Examples with AuthenticationException org.codice.ddf.platform.filter.AuthenticationException used on opensource projects

Search in sources :

Example 6 with AuthenticationException

use of org.codice.ddf.platform.filter.AuthenticationException in project ddf by codice.

the class JettyAuthenticator method validateRequest.

@Override
public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean mandatory) throws ServerAuthException {
    TreeSet<ServiceReference<SecurityFilter>> sortedSecurityFilterServiceReferences = null;
    final BundleContext bundleContext = getContext();
    if (bundleContext == null) {
        throw new ServerAuthException("Unable to get BundleContext. No servlet SecurityFilters can be applied. Blocking the request processing.");
    }
    try {
        sortedSecurityFilterServiceReferences = new TreeSet<>(bundleContext.getServiceReferences(SecurityFilter.class, null));
    } catch (InvalidSyntaxException ise) {
        LOGGER.debug("Should never get this exception as there is no filter being passed.");
    }
    if (!CollectionUtils.isEmpty(sortedSecurityFilterServiceReferences)) {
        LOGGER.debug("Found {} filter(s), now filtering...", sortedSecurityFilterServiceReferences.size());
        final SecurityFilterChain chain = new SecurityFilterChain();
        // run in order of highest to lowest service ranking.
        for (ServiceReference<SecurityFilter> securityFilterServiceReference : sortedSecurityFilterServiceReferences) {
            final SecurityFilter securityFilter = bundleContext.getService(securityFilterServiceReference);
            if (!hasBeenInitialized(securityFilterServiceReference, bundleContext)) {
                initializeSecurityFilter(bundleContext, securityFilterServiceReference, securityFilter);
            }
            chain.addSecurityFilter(securityFilter);
        }
        try {
            chain.doFilter(servletRequest, servletResponse);
        } catch (IOException e) {
            throw new ServerAuthException("Unable to process security filter. Blocking the request processing.");
        } catch (AuthenticationChallengeException e) {
            return new Authentication.Challenge() {
            };
        } catch (AuthenticationException e) {
            return new Authentication.Failure() {
            };
        }
    } else {
        LOGGER.debug("Did not find any SecurityFilters. Send auth failure...");
        return new Authentication.Failure() {
        };
    }
    Subject subject = (Subject) servletRequest.getAttribute(SecurityConstants.SECURITY_SUBJECT);
    UserIdentity userIdentity = new JettyUserIdentity(getSecuritySubject(subject));
    return new JettyAuthenticatedUser(userIdentity);
}
Also used : AuthenticationChallengeException(org.codice.ddf.platform.filter.AuthenticationChallengeException) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) UserIdentity(org.eclipse.jetty.server.UserIdentity) ServerAuthException(org.eclipse.jetty.security.ServerAuthException) IOException(java.io.IOException) Subject(ddf.security.Subject) ServiceReference(org.osgi.framework.ServiceReference) Authentication(org.eclipse.jetty.server.Authentication) SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter) InvalidSyntaxException(org.osgi.framework.InvalidSyntaxException) BundleContext(org.osgi.framework.BundleContext)

Example 7 with AuthenticationException

use of org.codice.ddf.platform.filter.AuthenticationException in project ddf by codice.

the class WebSSOFilterTest method testDoFilterWithRedirected.

@Test
public void testDoFilterWithRedirected() throws AuthenticationException, IOException {
    ContextPolicy testPolicy = mock(ContextPolicy.class);
    ContextPolicyManager policyManager = mock(ContextPolicyManager.class);
    when(policyManager.getContextPolicy(MOCK_CONTEXT)).thenReturn(testPolicy);
    when(policyManager.isWhiteListed(MOCK_CONTEXT)).thenReturn(false);
    when(policyManager.getSessionAccess()).thenReturn(false);
    WebSSOFilter filter = new WebSSOFilter();
    // set handlers
    AuthenticationHandler handler1 = mock(AuthenticationHandler.class);
    HandlerResult noActionResult = mock(HandlerResult.class);
    when(noActionResult.getStatus()).thenReturn(Status.NO_ACTION);
    HandlerResult redirectedResult = mock(HandlerResult.class);
    when(redirectedResult.getStatus()).thenReturn(Status.REDIRECTED);
    when(redirectedResult.getToken()).thenReturn(null);
    when(handler1.getNormalizedToken(any(ServletRequest.class), any(ServletResponse.class), any(SecurityFilterChain.class), eq(false))).thenReturn(noActionResult);
    when(handler1.getNormalizedToken(any(ServletRequest.class), any(ServletResponse.class), any(SecurityFilterChain.class), eq(true))).thenReturn(redirectedResult);
    filter.setContextPolicyManager(policyManager);
    filter.setHandlerList(Collections.singletonList(handler1));
    SecurityFilterChain filterChain = mock(SecurityFilterChain.class);
    HttpServletRequest request = mock(HttpServletRequest.class);
    when(request.getRequestURI()).thenReturn(MOCK_CONTEXT);
    HttpServletResponse response = mock(HttpServletResponse.class);
    try {
        filter.doFilter(request, response, filterChain);
    } catch (AuthenticationException e) {
    }
    // the next filter should NOT be called
    verify(filterChain, never()).doFilter(request, response);
    verify(request, never()).setAttribute(eq(DDF_AUTHENTICATION_TOKEN), any(HandlerResult.class));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequest(javax.servlet.ServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletResponse(javax.servlet.ServletResponse) SecurityFilterChain(org.codice.ddf.platform.filter.SecurityFilterChain) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthenticationHandler(org.codice.ddf.security.handler.api.AuthenticationHandler) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager) Test(org.junit.Test)

