Search in sources :

Example 6 with RateLimitedAuthenticationStrategy

use of org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy in project neo4j by neo4j.

the class InternalFlatFileRealmTest method internalTestRealmWithUsers.

private InternalFlatFileRealm internalTestRealmWithUsers(List<String> existing, List<String> defaultAdmin) throws Throwable {
    UserRepository userRepository = new InMemoryUserRepository();
    UserRepository initialUserRepository = new InMemoryUserRepository();
    UserRepository adminUserRepository = new InMemoryUserRepository();
    RoleRepository roleRepository = new InMemoryRoleRepository();
    for (String user : existing) {
        userRepository.create(newUser(user, "123", false));
    }
    for (String user : defaultAdmin) {
        adminUserRepository.create(new User.Builder(user, Credential.INACCESSIBLE).build());
    }
    return new InternalFlatFileRealm(userRepository, roleRepository, new BasicPasswordPolicy(), new RateLimitedAuthenticationStrategy(Clocks.systemClock(), 3), new InternalFlatFileRealmIT.TestJobScheduler(), initialUserRepository, adminUserRepository);
}
Also used : RateLimitedAuthenticationStrategy(org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy) UserRepository(org.neo4j.server.security.auth.UserRepository) InMemoryUserRepository(org.neo4j.server.security.auth.InMemoryUserRepository) Matchers.anyString(org.mockito.Matchers.anyString) InMemoryUserRepository(org.neo4j.server.security.auth.InMemoryUserRepository) BasicPasswordPolicy(org.neo4j.server.security.auth.BasicPasswordPolicy)

Example 7 with RateLimitedAuthenticationStrategy

use of org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy in project neo4j by neo4j.

the class InternalFlatFileRealmTest method assertSetUsersAndRolesNTimes.

private void assertSetUsersAndRolesNTimes(boolean usersChanged, boolean rolesChanged, int nSetUsers, int nSetRoles) throws Throwable {
    final UserRepository userRepository = mock(UserRepository.class);
    final RoleRepository roleRepository = mock(RoleRepository.class);
    final UserRepository initialUserRepository = mock(UserRepository.class);
    final UserRepository defaultAdminRepository = mock(UserRepository.class);
    final PasswordPolicy passwordPolicy = new BasicPasswordPolicy();
    AuthenticationStrategy authenticationStrategy = new RateLimitedAuthenticationStrategy(Clocks.systemClock(), 3);
    InternalFlatFileRealmIT.TestJobScheduler jobScheduler = new InternalFlatFileRealmIT.TestJobScheduler();
    InternalFlatFileRealm realm = new InternalFlatFileRealm(userRepository, roleRepository, passwordPolicy, authenticationStrategy, jobScheduler, initialUserRepository, defaultAdminRepository);
    when(userRepository.getPersistedSnapshot()).thenReturn(new ListSnapshot<>(10L, Collections.emptyList(), usersChanged));
    when(userRepository.getUserByName(any())).thenReturn(new User.Builder().build());
    when(roleRepository.getPersistedSnapshot()).thenReturn(new ListSnapshot<>(10L, Collections.emptyList(), rolesChanged));
    when(roleRepository.getRoleByName(anyString())).thenReturn(new RoleRecord(""));
    realm.init();
    realm.start();
    jobScheduler.scheduledRunnable.run();
    verify(userRepository, times(nSetUsers)).setUsers(any());
    verify(roleRepository, times(nSetRoles)).setRoles(any());
}
Also used : RateLimitedAuthenticationStrategy(org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy) AuthenticationStrategy(org.neo4j.server.security.auth.AuthenticationStrategy) RateLimitedAuthenticationStrategy(org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy) UserRepository(org.neo4j.server.security.auth.UserRepository) InMemoryUserRepository(org.neo4j.server.security.auth.InMemoryUserRepository) PasswordPolicy(org.neo4j.kernel.api.security.PasswordPolicy) BasicPasswordPolicy(org.neo4j.server.security.auth.BasicPasswordPolicy) BasicPasswordPolicy(org.neo4j.server.security.auth.BasicPasswordPolicy)

Aggregations

BasicPasswordPolicy (org.neo4j.server.security.auth.BasicPasswordPolicy)7 RateLimitedAuthenticationStrategy (org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy)7 InMemoryUserRepository (org.neo4j.server.security.auth.InMemoryUserRepository)5 Before (org.junit.Before)4 UserRepository (org.neo4j.server.security.auth.UserRepository)4 PasswordPolicy (org.neo4j.kernel.api.security.PasswordPolicy)2 JobScheduler (org.neo4j.kernel.impl.util.JobScheduler)2 AuthenticationStrategy (org.neo4j.server.security.auth.AuthenticationStrategy)2 SecurityLog (org.neo4j.server.security.enterprise.log.SecurityLog)2 FakeTicker (com.google.common.testing.FakeTicker)1 File (java.io.File)1 Realm (org.apache.shiro.realm.Realm)1 Test (org.junit.Test)1 Matchers.anyString (org.mockito.Matchers.anyString)1 EphemeralFileSystemAbstraction (org.neo4j.graphdb.mockfs.EphemeralFileSystemAbstraction)1 InvalidArgumentsException (org.neo4j.kernel.api.exceptions.InvalidArgumentsException)1 Config (org.neo4j.kernel.configuration.Config)1 Log (org.neo4j.logging.Log)1 LogProvider (org.neo4j.logging.LogProvider)1 NullLogProvider (org.neo4j.logging.NullLogProvider)1