Example 6 with AssertionImpl
use of org.jasig.cas.client.validation.AssertionImpl in project spring-security by spring-projects.
the class CasAuthenticationProviderTests method invalidKeyIsDetected.
@Test(expected = BadCredentialsException.class)
public void invalidKeyIsDetected() throws Exception {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationProvider cap = new CasAuthenticationProvider();
cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator());
cap.setKey("qwerty");
StatelessTicketCache cache = new MockStatelessTicketCache();
cap.setStatelessTicketCache(cache);
cap.setTicketValidator(new MockTicketValidator(true));
cap.setServiceProperties(makeServiceProperties());
cap.afterPropertiesSet();
CasAuthenticationToken token = new CasAuthenticationToken("WRONG_KEY", makeUserDetails(), "credentials", AuthorityUtils.createAuthorityList("XX"), makeUserDetails(), assertion);
cap.authenticate(token);
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
Assertion(org.jasig.cas.client.validation.Assertion)
Example 7 with AssertionImpl
use of org.jasig.cas.client.validation.AssertionImpl in project spring-security by spring-projects.
the class CasAuthenticationProviderTests method authenticateAllAuthenticationIsSuccessful.
@Test
public void authenticateAllAuthenticationIsSuccessful() throws Exception {
String serviceUrl = "https://service/context";
ServiceAuthenticationDetails details = mock(ServiceAuthenticationDetails.class);
when(details.getServiceUrl()).thenReturn(serviceUrl);
TicketValidator validator = mock(TicketValidator.class);
when(validator.validate(any(String.class), any(String.class))).thenReturn(new AssertionImpl("rod"));
ServiceProperties serviceProperties = makeServiceProperties();
serviceProperties.setAuthenticateAllArtifacts(true);
CasAuthenticationProvider cap = new CasAuthenticationProvider();
cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator());
cap.setKey("qwerty");
cap.setTicketValidator(validator);
cap.setServiceProperties(serviceProperties);
cap.afterPropertiesSet();
String ticket = "ST-456";
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER, ticket);
Authentication result = cap.authenticate(token);
verify(validator).validate(ticket, serviceProperties.getService());
serviceProperties.setAuthenticateAllArtifacts(true);
result = cap.authenticate(token);
verify(validator, times(2)).validate(ticket, serviceProperties.getService());
token.setDetails(details);
result = cap.authenticate(token);
verify(validator).validate(ticket, serviceUrl);
serviceProperties.setAuthenticateAllArtifacts(false);
serviceProperties.setService(null);
cap.setServiceProperties(serviceProperties);
cap.afterPropertiesSet();
result = cap.authenticate(token);
verify(validator, times(2)).validate(ticket, serviceUrl);
token.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
try {
cap.authenticate(token);
fail("Expected Exception");
} catch (IllegalStateException success) {
}
cap.setServiceProperties(null);
cap.afterPropertiesSet();
try {
cap.authenticate(token);
fail("Expected Exception");
} catch (IllegalStateException success) {
}
}
Also used :
ServiceAuthenticationDetails(org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails)
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
ServiceProperties(org.springframework.security.cas.ServiceProperties)
TicketValidator(org.jasig.cas.client.validation.TicketValidator)
Authentication(org.springframework.security.core.Authentication)
WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 8 with AssertionImpl
use of org.jasig.cas.client.validation.AssertionImpl in project cas by apereo.
the class ECPProfileHandlerController method buildEcpCasAssertion.
/**
* Build ecp cas assertion assertion.
*
* @param authentication the authentication
* @param registeredService the registered service
* @return the assertion
*/
protected Assertion buildEcpCasAssertion(final Authentication authentication, final RegisteredService registeredService) {
final Map attributes = registeredService.getAttributeReleasePolicy().getAttributes(authentication.getPrincipal(), registeredService);
final AttributePrincipal principal = new AttributePrincipalImpl(authentication.getPrincipal().getId(), attributes);
return new AssertionImpl(principal, DateTimeUtils.dateOf(authentication.getAuthenticationDate()), null, DateTimeUtils.dateOf(authentication.getAuthenticationDate()), authentication.getAttributes());
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
Map(java.util.Map)
AttributePrincipal(org.jasig.cas.client.authentication.AttributePrincipal)
AttributePrincipalImpl(org.jasig.cas.client.authentication.AttributePrincipalImpl)
Example 9 with AssertionImpl
use of org.jasig.cas.client.validation.AssertionImpl in project spring-security by spring-projects.
the class AbstractStatelessTicketCacheTests method getToken.
protected CasAuthenticationToken getToken() {
List<String> proxyList = new ArrayList<String>();
proxyList.add("https://localhost/newPortal/login/cas");
User user = new User("rod", "password", true, true, true, true, AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
final Assertion assertion = new AssertionImpl("rod");
return new CasAuthenticationToken("key", user, "ST-0-ER94xMJmn6pha35CQRoZ", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), user, assertion);
}
Also used :
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
User(org.springframework.security.core.userdetails.User)
CasAuthenticationToken(org.springframework.security.cas.authentication.CasAuthenticationToken)
ArrayList(java.util.ArrayList)
Assertion(org.jasig.cas.client.validation.Assertion)
Example 10 with AssertionImpl
use of org.jasig.cas.client.validation.AssertionImpl in project spring-security by spring-projects.
the class CasAuthenticationProviderTests method authenticateAllNullService.
@Test
public void authenticateAllNullService() throws Exception {
String serviceUrl = "https://service/context";
ServiceAuthenticationDetails details = mock(ServiceAuthenticationDetails.class);
when(details.getServiceUrl()).thenReturn(serviceUrl);
TicketValidator validator = mock(TicketValidator.class);
when(validator.validate(any(String.class), any(String.class))).thenReturn(new AssertionImpl("rod"));
ServiceProperties serviceProperties = makeServiceProperties();
serviceProperties.setAuthenticateAllArtifacts(true);
CasAuthenticationProvider cap = new CasAuthenticationProvider();
cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator());
cap.setKey("qwerty");
cap.setTicketValidator(validator);
cap.setServiceProperties(serviceProperties);
cap.afterPropertiesSet();
String ticket = "ST-456";
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER, ticket);
Authentication result = cap.authenticate(token);
}
Also used :
ServiceAuthenticationDetails(org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails)
AssertionImpl(org.jasig.cas.client.validation.AssertionImpl)
ServiceProperties(org.springframework.security.cas.ServiceProperties)
TicketValidator(org.jasig.cas.client.validation.TicketValidator)
Authentication(org.springframework.security.core.Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Aggregations
AssertionImpl (org.jasig.cas.client.validation.AssertionImpl)15
Assertion (org.jasig.cas.client.validation.Assertion)12
Test (org.junit.Test)9
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)3
AttributePrincipalImpl (org.jasig.cas.client.authentication.AttributePrincipalImpl)2
TicketValidator (org.jasig.cas.client.validation.TicketValidator)2
ServiceProperties (org.springframework.security.cas.ServiceProperties)2
CasAuthenticationToken (org.springframework.security.cas.authentication.CasAuthenticationToken)2
ServiceAuthenticationDetails (org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails)2
Authentication (org.springframework.security.core.Authentication)2
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)2
User (org.springframework.security.core.userdetails.User)2
ArrayList (java.util.ArrayList)1
Map (java.util.Map)1
AttributePrincipal (org.jasig.cas.client.authentication.AttributePrincipal)1
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1
WebAuthenticationDetails (org.springframework.security.web.authentication.WebAuthenticationDetails)1
