Examples with LoginContext org.neo4j.internal.kernel.api.security.LoginContext used on opensource projects

Search in sources :

Example 1 with LoginContext

use of org.neo4j.internal.kernel.api.security.LoginContext in project neo4j by neo4j.

the class UserSecurityGraphComponentTest method shouldAuthenticate.

@ParameterizedTest
@MethodSource("supportedPreviousVersions")
void shouldAuthenticate(UserSecurityGraphComponentVersion version) throws Exception {
    initializeLatestSystem();
    initUserSecurityComponent(version);
    LoginContext loginContext = authManager.login(AuthToken.newBasicAuthToken("neo4j", "neo4j"), EMBEDDED_CONNECTION);
    Assertions.assertThat(loginContext.subject().getAuthenticationResult()).isEqualTo(AuthenticationResult.PASSWORD_CHANGE_REQUIRED);
}
Also used : LoginContext(org.neo4j.internal.kernel.api.security.LoginContext) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) MethodSource(org.junit.jupiter.params.provider.MethodSource)

Example 2 with LoginContext

use of org.neo4j.internal.kernel.api.security.LoginContext in project neo4j by neo4j.

the class BasicSystemGraphRealmTest method assertLoginGivesResult.

private void assertLoginGivesResult(String username, String password, AuthenticationResult expectedResult) throws InvalidAuthTokenException {
    LoginContext securityContext = realm.login(authToken(username, password), EMBEDDED_CONNECTION);
    assertThat(securityContext.subject().getAuthenticationResult()).isEqualTo(expectedResult);
}
Also used : LoginContext(org.neo4j.internal.kernel.api.security.LoginContext)

Example 3 with LoginContext

use of org.neo4j.internal.kernel.api.security.LoginContext in project neo4j by neo4j.

the class AuthProceduresIT method assertFail.

private void assertFail(LoginContext subject, String query, String partOfErrorMsg) {
    Consumer<ResourceIterator<Map<String, Object>>> resultConsumer = row -> {
        assert !row.hasNext();
    };
    try (Transaction tx = systemDb.beginTransaction(KernelTransaction.Type.IMPLICIT, subject)) {
        Result result = tx.execute(query);
        resultConsumer.accept(result);
        tx.commit();
        fail("Expected query to fail");
    } catch (Exception e) {
        assertThat(e.getMessage()).contains(partOfErrorMsg);
    }
}
Also used : Assertions.fail(org.junit.jupiter.api.Assertions.fail) BeforeEach(org.junit.jupiter.api.BeforeEach) Arrays(java.util.Arrays) ResourceIterator(org.neo4j.graphdb.ResourceIterator) MapUtil.map(org.neo4j.internal.helpers.collection.MapUtil.map) AuthToken.newBasicAuthToken(org.neo4j.kernel.api.security.AuthToken.newBasicAuthToken) Factory.deprecatedName(org.neo4j.graphdb.impl.notification.NotificationDetail.Factory.deprecatedName) GraphDatabaseSettings(org.neo4j.configuration.GraphDatabaseSettings) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) HashMap(java.util.HashMap) LoginContext(org.neo4j.internal.kernel.api.security.LoginContext) InvalidAuthTokenException(org.neo4j.kernel.api.security.exception.InvalidAuthTokenException) PASSWORD_CHANGE_REQUIRED(org.neo4j.internal.kernel.api.security.AuthenticationResult.PASSWORD_CHANGE_REQUIRED) SYSTEM_DATABASE_NAME(org.neo4j.configuration.GraphDatabaseSettings.SYSTEM_DATABASE_NAME) DEFAULT_DATABASE_NAME(org.neo4j.configuration.GraphDatabaseSettings.DEFAULT_DATABASE_NAME) TestDatabaseManagementServiceBuilder(org.neo4j.test.TestDatabaseManagementServiceBuilder) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) DEPRECATED_PROCEDURE(org.neo4j.graphdb.impl.notification.NotificationCode.DEPRECATED_PROCEDURE) Map(java.util.Map) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) Transaction(org.neo4j.graphdb.Transaction) SUCCESS(org.neo4j.internal.kernel.api.security.AuthenticationResult.SUCCESS) EMBEDDED_CONNECTION(org.neo4j.internal.kernel.api.connectioninfo.ClientConnectionInfo.EMBEDDED_CONNECTION) Iterator(java.util.Iterator) Result(org.neo4j.graphdb.Result) InputPosition(org.neo4j.graphdb.InputPosition) Collections.emptyList(java.util.Collections.emptyList) DatabaseManagementServiceBuilder(org.neo4j.dbms.api.DatabaseManagementServiceBuilder) Set(java.util.Set) Collectors(java.util.stream.Collectors) GraphDatabaseAPI(org.neo4j.kernel.internal.GraphDatabaseAPI) FAILURE(org.neo4j.internal.kernel.api.security.AuthenticationResult.FAILURE) Test(org.junit.jupiter.api.Test) Consumer(java.util.function.Consumer) AfterEach(org.junit.jupiter.api.AfterEach) List(java.util.List) Stream(java.util.stream.Stream) EphemeralFileSystemAbstraction(org.neo4j.io.fs.EphemeralFileSystemAbstraction) KernelTransaction(org.neo4j.kernel.api.KernelTransaction) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Notification(org.neo4j.graphdb.Notification) DatabaseManagementService(org.neo4j.dbms.api.DatabaseManagementService) BasicSystemGraphRealm(org.neo4j.server.security.systemgraph.BasicSystemGraphRealm) Transaction(org.neo4j.graphdb.Transaction) KernelTransaction(org.neo4j.kernel.api.KernelTransaction) ResourceIterator(org.neo4j.graphdb.ResourceIterator) InvalidAuthTokenException(org.neo4j.kernel.api.security.exception.InvalidAuthTokenException) Result(org.neo4j.graphdb.Result)

