Examples with Constraint org.eclipse.jetty.util.security.Constraint used on opensource projects

Search in sources :

Example 51 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class ConstraintTest method testBasic.

@Test
public void testBasic() throws Exception {
    List<ConstraintMapping> list = new ArrayList<>(_security.getConstraintMappings());
    Constraint constraint6 = new Constraint();
    constraint6.setAuthenticate(true);
    constraint6.setName("omit HEAD and GET");
    constraint6.setRoles(new String[] { "user" });
    ConstraintMapping mapping6 = new ConstraintMapping();
    mapping6.setPathSpec("/omit/*");
    mapping6.setConstraint(constraint6);
    //requests for every method except GET and HEAD must be in role "user"
    mapping6.setMethodOmissions(new String[] { "GET", "HEAD" });
    list.add(mapping6);
    Constraint constraint7 = new Constraint();
    constraint7.setAuthenticate(true);
    constraint7.setName("non-omitted GET");
    constraint7.setRoles(new String[] { "administrator" });
    ConstraintMapping mapping7 = new ConstraintMapping();
    mapping7.setPathSpec("/omit/*");
    mapping7.setConstraint(constraint7);
    //requests for GET must be in role "admin"
    mapping7.setMethod("GET");
    list.add(mapping7);
    Constraint constraint8 = new Constraint();
    constraint8.setAuthenticate(true);
    constraint8.setName("non specific");
    constraint8.setRoles(new String[] { "foo" });
    ConstraintMapping mapping8 = new ConstraintMapping();
    mapping8.setPathSpec("/omit/*");
    //requests for all methods must be in role "foo"
    mapping8.setConstraint(constraint8);
    list.add(mapping8);
    Set<String> knownRoles = new HashSet<>();
    knownRoles.add("user");
    knownRoles.add("administrator");
    knownRoles.add("foo");
    _security.setConstraintMappings(list, knownRoles);
    _security.setAuthenticator(new BasicAuthenticator());
    _server.start();
    String response;
    response = _connector.getResponse("GET /ctx/noauth/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    response = _connector.getResponse("GET /ctx/forbid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403 Forbidden"));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 401 Unauthorized"));
    Assert.assertThat(response, Matchers.containsString("WWW-Authenticate: basic realm=\"TestRealm\""));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("user:wrong") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 401 Unauthorized"));
    Assert.assertThat(response, Matchers.containsString("WWW-Authenticate: basic realm=\"TestRealm\""));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("user:password") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    // test admin
    response = _connector.getResponse("GET /ctx/admin/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 401 Unauthorized"));
    Assert.assertThat(response, Matchers.containsString("WWW-Authenticate: basic realm=\"TestRealm\""));
    response = _connector.getResponse("GET /ctx/admin/info HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("admin:wrong") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 401 Unauthorized"));
    Assert.assertThat(response, Matchers.containsString("WWW-Authenticate: basic realm=\"TestRealm\""));
    response = _connector.getResponse("GET /ctx/admin/info HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("user:password") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403 "));
    Assert.assertThat(response, Matchers.containsString("!role"));
    response = _connector.getResponse("GET /ctx/admin/info HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("admin:password") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    response = _connector.getResponse("GET /ctx/admin/relax/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    //check GET is in role administrator 
    response = _connector.getResponse("GET /ctx/omit/x HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("admin:password") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    //check POST is in role user
    response = _connector.getResponse("POST /ctx/omit/x HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("user2:password") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    //check POST can be in role foo too      
    response = _connector.getResponse("POST /ctx/omit/x HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("user3:password") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    //check HEAD cannot be in role user
    response = _connector.getResponse("HEAD /ctx/omit/x HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("user2:password") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403 "));
}
Also used : BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator) Constraint(org.eclipse.jetty.util.security.Constraint) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 52 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class DataConstraintsTest method testConfidentialWithNoRolesSetAndMethodRestriction.

@Test
public void testConfidentialWithNoRolesSetAndMethodRestriction() throws Exception {
    Constraint constraint0 = new Constraint();
    constraint0.setName("confid");
    constraint0.setDataConstraint(Constraint.DC_CONFIDENTIAL);
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/confid/*");
    mapping0.setMethod(HttpMethod.POST.asString());
    mapping0.setConstraint(constraint0);
    _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { mapping0 }));
    _server.start();
    String response;
    response = _connector.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connectorS.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connector.getResponses("POST /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 302 Found"));
    response = _connectorS.getResponses("POST /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
}
Also used : Constraint(org.eclipse.jetty.util.security.Constraint) Test(org.junit.Test)

Example 53 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class DataConstraintsTest method testConfidentialWithRolesSetAndMethodRestriction.

