Examples with HandlerResult org.codice.ddf.security.handler.api.HandlerResult used on opensource projects

Search in sources :

Example 6 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class SAMLAssertionHandlerTest method testGetNormalizedTokenFromSession.

@Test
public void testGetNormalizedTokenFromSession() throws Exception {
    SAMLAssertionHandler handler = new SAMLAssertionHandler();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    when(request.getCookies()).thenReturn(null);
    HttpSession session = mock(HttpSession.class);
    when(request.getSession(false)).thenReturn(session);
    when(request.getAttribute(ContextPolicy.ACTIVE_REALM)).thenReturn("foo");
    SecurityTokenHolder tokenHolder = mock(SecurityTokenHolder.class);
    when(session.getAttribute(SecurityConstants.SAML_ASSERTION)).thenReturn(tokenHolder);
    SecurityToken securityToken = mock(SecurityToken.class);
    when(tokenHolder.getSecurityToken("foo")).thenReturn(securityToken);
    when(securityToken.getToken()).thenReturn(readDocument("/saml.xml").getDocumentElement());
    HandlerResult result = handler.getNormalizedToken(request, response, chain, true);
    assertNotNull(result);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SecurityTokenHolder(ddf.security.common.SecurityTokenHolder) HttpSession(javax.servlet.http.HttpSession) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) Test(org.junit.Test)

Example 7 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class SAMLAssertionHandlerTest method testGetNormalizedTokenSuccessWithCookie.

/**
     * This test ensures the proper functionality of SAMLAssertionHandler's
     * method, getNormalizedToken(), when given a valid HttpServletRequest.
     * Uses legacy SAML cookie
     */
@Test
public void testGetNormalizedTokenSuccessWithCookie() throws Exception {
    SAMLAssertionHandler handler = new SAMLAssertionHandler();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    Element assertion = readDocument("/saml.xml").getDocumentElement();
    String assertionId = assertion.getAttributeNodeNS(null, "ID").getNodeValue();
    SecurityToken samlToken = new SecurityToken(assertionId, assertion, null);
    SamlAssertionWrapper wrappedAssertion = new SamlAssertionWrapper(samlToken.getToken());
    String saml = wrappedAssertion.assertionToString();
    Cookie cookie = new Cookie(SecurityConstants.SAML_COOKIE_NAME, RestSecurity.deflateAndBase64Encode(saml));
    when(request.getCookies()).thenReturn(new Cookie[] { cookie });
    HandlerResult result = handler.getNormalizedToken(request, response, chain, true);
    assertNotNull(result);
    assertEquals(HandlerResult.Status.COMPLETED, result.getStatus());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Cookie(javax.servlet.http.Cookie) FilterChain(javax.servlet.FilterChain) Element(org.w3c.dom.Element) HttpServletResponse(javax.servlet.http.HttpServletResponse) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) Test(org.junit.Test)

Example 8 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class SAMLAssertionHandlerTest method testGetNormalizedTokenFailureWithHeader.

/**
     * This test ensures the proper functionality of SAMLAssertionHandler's
     * method, getNormalizedToken(), when given an invalid HttpServletRequest.
     */
@Test
public void testGetNormalizedTokenFailureWithHeader() {
    SAMLAssertionHandler handler = new SAMLAssertionHandler();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    doReturn(null).when(request).getHeader(SecurityConstants.SAML_HEADER_NAME);
    HandlerResult result = handler.getNormalizedToken(request, response, chain, true);
    assertNotNull(result);
    assertEquals(HandlerResult.Status.NO_ACTION, result.getStatus());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) Test(org.junit.Test)

Example 9 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class IdpHandlerTest method testGetNormalizedTokenNoRedirect.

@Test
public void testGetNormalizedTokenNoRedirect() throws Exception {
    when(httpRequest.getHeader("User-Agent")).thenReturn(BROWSER_USER_AGENT);
    when(httpResponse.getWriter()).thenReturn(mock(PrintWriter.class));
    idpMetadata.setMetadata(metadata.replace("HTTP-Redirect", "HTTP-POST"));
    HandlerResult handlerResult = idpHandler.getNormalizedToken(httpRequest, httpResponse, null, false);
    assertThat("Expected a non null handlerRequest", handlerResult, is(notNullValue(HandlerResult.class)));
    assertThat(handlerResult.getStatus(), equalTo(HandlerResult.Status.REDIRECTED));
}
Also used : HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) PrintWriter(java.io.PrintWriter) Test(org.junit.Test)

Example 10 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class IdpHandlerTest method testHandleError.

@Test
public void testHandleError() throws Exception {
    when(httpRequest.getHeader("User-Agent")).thenReturn(BROWSER_USER_AGENT);
    HandlerResult handlerResult = idpHandler.handleError(httpRequest, httpResponse, null);
    assertThat("Expected a non null handlerRequest", handlerResult, is(notNullValue(HandlerResult.class)));
    assertThat(handlerResult.getStatus(), equalTo(HandlerResult.Status.NO_ACTION));
}
Also used : HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) Test(org.junit.Test)

Aggregations

HandlerResult (org.codice.ddf.security.handler.api.HandlerResult)51 HttpServletRequest (javax.servlet.http.HttpServletRequest)33 HttpServletResponse (javax.servlet.http.HttpServletResponse)33 Test (org.junit.Test)33 FilterChain (javax.servlet.FilterChain)24 ServletException (javax.servlet.ServletException)10 IOException (java.io.IOException)8 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)8 ProxyFilterChain (org.codice.ddf.security.handler.cas.filter.ProxyFilterChain)6 Element (org.w3c.dom.Element)6 BaseAuthenticationToken (org.codice.ddf.security.handler.api.BaseAuthenticationToken)5 SAMLAuthenticationToken (org.codice.ddf.security.handler.api.SAMLAuthenticationToken)5 ServletRequest (javax.servlet.ServletRequest)4 ServletResponse (javax.servlet.ServletResponse)4 HttpSession (javax.servlet.http.HttpSession)4 AuthenticationHandler (org.codice.ddf.security.handler.api.AuthenticationHandler)4 Subject (ddf.security.Subject)3 SecurityTokenHolder (ddf.security.common.SecurityTokenHolder)3 SecurityManager (ddf.security.service.SecurityManager)3 FilterConfig (javax.servlet.FilterConfig)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial