Example 11 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class JettyAuthenticatorTest method testDoFilterWithSecurityFiltersInCorrectOrder.
@Test
public void testDoFilterWithSecurityFiltersInCorrectOrder() throws IOException, ServerAuthException, AuthenticationException {
// given
final Dictionary dictionary0 = new Hashtable();
dictionary0.put(Constants.SERVICE_RANKING, 0);
final SecurityFilter securityFilter0 = registerSecurityFilter(dictionary0);
final Dictionary dictionary100 = new Hashtable();
dictionary100.put(Constants.SERVICE_RANKING, 100);
final SecurityFilter securityFilter100 = registerSecurityFilter(dictionary100);
final Dictionary dictionary1 = new Hashtable();
dictionary1.put(Constants.SERVICE_RANKING, 1);
final SecurityFilter securityFilter1 = registerSecurityFilter(dictionary1);
final SecurityFilter securityFilter = registerSecurityFilter(new Hashtable());
final Dictionary dictionary99 = new Hashtable();
dictionary99.put(Constants.SERVICE_RANKING, 99);
final SecurityFilter securityFilter99 = registerSecurityFilter(dictionary99);
final ServletRequest servletRequest = mock(ServletRequest.class);
final ServletResponse servletResponse = mock(ServletResponse.class);
// when
jettyAuthenticator.validateRequest(servletRequest, servletResponse, false);
// then
final InOrder inOrder = Mockito.inOrder(securityFilter0, securityFilter100, securityFilter1, securityFilter, securityFilter99);
inOrder.verify(securityFilter100).doFilter(eq(servletRequest), eq(servletResponse), any(SecurityFilterChain.class));
inOrder.verify(securityFilter99).doFilter(eq(servletRequest), eq(servletResponse), any(SecurityFilterChain.class));
inOrder.verify(securityFilter1).doFilter(eq(servletRequest), eq(servletResponse), any(SecurityFilterChain.class));
inOrder.verify(securityFilter0).doFilter(eq(servletRequest), eq(servletResponse), any(SecurityFilterChain.class));
inOrder.verify(securityFilter).doFilter(eq(servletRequest), eq(servletResponse), any(SecurityFilterChain.class));
}
Also used :
Dictionary(java.util.Dictionary)
ServletRequest(javax.servlet.ServletRequest)
ServletResponse(javax.servlet.ServletResponse)
SecurityFilterChain(org.codice.ddf.platform.filter.SecurityFilterChain)
InOrder(org.mockito.InOrder)
Hashtable(java.util.Hashtable)
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
Test(org.junit.Test)
Example 12 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class JettyAuthenticatorTest method testInitializeSecurityFilterWithComplicatedInitParams.
/**
* This method tests some edge cases of adding {@link SecurityFilter}s through {@link
* ServiceReference}s. Filter names must have service-property key="{@link
* org.osgi.service.http.whiteboard.HttpWhiteboardConstants#HTTP_WHITEBOARD_FILTER_NAME}", so the
* service-property with key="filter-name" will not be used to init the {@link
* javax.servlet.Filter}. The init param service-property prefix may be defined using the {@link
* org.ops4j.pax.web.extender.whiteboard.ExtenderConstants#PROPERTY_INIT_PREFIX} service-property
* key.
*/
@Test
public void testInitializeSecurityFilterWithComplicatedInitParams() throws IOException, ServerAuthException, AuthenticationException {
// given
final HttpSession httpSession = mock(HttpSession.class);
final Request servletRequest = mock(Request.class);
final ServletContext servletContext = mock(ServletContext.class);
final Dictionary dictionary = new Hashtable();
dictionary.put("filter-name", "my-test-filter");
final String incorrectlyFormattedInitParamKey = "incorrectlyFormattedInitParamKey";
dictionary.put("init." + incorrectlyFormattedInitParamKey, "incorrectlyFormattedInitParamValue");
final String customInitPrefix = "myInitPrefix.";
dictionary.put("init-prefix", customInitPrefix);
final String initParamKey = "initParamKey";
final String initParamValue = "initParamValue";
dictionary.put(customInitPrefix + initParamKey, initParamValue);
final String servletInitParamKey = "servletInitParamKey";
final String servletInitParamValue = "servletInitParamValue";
dictionary.put("servlet.init." + servletInitParamKey, servletInitParamValue);
final String anotherServiceProperty = "anotherServiceProperty";
dictionary.put(anotherServiceProperty, "anotherServicePropertyValue");
final SecurityFilter securityFilter = registerSecurityFilter(dictionary);
// when
jettyAuthenticator.validateRequest(servletRequest, mock(ServletResponse.class), false);
// then
verify(securityFilter).init();
}
Also used :
Dictionary(java.util.Dictionary)
ServletResponse(javax.servlet.ServletResponse)
HttpSession(javax.servlet.http.HttpSession)
Hashtable(java.util.Hashtable)
Request(org.eclipse.jetty.server.Request)
ServletRequest(javax.servlet.ServletRequest)
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
ServletContext(javax.servlet.ServletContext)
Test(org.junit.Test)
Example 13 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class JettyAuthenticatorTest method testSecurityFiltersOnlyInitializedOnce.
