLoginException.class);
this.thrown.expectMessage("Required role student does not exist");
shiro.authenticate(creds);
}
use of org.apereo.cas.authentication.RememberMeUsernamePasswordCredential in project cas by apereo.
the class ShiroAuthenticationHandler method authenticateUsernamePasswordInternal.
@Override
protected HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential, final String originalPassword) throws GeneralSecurityException, PreventedException {
try {
final UsernamePasswordToken token = new UsernamePasswordToken(transformedCredential.getUsername(), transformedCredential.getPassword());
if (transformedCredential instanceof RememberMeUsernamePasswordCredential) {
token.setRememberMe(RememberMeUsernamePasswordCredential.class.cast(transformedCredential).isRememberMe());
}
final Subject currentUser = getCurrentExecutingSubject();
currentUser.login(token);
checkSubjectRolesAndPermissions(currentUser);
return createAuthenticatedSubjectResult(transformedCredential, currentUser);
} catch (final UnknownAccountException uae) {
throw new AccountNotFoundException(uae.getMessage());
} catch (final IncorrectCredentialsException ice) {
throw new FailedLoginException(ice.getMessage());
} catch (final LockedAccountException | ExcessiveAttemptsException lae) {
throw new AccountLockedException(lae.getMessage());
} catch (final ExpiredCredentialsException eae) {
throw new CredentialExpiredException(eae.getMessage());
} catch (final DisabledAccountException eae) {
throw new AccountDisabledException(eae.getMessage());
} catch (final AuthenticationException e) {
throw new FailedLoginException(e.getMessage());
}
}
Aggregations