@Test
public void testConfidentialWithRolesSetAndMethodRestriction() throws Exception {
    Constraint constraint0 = new Constraint();
    constraint0.setRoles(new String[] { "admin" });
    constraint0.setName("confid");
    constraint0.setDataConstraint(Constraint.DC_CONFIDENTIAL);
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/confid/*");
    mapping0.setMethod(HttpMethod.POST.asString());
    mapping0.setConstraint(constraint0);
    _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { mapping0 }));
    _server.start();
    String response;
    response = _connector.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connectorS.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connector.getResponses("POST /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 302 Found"));
    response = _connectorS.getResponses("POST /ctx/confid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
}
Also used : Constraint(org.eclipse.jetty.util.security.Constraint) Test(org.junit.Test)

Example 54 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class DataConstraintsTest method testRestricted.

@Test
public void testRestricted() throws Exception {
    Constraint constraint0 = new Constraint();
    constraint0.setAuthenticate(true);
    constraint0.setRoles(new String[] { "admin" });
    constraint0.setName("restricted");
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/restricted/*");
    mapping0.setMethod("GET");
    mapping0.setConstraint(constraint0);
    _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { mapping0 }));
    DefaultIdentityService identityService = new DefaultIdentityService();
    _security.setLoginService(new CustomLoginService(identityService));
    _security.setIdentityService(identityService);
    _security.setAuthenticator(new BasicAuthenticator());
    _server.start();
    String response;
    response = _connector.getResponses("GET /ctx/restricted/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 401 Unauthorized"));
    response = _connectorS.getResponses("GET /ctx/restricted/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 401 Unauthorized"));
    response = _connector.getResponses("GET /ctx/restricted/info HTTP/1.0\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\n\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
    response = _connectorS.getResponses("GET /ctx/restricted/info HTTP/1.0\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\n\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 404 Not Found"));
}
Also used : BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator) Constraint(org.eclipse.jetty.util.security.Constraint) Test(org.junit.Test)

Example 55 with Constraint

use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.

the class DataConstraintsTest method testRestrictedWithoutAuthenticatorAndMethod.

@Test
public void testRestrictedWithoutAuthenticatorAndMethod() throws Exception {
    Constraint constraint0 = new Constraint();
    constraint0.setAuthenticate(true);
    constraint0.setRoles(new String[] { "admin" });
    constraint0.setName("restricted");
    ConstraintMapping mapping0 = new ConstraintMapping();
    mapping0.setPathSpec("/restricted/*");
    mapping0.setMethod("GET");
    mapping0.setConstraint(constraint0);
    _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { mapping0 }));
    _server.start();
    String response;
    response = _connector.getResponses("GET /ctx/restricted/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 403 Forbidden"));
    response = _connectorS.getResponses("GET /ctx/restricted/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 403 Forbidden"));
    response = _connector.getResponses("GET /ctx/restricted/info HTTP/1.0\r\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 403 Forbidden"));
    response = _connectorS.getResponses("GET /ctx/restricted/info HTTP/1.0\r\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("HTTP/1.1 403 Forbidden"));
}
Also used : Constraint(org.eclipse.jetty.util.security.Constraint) Test(org.junit.Test)

Aggregations

Constraint (org.eclipse.jetty.util.security.Constraint)78 ConstraintMapping (org.eclipse.jetty.security.ConstraintMapping)46 ConstraintSecurityHandler (org.eclipse.jetty.security.ConstraintSecurityHandler)34 BasicAuthenticator (org.eclipse.jetty.security.authentication.BasicAuthenticator)27 HashLoginService (org.eclipse.jetty.security.HashLoginService)20 Test (org.junit.Test)15 Server (org.eclipse.jetty.server.Server)13 ArrayList (java.util.ArrayList)9 WebAppContext (org.eclipse.jetty.webapp.WebAppContext)8 Password (org.eclipse.jetty.util.security.Password)7 HashSet (java.util.HashSet)6 File (java.io.File)5 IOException (java.io.IOException)5 ResourceHandler (org.eclipse.jetty.server.handler.ResourceHandler)5 LoginService (org.eclipse.jetty.security.LoginService)4 ServerConnector (org.eclipse.jetty.server.ServerConnector)4 ContextHandler (org.eclipse.jetty.server.handler.ContextHandler)4 HandlerList (org.eclipse.jetty.server.handler.HandlerList)4 ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)4 ServletHolder (org.eclipse.jetty.servlet.ServletHolder)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial