use of org.neo4j.kernel.api.security.AuthSubject in project neo4j by neo4j.
the class TxStateTransactionDataViewTest method shouldAccessUsernameFromAuthSubject.
@Test
public void shouldAccessUsernameFromAuthSubject() {
AuthSubject authSubject = mock(AuthSubject.class);
when(authSubject.username()).thenReturn("Christof");
when(transaction.securityContext()).thenReturn(new SecurityContext.Frozen(authSubject, AccessMode.Static.FULL));
TxStateTransactionDataSnapshot transactionDataSnapshot = snapshot();
assertEquals("Christof", transactionDataSnapshot.username());
}
use of org.neo4j.kernel.api.security.AuthSubject in project neo4j by neo4j.
the class SecurityProceduresTest method setup.
@Before
public void setup() {
AuthSubject subject = mock(AuthSubject.class);
when(subject.username()).thenReturn("pearl");
EnterpriseSecurityContext ctx = mock(EnterpriseSecurityContext.class);
when(ctx.subject()).thenReturn(subject);
when(ctx.roles()).thenReturn(Collections.singleton("jammer"));
procedures = new SecurityProcedures();
procedures.securityContext = ctx;
procedures.userManager = mock(EnterpriseUserManager.class);
}
use of org.neo4j.kernel.api.security.AuthSubject in project neo4j by neo4j.
the class AuthorizationFilterTest method shouldAuthorizeWhenValidCredentialsSupplied.
@Test
public void shouldAuthorizeWhenValidCredentialsSupplied() throws Exception {
// Given
final AuthorizationEnabledFilter filter = new AuthorizationEnabledFilter(() -> authManager, logProvider);
String credentials = Base64.encodeBase64String("foo:bar".getBytes(StandardCharsets.UTF_8));
BasicSecurityContext securityContext = mock(BasicSecurityContext.class);
AuthSubject authSubject = mock(AuthSubject.class);
when(servletRequest.getMethod()).thenReturn("GET");
when(servletRequest.getContextPath()).thenReturn("/db/data");
when(servletRequest.getHeader(HttpHeaders.AUTHORIZATION)).thenReturn("BASIC " + credentials);
when(authManager.login(authToken("foo", "bar"))).thenReturn(securityContext);
when(securityContext.subject()).thenReturn(authSubject);
when(authSubject.getAuthenticationResult()).thenReturn(AuthenticationResult.SUCCESS);
// When
filter.doFilter(servletRequest, servletResponse, filterChain);
// Then
verify(filterChain).doFilter(eq(new AuthorizedRequestWrapper(BASIC_AUTH, "foo", servletRequest, AUTH_DISABLED)), same(servletResponse));
}
use of org.neo4j.kernel.api.security.AuthSubject in project neo4j by neo4j.
the class AuthorizationFilterTest method shouldNotAuthorizeWhenPasswordChangeRequired.
@Test
public void shouldNotAuthorizeWhenPasswordChangeRequired() throws Exception {
// Given
final AuthorizationEnabledFilter filter = new AuthorizationEnabledFilter(() -> authManager, logProvider);
String credentials = Base64.encodeBase64String("foo:bar".getBytes(StandardCharsets.UTF_8));
BasicSecurityContext securityContext = mock(BasicSecurityContext.class);
AuthSubject authSubject = mock(AuthSubject.class);
when(servletRequest.getMethod()).thenReturn("GET");
when(servletRequest.getContextPath()).thenReturn("/db/data");
when(servletRequest.getRequestURL()).thenReturn(new StringBuffer("http://bar.baz:7474/db/data/"));
when(servletRequest.getRequestURI()).thenReturn("/db/data/");
when(servletRequest.getHeader(HttpHeaders.AUTHORIZATION)).thenReturn("BASIC " + credentials);
when(authManager.login(authToken("foo", "bar"))).thenReturn(securityContext);
when(securityContext.subject()).thenReturn(authSubject);
when(authSubject.getAuthenticationResult()).thenReturn(AuthenticationResult.PASSWORD_CHANGE_REQUIRED);
// When
filter.doFilter(servletRequest, servletResponse, filterChain);
// Then
verifyNoMoreInteractions(filterChain);
verify(servletResponse).setStatus(403);
verify(servletResponse).addHeader(HttpHeaders.CONTENT_TYPE, "application/json; charset=UTF-8");
assertThat(outputStream.toString(StandardCharsets.UTF_8.name()), containsString("\"password_change\" : \"http://bar.baz:7474/user/foo/password\""));
assertThat(outputStream.toString(StandardCharsets.UTF_8.name()), containsString("\"code\" : \"Neo.ClientError.Security.Forbidden\""));
assertThat(outputStream.toString(StandardCharsets.UTF_8.name()), containsString("\"message\" : \"User is required to change their password.\""));
}
use of org.neo4j.kernel.api.security.AuthSubject in project neo4j by neo4j.
the class MultiRealmAuthManagerTest method shouldReturnTooManyAttemptsWhenThatIsAppropriate.
@Test
public void shouldReturnTooManyAttemptsWhenThatIsAppropriate() throws Throwable {
// Given
users.create(newUser("jake", "abc123", true));
manager.start();
setMockAuthenticationStrategyResult("jake", "wrong password", AuthenticationResult.TOO_MANY_ATTEMPTS);
// When
AuthSubject authSubject = manager.login(authToken("jake", "wrong password")).subject();
AuthenticationResult result = authSubject.getAuthenticationResult();
// Then
assertThat(result, equalTo(AuthenticationResult.TOO_MANY_ATTEMPTS));
logProvider.assertExactly(error("[%s]: failed to log in: too many failed attempts", "jake"));
}
Aggregations