Examples with DefaultAuthentication org.craftercms.security.authentication.impl.DefaultAuthentication used on opensource projects

Example 6 with DefaultAuthentication

use of org.craftercms.security.authentication.impl.DefaultAuthentication in project engine by craftercms.

the class ConfigAwareUrlAccessRestrictionCheckingProcessorTest method testProcessRequest.

@Test(expected = AccessDeniedException.class)
public void testProcessRequest() throws Exception {
    RequestContext requestContext = RequestContext.getCurrent();
    RequestSecurityProcessorChain chain = mock(RequestSecurityProcessorChain.class);
    SecurityUtils.setAuthentication(requestContext.getRequest(), new DefaultAuthentication(ObjectId.get().toString(), new Profile()));
    processor.processRequest(requestContext, chain);
}

Example 7 with DefaultAuthentication

use of org.craftercms.security.authentication.impl.DefaultAuthentication in project profile by craftercms.

the class CurrentAuthenticationResolvingProcessorTest method testGetAuthentication.

@Test
public void testGetAuthentication() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    RequestContext context = new RequestContext(request, response, null);
    RequestSecurityProcessorChain chain = mock(RequestSecurityProcessorChain.class);
    Date profileLastModified = new Date();
    Cookie ticketCookie = new Cookie(SecurityUtils.TICKET_COOKIE_NAME, TICKET);
    Cookie profileLastModifiedCookie = new Cookie(SecurityUtils.PROFILE_LAST_MODIFIED_COOKIE_NAME, String.valueOf(profileLastModified.getTime()));
    request.setCookies(ticketCookie, profileLastModifiedCookie);
    Profile profile = new Profile();
    profile.setLastModified(profileLastModified);
    Authentication auth = new DefaultAuthentication(TICKET, profile);
    when(authenticationManager.getAuthentication(TICKET, false)).thenReturn(auth);
    processor.processRequest(context, chain);
    verify(chain).processRequest(context);
    Authentication newAuth = SecurityUtils.getAuthentication(request);
    assertNotNull(newAuth);
    assertEquals(auth.getTicket(), newAuth.getTicket());
    assertEquals(auth.getProfile().getLastModified(), newAuth.getProfile().getLastModified());
}

Example 8 with DefaultAuthentication

use of org.craftercms.security.authentication.impl.DefaultAuthentication in project profile by craftercms.

the class LogoutProcessorTest method testLogout.

@Test
public void testLogout() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest(LogoutProcessor.DEFAULT_LOGOUT_METHOD, LogoutProcessor.DEFAULT_LOGOUT_URL);
    MockHttpServletResponse response = new MockHttpServletResponse();
    RequestContext context = new RequestContext(request, response, null);
    RequestSecurityProcessorChain chain = mock(RequestSecurityProcessorChain.class);
    Profile profile = new Profile();
    profile.setUsername(USERNAME);
    Authentication auth = new DefaultAuthentication(new ObjectId().toString(), profile);
    SecurityUtils.setAuthentication(request, auth);
    processor.processRequest(context, chain);
    verify(chain, never()).processRequest(context);
    assertNull(SecurityUtils.getAuthentication(request));
    verify(logoutSuccessHandler).handle(context);
}

Example 9 with DefaultAuthentication

use of org.craftercms.security.authentication.impl.DefaultAuthentication in project profile by craftercms.

the class UrlAccessRestrictionCheckingProcessorTest method testAllowedAccess.

@Test
public void testAllowedAccess() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest("GET", URL);
    MockHttpServletResponse response = new MockHttpServletResponse();
    RequestContext context = new RequestContext(request, response, null);
    RequestSecurityProcessorChain chain = mock(RequestSecurityProcessorChain.class);
    Profile profile = new Profile();
    profile.setRoles(SetUtils.asSet(ADMIN_ROLE));
    SecurityUtils.setAuthentication(request, new DefaultAuthentication(new ObjectId().toString(), profile));
    processor.processRequest(context, chain);
    verify(chain).processRequest(context);
}

Example 10 with DefaultAuthentication

use of org.craftercms.security.authentication.impl.DefaultAuthentication in project profile by craftercms.

the class RefreshCurrentAuthenticationOnProfileUpdateAspect method refreshCurrentAuthentication.

@AfterReturning(value = "execution(* org.craftercms.profile.api.services.ProfileService.updateProfile(..)) || " + "execution(* org.craftercms.profile.api.services.ProfileService.verifyProfile(..)) || " + "execution(* org.craftercms.profile.api.services.ProfileService.enableProfile(..)) || " + "execution(* org.craftercms.profile.api.services.ProfileService.disableProfile(..)) || " + "execution(* org.craftercms.profile.api.services.ProfileService.addRoles(..)) || " + "execution(* org.craftercms.profile.api.services.ProfileService.removeRoles(..)) || " + "execution(* org.craftercms.profile.api.services.ProfileService.updateAttributes(..)) || " + "execution(* org.craftercms.profile.api.services.ProfileService.removeAttributes(..)) || " + "execution(* org.craftercms.profile.api.services.ProfileService.changePassword(..))", returning = "updatedProfile")
public void refreshCurrentAuthentication(Profile updatedProfile) {
    Authentication auth = SecurityUtils.getCurrentAuthentication();
    if (auth != null) {
        Profile profile = auth.getProfile();
        if (profile.equals(updatedProfile)) {
            String ticket = auth.getTicket();
            auth = new DefaultAuthentication(ticket, updatedProfile);
            // Put updated authentication in cache
            authenticationCache.putAuthentication(auth);
            // Update current authentication object
            SecurityUtils.setCurrentAuthentication(auth);
        }
    }
}