@Test
public void testSecurityFiltersOnlyInitializedOnce() throws IOException, ServerAuthException, AuthenticationException {
// given / when
final Dictionary dictionary1 = new Hashtable();
dictionary1.put("osgi.http.whiteboard.filter.name", "filter1");
final SecurityFilter securityFilter1 = registerSecurityFilter(dictionary1);
jettyAuthenticator.validateRequest(mock(ServletRequest.class), mock(ServletResponse.class), false);
final Dictionary dictionary2 = new Hashtable();
dictionary2.put("osgi.http.whiteboard.filter.name", "filter2");
final SecurityFilter securityFilter2 = registerSecurityFilter(dictionary2);
jettyAuthenticator.validateRequest(mock(ServletRequest.class), mock(ServletResponse.class), false);
jettyAuthenticator.validateRequest(mock(ServletRequest.class), mock(ServletResponse.class), false);
jettyAuthenticator.validateRequest(mock(ServletRequest.class), mock(ServletResponse.class), false);
final Dictionary dictionary3 = new Hashtable();
dictionary3.put("osgi.http.whiteboard.filter.name", "filter3");
final SecurityFilter securityFilter3 = registerSecurityFilter(dictionary3);
jettyAuthenticator.validateRequest(mock(ServletRequest.class), mock(ServletResponse.class), false);
// then
verify(securityFilter1).init();
verify(securityFilter2).init();
verify(securityFilter3).init();
}
Also used :
Dictionary(java.util.Dictionary)
ServletRequest(javax.servlet.ServletRequest)
ServletResponse(javax.servlet.ServletResponse)
Hashtable(java.util.Hashtable)
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
Test(org.junit.Test)
Example 14 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class SecurityFilterChainTest method testAddFiltersAfterDo.
/**
* Tests that an exception is thrown if more filters are attempted to be added after the filter
* has been run.
*
* @throws IOException
* @throws ServletException
*/
@Test(expected = IllegalStateException.class)
public void testAddFiltersAfterDo() throws IOException, AuthenticationException {
SecurityFilterChain proxyChain = new SecurityFilterChain();
SecurityFilter filter2 = mock(SecurityFilter.class);
SecurityFilter filter3 = mock(SecurityFilter.class);
proxyChain.doFilter(mock(ServletRequest.class), mock(ServletResponse.class));
proxyChain.addSecurityFilter(filter2);
proxyChain.addSecurityFilter(filter3);
}
Also used :
ServletRequest(javax.servlet.ServletRequest)
ServletResponse(javax.servlet.ServletResponse)
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
Test(org.junit.Test)
Example 15 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class AssertionConsumerServiceTest method testGetLoginFilter.
@Test
public void testGetLoginFilter() throws Exception {
SecurityFilter filter = assertionConsumerService.getLoginFilter();
assertThat("Returned login filter was not the same as the one set", filter, equalTo(loginFilter));
}
Also used :
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
Test(org.junit.Test)
Aggregations
SecurityFilter (org.codice.ddf.platform.filter.SecurityFilter)15
ServletRequest (javax.servlet.ServletRequest)11
ServletResponse (javax.servlet.ServletResponse)11
Test (org.junit.Test)11
Hashtable (java.util.Hashtable)7
Dictionary (java.util.Dictionary)4
SecurityFilterChain (org.codice.ddf.platform.filter.SecurityFilterChain)4
InOrder (org.mockito.InOrder)3
ServletContext (javax.servlet.ServletContext)2
HttpSession (javax.servlet.http.HttpSession)2
Request (org.eclipse.jetty.server.Request)2
MockServiceReference (org.springframework.osgi.mock.MockServiceReference)2
Subject (ddf.security.Subject)1
IOException (java.io.IOException)1
AuthenticationChallengeException (org.codice.ddf.platform.filter.AuthenticationChallengeException)1
AuthenticationException (org.codice.ddf.platform.filter.AuthenticationException)1
ServerAuthException (org.eclipse.jetty.security.ServerAuthException)1
Authentication (org.eclipse.jetty.server.Authentication)1
UserIdentity (org.eclipse.jetty.server.UserIdentity)1
BundleContext (org.osgi.framework.BundleContext)1