Example 8 with AuthenticationException

use of org.codice.ddf.platform.filter.AuthenticationException in project ddf by codice.

the class WebSSOFilterTest method testDoFilterResolvingOnSecondCall.

@Test
public void testDoFilterResolvingOnSecondCall() throws IOException, AuthenticationException {
    ContextPolicy testPolicy = mock(ContextPolicy.class);
    when(testPolicy.getAuthenticationMethods()).thenReturn(Collections.singletonList("basic"));
    ContextPolicyManager policyManager = mock(ContextPolicyManager.class);
    when(policyManager.getContextPolicy(MOCK_CONTEXT)).thenReturn(testPolicy);
    when(policyManager.isWhiteListed(MOCK_CONTEXT)).thenReturn(false);
    when(policyManager.getSessionAccess()).thenReturn(false);
    WebSSOFilter filter = new WebSSOFilter();
    // set handlers
    AuthenticationHandler handler1 = mock(AuthenticationHandler.class);
    when(handler1.getAuthenticationType()).thenReturn("basic");
    HandlerResult noActionResult = mock(HandlerResult.class);
    when(noActionResult.getStatus()).thenReturn(Status.NO_ACTION);
    HandlerResult completedResult = mock(HandlerResult.class);
    when(completedResult.getStatus()).thenReturn(Status.COMPLETED);
    when(completedResult.getToken()).thenReturn(null);
    when(handler1.getNormalizedToken(any(ServletRequest.class), any(ServletResponse.class), any(SecurityFilterChain.class), eq(true))).thenReturn(completedResult);
    when(handler1.getNormalizedToken(any(ServletRequest.class), any(ServletResponse.class), any(SecurityFilterChain.class), eq(false))).thenReturn(noActionResult);
    filter.setContextPolicyManager(policyManager);
    filter.setHandlerList(Collections.singletonList(handler1));
    filter.setSecurityLogger(mock(SecurityLogger.class));
    SecurityFilterChain filterChain = mock(SecurityFilterChain.class);
    HttpServletRequest request = mock(HttpServletRequest.class);
    when(request.getRequestURI()).thenReturn(MOCK_CONTEXT);
    HttpServletResponse response = mock(HttpServletResponse.class);
    try {
        filter.doFilter(request, response, filterChain);
    } catch (AuthenticationException e) {
    }
    verify(handler1, times(2)).getNormalizedToken(any(HttpServletRequest.class), any(HttpServletResponse.class), any(SecurityFilterChain.class), anyBoolean());
    // the next filter should NOT be called
    verify(filterChain, never()).doFilter(request, response);
    verify(request, never()).setAttribute(eq(DDF_AUTHENTICATION_TOKEN), any(HandlerResult.class));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequest(javax.servlet.ServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletResponse(javax.servlet.ServletResponse) SecurityFilterChain(org.codice.ddf.platform.filter.SecurityFilterChain) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthenticationHandler(org.codice.ddf.security.handler.api.AuthenticationHandler) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager) SecurityLogger(ddf.security.audit.SecurityLogger) Test(org.junit.Test)

Example 9 with AuthenticationException

use of org.codice.ddf.platform.filter.AuthenticationException in project ddf by codice.

the class AuthorizationFilterTest method testBadSubject.

