Search in sources :

Example 6 with AssertionImpl

use of org.jasig.cas.client.validation.AssertionImpl in project spring-security by spring-projects.

the class CasAuthenticationProviderTests method invalidKeyIsDetected.

@Test(expected = BadCredentialsException.class)
public void invalidKeyIsDetected() throws Exception {
    final Assertion assertion = new AssertionImpl("test");
    CasAuthenticationProvider cap = new CasAuthenticationProvider();
    cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator());
    cap.setKey("qwerty");
    StatelessTicketCache cache = new MockStatelessTicketCache();
    cap.setStatelessTicketCache(cache);
    cap.setTicketValidator(new MockTicketValidator(true));
    cap.setServiceProperties(makeServiceProperties());
    cap.afterPropertiesSet();
    CasAuthenticationToken token = new CasAuthenticationToken("WRONG_KEY", makeUserDetails(), "credentials", AuthorityUtils.createAuthorityList("XX"), makeUserDetails(), assertion);
    cap.authenticate(token);
}
Also used : AssertionImpl(org.jasig.cas.client.validation.AssertionImpl) Assertion(org.jasig.cas.client.validation.Assertion)

Example 7 with AssertionImpl

use of org.jasig.cas.client.validation.AssertionImpl in project spring-security by spring-projects.

the class CasAuthenticationProviderTests method authenticateAllAuthenticationIsSuccessful.

@Test
public void authenticateAllAuthenticationIsSuccessful() throws Exception {
    String serviceUrl = "https://service/context";
    ServiceAuthenticationDetails details = mock(ServiceAuthenticationDetails.class);
    when(details.getServiceUrl()).thenReturn(serviceUrl);
    TicketValidator validator = mock(TicketValidator.class);
    when(validator.validate(any(String.class), any(String.class))).thenReturn(new AssertionImpl("rod"));
    ServiceProperties serviceProperties = makeServiceProperties();
    serviceProperties.setAuthenticateAllArtifacts(true);
    CasAuthenticationProvider cap = new CasAuthenticationProvider();
    cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator());
    cap.setKey("qwerty");
    cap.setTicketValidator(validator);
    cap.setServiceProperties(serviceProperties);
    cap.afterPropertiesSet();
    String ticket = "ST-456";
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER, ticket);
    Authentication result = cap.authenticate(token);
    verify(validator).validate(ticket, serviceProperties.getService());
    serviceProperties.setAuthenticateAllArtifacts(true);
    result = cap.authenticate(token);
    verify(validator, times(2)).validate(ticket, serviceProperties.getService());
    token.setDetails(details);
    result = cap.authenticate(token);
    verify(validator).validate(ticket, serviceUrl);
    serviceProperties.setAuthenticateAllArtifacts(false);
    serviceProperties.setService(null);
    cap.setServiceProperties(serviceProperties);
    cap.afterPropertiesSet();
    result = cap.authenticate(token);
    verify(validator, times(2)).validate(ticket, serviceUrl);
    token.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
    try {
        cap.authenticate(token);
        fail("Expected Exception");
    } catch (IllegalStateException success) {
    }
    cap.setServiceProperties(null);
    cap.afterPropertiesSet();
    try {
        cap.authenticate(token);
        fail("Expected Exception");
    } catch (IllegalStateException success) {
    }
}
Also used : ServiceAuthenticationDetails(org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails) AssertionImpl(org.jasig.cas.client.validation.AssertionImpl) ServiceProperties(org.springframework.security.cas.ServiceProperties) TicketValidator(org.jasig.cas.client.validation.TicketValidator) Authentication(org.springframework.security.core.Authentication) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)

Example 8 with AssertionImpl

use of org.jasig.cas.client.validation.AssertionImpl in project cas by apereo.

the class ECPProfileHandlerController method buildEcpCasAssertion.

