Examples with HandlerResult org.codice.ddf.security.handler.api.HandlerResult used on opensource projects

Example 21 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class PKIHandlerTest method testGetNormalizedTokenFailureNoCerts.

/**
     * This test ensures the proper functionality of PKIHandler's method,
     * getNormalizedToken(), when given an invalid HTTPServletRequest.
     */
@Test
public void testGetNormalizedTokenFailureNoCerts() throws ServletException, CertificateException {
    PKIHandler handler = getPKIHandlerWithMockedCrl("signature.properties", false);
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    when(request.getAttribute(("javax.servlet.request.X509Certificate"))).thenReturn(null);
    /**
         * Note that the getNormalizedToken() method for PKI handlers do not
         * use the resolve tag.
         */
    HandlerResult result = null;
    result = handler.getNormalizedToken(request, response, chain, true);
    assertThat(result, is(notNullValue()));
    assertThat(result.getStatus(), equalTo(HandlerResult.Status.NO_ACTION));
    verify(handler.crlChecker, never()).passesCrlCheck(getTestCerts());
}

Example 22 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class PKIHandlerTest method testGetNormalizedTokenSuccessNoCrlPkiNoResolveNoResponse.

/**
     * This test ensures the proper functionality of PKIHandler's method,
     * getNormalizedToken(), when given a valid HTTPServletRequest and resolve is set to false.
     */
@Test
public void testGetNormalizedTokenSuccessNoCrlPkiNoResolveNoResponse() throws java.security.cert.CertificateException, ServletException {
    PKIHandler handler = getPKIHandlerWithMockedCrl("signature.properties", true);
    HttpServletRequest request = mock(HttpServletRequest.class);
    when(request.getAttribute(("javax.servlet.request.X509Certificate"))).thenReturn(getTestCerts());
    /**
         * Note that the getNormalizedToken() method for PKI handlers do not
         * use the resolve tag.
         */
    HandlerResult result = null;
    result = handler.getNormalizedToken(request, null, null, false);
    assertThat(result, is(notNullValue()));
    assertThat(result.getStatus(), equalTo(HandlerResult.Status.COMPLETED));
    verify(handler.crlChecker).passesCrlCheck(getTestCerts());
}

Example 23 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class PKIHandlerTest method testNoActionWhenHttpResponseIsNull.

/**
     * Tests that the certificate gets through when CRL checking is enabled but
     * the cert is not listed in the CRL
     *
     * @throws java.security.cert.CertificateException
     * @throws ServletException
     */
@Test
public void testNoActionWhenHttpResponseIsNull() throws java.security.cert.CertificateException, ServletException {
    PKIHandler handler = getPKIHandlerWithMockedCrl("signature.properties", true);
    HttpServletResponse httpResponse = null;
    HttpServletRequest httpRequest = mock(HttpServletRequest.class);
    FilterChain chain = mock(FilterChain.class);
    HandlerResult result = handler.getNormalizedToken(httpRequest, httpResponse, chain, true);
    assertThat(result.getStatus(), equalTo(HandlerResult.Status.NO_ACTION));
    verify(handler.crlChecker, never()).passesCrlCheck(getTestCerts());
}

Example 24 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class SAMLAssertionHandler method handleError.

/**
     * If an error occured during the processing of the request, this method will get called. Since
     * SAML handling is typically processed first, then we can assume that there was an error with
     * the presented SAML assertion - either it was invalid, or the reference didn't match a
     * cached assertion, etc. In order not to get stuck in a processing loop, we will return a 401
     * status code.
     *
     * @param servletRequest  http servlet request
     * @param servletResponse http servlet response
     * @param chain           rest of the request chain to be invoked after security handling
     * @return result containing the potential credentials and status
     * @throws ServletException
     */
@Override
public HandlerResult handleError(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws ServletException {
    HandlerResult result = new HandlerResult();
    HttpServletRequest httpRequest = servletRequest instanceof HttpServletRequest ? (HttpServletRequest) servletRequest : null;
    HttpServletResponse httpResponse = servletResponse instanceof HttpServletResponse ? (HttpServletResponse) servletResponse : null;
    if (httpRequest == null || httpResponse == null) {
        return result;
    }
    LOGGER.debug("In error handler for saml - setting status code to 401 and returning status REDIRECTED.");
    // we tried to process an invalid or missing SAML assertion
    try {
        httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        httpResponse.flushBuffer();
    } catch (IOException e) {
        LOGGER.debug("Failed to send auth response", e);
    }
    result.setStatus(HandlerResult.Status.REDIRECTED);
    return result;
}

Example 25 with HandlerResult

use of org.codice.ddf.security.handler.api.HandlerResult in project ddf by codice.

the class CasHandler method handleError.

@Override
public HandlerResult handleError(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws ServletException {
    HandlerResult handlerResult;
    LOGGER.debug("handleError was called on the CasHandler, cannot do anything.");
    handlerResult = new HandlerResult(HandlerResult.Status.NO_ACTION, null);
    return handlerResult;
}