Example 4 with LoginContext

use of org.neo4j.internal.kernel.api.security.LoginContext in project neo4j by neo4j.

the class KernelTransactionsTest method shouldNotLeakTransactionOnSecurityContextFreezeFailure.

@Test
void shouldNotLeakTransactionOnSecurityContextFreezeFailure() throws Throwable {
    KernelTransactions kernelTransactions = newKernelTransactions();
    LoginContext loginContext = mock(LoginContext.class);
    when(loginContext.authorize(any(), any(), any())).thenThrow(new AuthorizationExpiredException("Freeze failed."));
    assertThatThrownBy(() -> kernelTransactions.newInstance(EXPLICIT, loginContext, EMBEDDED_CONNECTION, 0L)).isInstanceOf(AuthorizationExpiredException.class).hasMessage("Freeze failed.");
    assertThat(kernelTransactions.activeTransactions()).as("We should not have any transaction").isEmpty();
}
Also used : LoginContext(org.neo4j.internal.kernel.api.security.LoginContext) AuthorizationExpiredException(org.neo4j.graphdb.security.AuthorizationExpiredException) Test(org.junit.jupiter.api.Test)

Example 5 with LoginContext

use of org.neo4j.internal.kernel.api.security.LoginContext in project neo4j by neo4j.

the class AuthorizationDisabledFilter method doFilter.

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    validateRequestType(servletRequest);
    validateResponseType(servletResponse);
    final HttpServletRequest request = (HttpServletRequest) servletRequest;
    final HttpServletResponse response = (HttpServletResponse) servletResponse;
    try {
        ClientConnectionInfo connectionInfo = HttpConnectionInfoFactory.create(request);
        LoginContext loginContext = getAuthDisabledLoginContext(connectionInfo);
        String userAgent = request.getHeader(HttpHeaders.USER_AGENT);
        JettyHttpConnection.updateUserForCurrentConnection(loginContext.subject().username(), userAgent);
        filterChain.doFilter(new AuthorizedRequestWrapper(BASIC_AUTH, "neo4j", request, loginContext), servletResponse);
    } catch (AuthorizationViolationException e) {
        unauthorizedAccess(e.getMessage()).accept(response);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ClientConnectionInfo(org.neo4j.internal.kernel.api.connectioninfo.ClientConnectionInfo) LoginContext(org.neo4j.internal.kernel.api.security.LoginContext) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthorizationViolationException(org.neo4j.graphdb.security.AuthorizationViolationException)

Aggregations

LoginContext (org.neo4j.internal.kernel.api.security.LoginContext)10 Test (org.junit.jupiter.api.Test)5 Transaction (org.neo4j.graphdb.Transaction)3 List (java.util.List)2 Map (java.util.Map)2 Consumer (java.util.function.Consumer)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2 Assertions.assertEquals (org.junit.jupiter.api.Assertions.assertEquals)2 Assertions.assertTrue (org.junit.jupiter.api.Assertions.assertTrue)2 DEFAULT_DATABASE_NAME (org.neo4j.configuration.GraphDatabaseSettings.DEFAULT_DATABASE_NAME)2 DatabaseManagementService (org.neo4j.dbms.api.DatabaseManagementService)2 AuthorizationViolationException (org.neo4j.graphdb.security.AuthorizationViolationException)2 ArrayList (java.util.ArrayList)1 Arrays (java.util.Arrays)1 Collections (java.util.Collections)1 Collections.emptyList (java.util.Collections.emptyList)1 HashMap (java.util.HashMap)1 Iterator (java.util.Iterator)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial