Examples with HandlerResult org.codice.ddf.security.handler.api.HandlerResult used on opensource projects

Example 51 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class LoginFilterTest method testValidUsernameToken.

@Test
public void testValidUsernameToken() throws IOException, XMLStreamException, ServletException, ParserConfigurationException, SAXException, SecurityServiceException {
    FilterConfig filterConfig = mock(FilterConfig.class);
    LoginFilter loginFilter = new LoginFilter();
    loginFilter.setSessionFactory(sessionFactory);
    ddf.security.service.SecurityManager securityManager = mock(ddf.security.service.SecurityManager.class);
    loginFilter.setSecurityManager(securityManager);
    loginFilter.init(filterConfig);
    HttpServletRequest servletRequest = mock(HttpServletRequest.class);
    HttpServletResponse servletResponse = mock(HttpServletResponse.class);
    FilterChain filterChain = mock(FilterChain.class);
    UPAuthenticationToken token = new UPAuthenticationToken("foo", "bar");
    HandlerResult result = new HandlerResult(HandlerResult.Status.COMPLETED, token);
    when(servletRequest.getAttribute("ddf.security.token")).thenReturn(result);
    HttpSession session = mock(HttpSession.class);
    when(servletRequest.getSession(true)).thenReturn(session);
    when(session.getAttribute(SecurityConstants.SAML_ASSERTION)).thenReturn(new SecurityTokenHolder());
    when(sessionFactory.getOrCreateSession(servletRequest)).thenReturn(session);
    Subject subject = mock(Subject.class, RETURNS_DEEP_STUBS);
    when(securityManager.getSubject(token)).thenReturn(subject);
    SecurityAssertion assertion = mock(SecurityAssertion.class);
    SecurityToken securityToken = mock(SecurityToken.class);
    when(assertion.getSecurityToken()).thenReturn(securityToken);
    when(subject.getPrincipals().asList()).thenReturn(Arrays.asList(assertion));
    when(securityToken.getToken()).thenReturn(readDocument("/good_saml.xml").getDocumentElement());
    loginFilter.doFilter(servletRequest, servletResponse, filterChain);
}

Example 52 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class CasHandlerTest method testPrincipalResolve.

/**
     * Tests that the handler properly returns a COMPLETED result if the assertion is in the
     * session and resolve is true.
     *
     * @throws ServletException
     * @throws IOException
     */
@Test
public void testPrincipalResolve() throws ServletException, IOException {
    CasHandler handler = createHandler();
    HandlerResult result = handler.getNormalizedToken(createServletRequest(true), mock(HttpServletResponse.class), new ProxyFilterChain(null), true);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
}

Example 53 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class CasHandlerTest method testCachedPrincipalResolve.

/**
     * Tests that the handler properly returns a COMPLETED result from having a cached session that
     * contains the CAS assertion.
     *
     * @throws ServletException
     * @throws IOException
     */
@Test
public void testCachedPrincipalResolve() throws ServletException, IOException {
    CasHandler handler = createHandler();
    HttpServletRequest servletRequest = createServletRequest(true);
    HttpSession session = servletRequest.getSession();
    HandlerResult result = handler.getNormalizedToken(servletRequest, mock(HttpServletResponse.class), new ProxyFilterChain(null), true);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
    // now check for caching sessions
    servletRequest = createServletRequest(false);
    when(servletRequest.getSession()).thenReturn(session);
    when(servletRequest.getSession(any(Boolean.class))).thenReturn(session);
    result = handler.getNormalizedToken(servletRequest, mock(HttpServletResponse.class), new ProxyFilterChain(null), true);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
}

Example 54 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class CasHandlerTest method testPrincipalNoResolve.

/**
     * Tests that the handler properly returns a COMPLETED result if the assertion is in the session.
     *
     * @throws ServletException
     */
@Test
public void testPrincipalNoResolve() throws ServletException {
    CasHandler handler = createHandler();
    HandlerResult result = handler.getNormalizedToken(createServletRequest(true), mock(HttpServletResponse.class), new ProxyFilterChain(null), false);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
}

Example 55 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class CasHandlerTest method testNoPrincipalResolve.

/**
     * Tests that the handler properly returns a REDIRECTED result if the assertion is not in the
     * session and resolve is true.
     *
     * @throws ServletException
     * @throws IOException
     */
@Test
public void testNoPrincipalResolve() throws ServletException, IOException {
    CasHandler handler = createHandler();
    Filter testFilter = mock(Filter.class);
    handler.setProxyFilter(new ProxyFilter(Arrays.asList(testFilter)));
    HandlerResult result = handler.getNormalizedToken(createServletRequest(false), mock(HttpServletResponse.class), new ProxyFilterChain(null), true);
    assertEquals(HandlerResult.Status.REDIRECTED, result.getStatus());
    // verify that the filter was called once
    verify(testFilter).doFilter(any(ServletRequest.class), any(ServletResponse.class), any(FilterChain.class));
}