/**
     * Build ecp cas assertion assertion.
     *
     * @param authentication    the authentication
     * @param registeredService the registered service
     * @return the assertion
     */
protected Assertion buildEcpCasAssertion(final Authentication authentication, final RegisteredService registeredService) {
    final Map attributes = registeredService.getAttributeReleasePolicy().getAttributes(authentication.getPrincipal(), registeredService);
    final AttributePrincipal principal = new AttributePrincipalImpl(authentication.getPrincipal().getId(), attributes);
    return new AssertionImpl(principal, DateTimeUtils.dateOf(authentication.getAuthenticationDate()), null, DateTimeUtils.dateOf(authentication.getAuthenticationDate()), authentication.getAttributes());
}
Also used : AssertionImpl(org.jasig.cas.client.validation.AssertionImpl) Map(java.util.Map) AttributePrincipal(org.jasig.cas.client.authentication.AttributePrincipal) AttributePrincipalImpl(org.jasig.cas.client.authentication.AttributePrincipalImpl)

Example 9 with AssertionImpl

use of org.jasig.cas.client.validation.AssertionImpl in project spring-security by spring-projects.

the class AbstractStatelessTicketCacheTests method getToken.

protected CasAuthenticationToken getToken() {
    List<String> proxyList = new ArrayList<String>();
    proxyList.add("https://localhost/newPortal/login/cas");
    User user = new User("rod", "password", true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
    final Assertion assertion = new AssertionImpl("rod");
    return new CasAuthenticationToken("key", user, "ST-0-ER94xMJmn6pha35CQRoZ", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), user, assertion);
}
Also used : AssertionImpl(org.jasig.cas.client.validation.AssertionImpl) User(org.springframework.security.core.userdetails.User) CasAuthenticationToken(org.springframework.security.cas.authentication.CasAuthenticationToken) ArrayList(java.util.ArrayList) Assertion(org.jasig.cas.client.validation.Assertion)

Example 10 with AssertionImpl

use of org.jasig.cas.client.validation.AssertionImpl in project spring-security by spring-projects.

the class CasAuthenticationProviderTests method authenticateAllNullService.

@Test
public void authenticateAllNullService() throws Exception {
    String serviceUrl = "https://service/context";
    ServiceAuthenticationDetails details = mock(ServiceAuthenticationDetails.class);
    when(details.getServiceUrl()).thenReturn(serviceUrl);
    TicketValidator validator = mock(TicketValidator.class);
    when(validator.validate(any(String.class), any(String.class))).thenReturn(new AssertionImpl("rod"));
    ServiceProperties serviceProperties = makeServiceProperties();
    serviceProperties.setAuthenticateAllArtifacts(true);
    CasAuthenticationProvider cap = new CasAuthenticationProvider();
    cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator());
    cap.setKey("qwerty");
    cap.setTicketValidator(validator);
    cap.setServiceProperties(serviceProperties);
    cap.afterPropertiesSet();
    String ticket = "ST-456";
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER, ticket);
    Authentication result = cap.authenticate(token);
}
Also used : ServiceAuthenticationDetails(org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails) AssertionImpl(org.jasig.cas.client.validation.AssertionImpl) ServiceProperties(org.springframework.security.cas.ServiceProperties) TicketValidator(org.jasig.cas.client.validation.TicketValidator) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)

Aggregations

AssertionImpl (org.jasig.cas.client.validation.AssertionImpl)15 Assertion (org.jasig.cas.client.validation.Assertion)12 Test (org.junit.Test)9 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)3 AttributePrincipalImpl (org.jasig.cas.client.authentication.AttributePrincipalImpl)2 TicketValidator (org.jasig.cas.client.validation.TicketValidator)2 ServiceProperties (org.springframework.security.cas.ServiceProperties)2 CasAuthenticationToken (org.springframework.security.cas.authentication.CasAuthenticationToken)2 ServiceAuthenticationDetails (org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails)2 Authentication (org.springframework.security.core.Authentication)2 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)2 User (org.springframework.security.core.userdetails.User)2 ArrayList (java.util.ArrayList)1 Map (java.util.Map)1 AttributePrincipal (org.jasig.cas.client.authentication.AttributePrincipal)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 WebAuthenticationDetails (org.springframework.security.web.authentication.WebAuthenticationDetails)1