@Test
public void testBadSubject() {
    ContextPolicyManager contextPolicyManager = new TestPolicyManager();
    contextPolicyManager.setContextPolicy(PATH, getMockContextPolicy());
    AuthorizationFilter loginFilter = new AuthorizationFilter(contextPolicyManager);
    loginFilter.setSecurityLogger(mock(SecurityLogger.class));
    loginFilter.init();
    HttpServletRequest servletRequest = getMockServletRequest();
    servletRequest.setAttribute(SecurityConstants.SECURITY_SUBJECT, mock(Subject.class));
    HttpServletResponse servletResponse = mock(HttpServletResponse.class);
    SecurityFilterChain filterChain = (request, response) -> fail("Should not have called doFilter without a valid Subject");
    try {
        loginFilter.doFilter(servletRequest, servletResponse, filterChain);
    } catch (IOException | AuthenticationException e) {
        fail(e.getMessage());
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy) KeyValuePermissionImpl(ddf.security.permission.impl.KeyValuePermissionImpl) HashMap(java.util.HashMap) HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityConstants(ddf.security.SecurityConstants) Map(java.util.Map) Assert.fail(org.junit.Assert.fail) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager) Before(org.junit.Before) SecurityLogger(ddf.security.audit.SecurityLogger) CollectionPermission(ddf.security.permission.CollectionPermission) SecurityFilterChain(org.codice.ddf.platform.filter.SecurityFilterChain) Collection(java.util.Collection) HttpServletResponse(javax.servlet.http.HttpServletResponse) Subject(ddf.security.Subject) IOException(java.io.IOException) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) CollectionPermissionImpl(ddf.security.permission.impl.CollectionPermissionImpl) ThreadContext(org.apache.shiro.util.ThreadContext) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) Collections(java.util.Collections) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Mockito.mock(org.mockito.Mockito.mock) SecurityFilterChain(org.codice.ddf.platform.filter.SecurityFilterChain) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) Subject(ddf.security.Subject) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager) SecurityLogger(ddf.security.audit.SecurityLogger) Test(org.junit.Test)

Example 10 with AuthenticationException

use of org.codice.ddf.platform.filter.AuthenticationException in project ddf by codice.

the class AuthorizationFilterTest method testAuthorizedSubject.

@Test
public void testAuthorizedSubject() {
    ContextPolicyManager contextPolicyManager = new TestPolicyManager();
    contextPolicyManager.setContextPolicy(PATH, getMockContextPolicy());
    AuthorizationFilter loginFilter = new AuthorizationFilter(contextPolicyManager);
    loginFilter.setSecurityLogger(mock(SecurityLogger.class));
    loginFilter.init();
    Subject subject = mock(Subject.class);
    when(subject.isPermitted(any(CollectionPermission.class))).thenReturn(true);
    ThreadContext.bind(subject);
    HttpServletRequest servletRequest = getMockServletRequest();
    HttpServletResponse servletResponse = mock(HttpServletResponse.class);
    SecurityFilterChain filterChain = (request, response) -> sucess = true;
    try {
        loginFilter.doFilter(servletRequest, servletResponse, filterChain);
        if (!sucess) {
            fail("Should have called doFilter with a valid Subject");
        }
    } catch (IOException | AuthenticationException e) {
        fail(e.getMessage());
    }
    ThreadContext.unbindSubject();
}
Also used : ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy) KeyValuePermissionImpl(ddf.security.permission.impl.KeyValuePermissionImpl) HashMap(java.util.HashMap) HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityConstants(ddf.security.SecurityConstants) Map(java.util.Map) Assert.fail(org.junit.Assert.fail) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager) Before(org.junit.Before) SecurityLogger(ddf.security.audit.SecurityLogger) CollectionPermission(ddf.security.permission.CollectionPermission) SecurityFilterChain(org.codice.ddf.platform.filter.SecurityFilterChain) Collection(java.util.Collection) HttpServletResponse(javax.servlet.http.HttpServletResponse) Subject(ddf.security.Subject) IOException(java.io.IOException) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) CollectionPermissionImpl(ddf.security.permission.impl.CollectionPermissionImpl) ThreadContext(org.apache.shiro.util.ThreadContext) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) Collections(java.util.Collections) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Mockito.mock(org.mockito.Mockito.mock) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) Subject(ddf.security.Subject) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager) HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityFilterChain(org.codice.ddf.platform.filter.SecurityFilterChain) CollectionPermission(ddf.security.permission.CollectionPermission) SecurityLogger(ddf.security.audit.SecurityLogger) Test(org.junit.Test)

Aggregations

AuthenticationException (org.codice.ddf.platform.filter.AuthenticationException)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)9 Subject (ddf.security.Subject)8 IOException (java.io.IOException)8 HttpServletResponse (javax.servlet.http.HttpServletResponse)7 ContextPolicy (org.codice.ddf.security.policy.context.ContextPolicy)7 SecurityFilterChain (org.codice.ddf.platform.filter.SecurityFilterChain)6 ContextPolicyManager (org.codice.ddf.security.policy.context.ContextPolicyManager)6 Test (org.junit.Test)6 SecurityLogger (ddf.security.audit.SecurityLogger)5 CollectionPermission (ddf.security.permission.CollectionPermission)5 Collection (java.util.Collection)5 HandlerResult (org.codice.ddf.security.handler.api.HandlerResult)5 SecurityConstants (ddf.security.SecurityConstants)4 CollectionPermissionImpl (ddf.security.permission.impl.CollectionPermissionImpl)4 KeyValuePermissionImpl (ddf.security.permission.impl.KeyValuePermissionImpl)4 Collections (java.util.Collections)4 HashMap (java.util.HashMap)4 Map (java.util.Map)4 ThreadContext (org.apache.shiro.util.ThreadContext)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial