Examples with Authentication org.springframework.security.Authentication used on opensource projects

Search in sources :

Example 6 with Authentication

use of org.springframework.security.Authentication in project gocd by gocd.

the class BasicAuthenticationFilterTest method shouldConvey_itsBasicProcessingFilter.

@Test
public void shouldConvey_itsBasicProcessingFilter() throws IOException, ServletException {
    BasicAuthenticationFilter filter = new BasicAuthenticationFilter(localizer);
    final Boolean[] hadBasicMarkOnInsideAuthenticationManager = new Boolean[] { false };
    filter.setAuthenticationManager(new AuthenticationManager() {

        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            hadBasicMarkOnInsideAuthenticationManager[0] = BasicAuthenticationFilter.isProcessingBasicAuth();
            return new UsernamePasswordAuthenticationToken("school-principal", "u can be principal if you know this!");
        }
    });
    assertThat(BasicAuthenticationFilter.isProcessingBasicAuth(), is(false));
    MockHttpServletRequest httpRequest = new MockHttpServletRequest();
    httpRequest.addHeader("Authorization", "Basic " + Base64.getEncoder().encodeToString("loser:boozer".getBytes()));
    filter.doFilterHttp(httpRequest, new MockHttpServletResponse(), new FilterChain() {

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
        }
    });
    assertThat(BasicAuthenticationFilter.isProcessingBasicAuth(), is(false));
    assertThat(hadBasicMarkOnInsideAuthenticationManager[0], is(true));
}
Also used : ServletRequest(javax.servlet.ServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) ServletResponse(javax.servlet.ServletResponse) AuthenticationException(org.springframework.security.AuthenticationException) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(javax.servlet.FilterChain) UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) IOException(java.io.IOException) AuthenticationManager(org.springframework.security.AuthenticationManager) ServletException(javax.servlet.ServletException) Authentication(org.springframework.security.Authentication) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 7 with Authentication

use of org.springframework.security.Authentication in project gocd by gocd.

the class ReAuthenticationFilterTest method shouldReAuthenticateIfReAuthTimeIntervalHasElapsed.

@Test
public void shouldReAuthenticateIfReAuthTimeIntervalHasElapsed() throws IOException, ServletException {
    long currentTimeMillis = DateTimeUtils.currentTimeMillis();
    long minuteBack = DateTimeUtils.currentTimeMillis() - 60000;
    Authentication authentication = setupAuthentication(true);
    when(timeProvider.currentTimeMillis()).thenReturn(currentTimeMillis);
    when(systemEnvironment.isReAuthenticationEnabled()).thenReturn(true);
    when(systemEnvironment.getReAuthenticationTimeInterval()).thenReturn(55000L);
    when(session.getAttribute(LAST_REAUTHENICATION_CHECK_TIME)).thenReturn(minuteBack);
    filter.doFilterHttp(request, response, filterChain);
    verify(session).setAttribute(LAST_REAUTHENICATION_CHECK_TIME, currentTimeMillis);
    verify(filterChain).doFilter(request, response);
    verifyNoMoreInteractions(filterChain);
    assertFalse(authentication.isAuthenticated());
}
Also used : Authentication(org.springframework.security.Authentication) Test(org.junit.Test)

Example 8 with Authentication

use of org.springframework.security.Authentication in project gocd by gocd.

the class ReAuthenticationFilterTest method shouldContinueWithChainAndReturnForAuthenticatedSessionWithoutLastAuthenticationTimeStamp.

@Test
public void shouldContinueWithChainAndReturnForAuthenticatedSessionWithoutLastAuthenticationTimeStamp() throws IOException, ServletException {
    long currentTimeMillis = DateTimeUtils.currentTimeMillis();
    Authentication authentication = setupAuthentication(true);
    when(systemEnvironment.isReAuthenticationEnabled()).thenReturn(true);
    when(timeProvider.currentTimeMillis()).thenReturn(currentTimeMillis);
    filter.doFilterHttp(request, response, filterChain);
    verify(session).setAttribute(LAST_REAUTHENICATION_CHECK_TIME, currentTimeMillis);
    verify(filterChain).doFilter(request, response);
    verifyNoMoreInteractions(filterChain);
    assertTrue(authentication.isAuthenticated());
}
Also used : Authentication(org.springframework.security.Authentication) Test(org.junit.Test)

Example 9 with Authentication

use of org.springframework.security.Authentication in project gocd by gocd.

the class RemoveAdminPermissionFilterIntegrationTest method testShouldReAuthenticateOnlyOnceAfterConfigChange.

