Example 11 with UPAuthenticationToken
use of org.codice.ddf.security.handler.api.UPAuthenticationToken in project ddf by codice.
the class LoginFilterTest method testValidUsernameToken.
@Test
public void testValidUsernameToken() throws IOException, XMLStreamException, ServletException, ParserConfigurationException, SAXException, SecurityServiceException {
FilterConfig filterConfig = mock(FilterConfig.class);
LoginFilter loginFilter = new LoginFilter();
loginFilter.setSessionFactory(sessionFactory);
ddf.security.service.SecurityManager securityManager = mock(ddf.security.service.SecurityManager.class);
loginFilter.setSecurityManager(securityManager);
loginFilter.init(filterConfig);
HttpServletRequest servletRequest = mock(HttpServletRequest.class);
HttpServletResponse servletResponse = mock(HttpServletResponse.class);
FilterChain filterChain = mock(FilterChain.class);
UPAuthenticationToken token = new UPAuthenticationToken("foo", "bar");
HandlerResult result = new HandlerResult(HandlerResult.Status.COMPLETED, token);
when(servletRequest.getAttribute("ddf.security.token")).thenReturn(result);
HttpSession session = mock(HttpSession.class);
when(servletRequest.getSession(true)).thenReturn(session);
when(session.getAttribute(SecurityConstants.SAML_ASSERTION)).thenReturn(new SecurityTokenHolder());
when(sessionFactory.getOrCreateSession(servletRequest)).thenReturn(session);
Subject subject = mock(Subject.class, RETURNS_DEEP_STUBS);
when(securityManager.getSubject(token)).thenReturn(subject);
SecurityAssertion assertion = mock(SecurityAssertion.class);
SecurityToken securityToken = mock(SecurityToken.class);
when(assertion.getSecurityToken()).thenReturn(securityToken);
when(subject.getPrincipals().asList()).thenReturn(Arrays.asList(assertion));
when(securityToken.getToken()).thenReturn(readDocument("/good_saml.xml").getDocumentElement());
loginFilter.doFilter(servletRequest, servletResponse, filterChain);
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
FilterChain(javax.servlet.FilterChain)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
HandlerResult(org.codice.ddf.security.handler.api.HandlerResult)
SecurityAssertion(ddf.security.assertion.SecurityAssertion)
Subject(ddf.security.Subject)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
SecurityTokenHolder(ddf.security.common.SecurityTokenHolder)
UPAuthenticationToken(org.codice.ddf.security.handler.api.UPAuthenticationToken)
FilterConfig(javax.servlet.FilterConfig)
SecurityManager(ddf.security.service.SecurityManager)
Test(org.junit.Test)
Aggregations
UPAuthenticationToken (org.codice.ddf.security.handler.api.UPAuthenticationToken)11
Subject (ddf.security.Subject)5
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)5
SecurityAssertion (ddf.security.assertion.SecurityAssertion)4
SecurityServiceException (ddf.security.service.SecurityServiceException)4
BinarySecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)3
BaseAuthenticationToken (org.codice.ddf.security.handler.api.BaseAuthenticationToken)3
SecurityTokenHolder (ddf.security.common.SecurityTokenHolder)2
SecurityManager (ddf.security.service.SecurityManager)2
HttpSession (javax.servlet.http.HttpSession)2
STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)2
AttributedString (org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)2
PasswordString (org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)2
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)2
HandlerResult (org.codice.ddf.security.handler.api.HandlerResult)2
Element (org.w3c.dom.Element)2
FtpUser (ddf.catalog.ftp.user.FtpUser)1
URI (java.net.URI)1
Principal (java.security.Principal)1
ArrayList (java.util.ArrayList)1