@Test
public void testShouldReAuthenticateOnlyOnceAfterConfigChange() throws IOException, ServletException {
    goConfigService.security().securityAuthConfigs().add(new SecurityAuthConfig("github", "cd.go.authorization.github"));
    goConfigService.security().addRole(new PluginRoleConfig("spacetiger", "github"));
    Authentication authentication = setupAuthentication();
    when(session.getAttribute(SECURITY_CONFIG_LAST_CHANGE)).thenReturn(0L).thenReturn(0L).thenReturn(100L);
    RemoveAdminPermissionFilter filter = new RemoveAdminPermissionFilter(goConfigService, timeProvider, pluginRoleService);
    filter.initialize();
    // good initial state
    assertThat(authentication.isAuthenticated(), is(true));
    filter.doFilterHttp(request, response, chain);
    pluginRoleService.invalidateRolesFor("cd.go.authorization.github");
    assertThat(authentication.isAuthenticated(), is(true));
    filter.doFilterHttp(request, response, chain);
    assertThat(authentication.isAuthenticated(), is(false));
    authentication.setAuthenticated(true);
    filter.doFilterHttp(request, response, chain);
    assertThat(authentication.isAuthenticated(), is(true));
}
Also used : Authentication(org.springframework.security.Authentication) Test(org.junit.Test)

Example 10 with Authentication

use of org.springframework.security.Authentication in project gocd by gocd.

the class RemoveAdminPermissionFilterIntegrationTest method testShouldReAuthenticateIffSecurityConfigChange.

@Test
public void testShouldReAuthenticateIffSecurityConfigChange() throws IOException, ServletException {
    Authentication authentication = setupAuthentication();
    when(session.getAttribute(RemoveAdminPermissionFilter.SECURITY_CONFIG_LAST_CHANGE)).thenReturn(0L).thenReturn(0L).thenReturn(100L);
    RemoveAdminPermissionFilter filter = new RemoveAdminPermissionFilter(goConfigService, timeProvider, pluginRoleService);
    filter.initialize();
    filter.doFilterHttp(request, response, chain);
    assertThat(authentication.isAuthenticated(), is(true));
    // This changes the security config
    turnOnSecurity("pavan");
    filter.doFilterHttp(request, response, chain);
    assertThat(authentication.isAuthenticated(), is(false));
    authentication.setAuthenticated(true);
    // This changes something else
    modifyArtifactRoot();
    filter.doFilterHttp(request, response, chain);
    assertThat(authentication.isAuthenticated(), is(true));
}
Also used : Authentication(org.springframework.security.Authentication) Test(org.junit.Test)

Aggregations

Authentication (org.springframework.security.Authentication)31 Test (org.junit.Test)16 UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)5 NullUser (com.thoughtworks.go.domain.NullUser)4 GrantedAuthority (org.springframework.security.GrantedAuthority)4 TestingAuthenticationToken (org.springframework.security.providers.TestingAuthenticationToken)4 User (com.thoughtworks.go.domain.User)3 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3 PreAuthenticatedAuthenticationToken (com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken)2 GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)2 Expectations (org.jmock.Expectations)2 AuthenticationException (org.springframework.security.AuthenticationException)2 User (org.springframework.security.userdetails.User)2 SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)1 User (com.thoughtworks.go.plugin.access.authentication.models.User)1 DefaultGoApiResponse (com.thoughtworks.go.plugin.api.response.DefaultGoApiResponse)1 Username (com.thoughtworks.go.server.domain.Username)1 HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)1 IOException (java.io.IOException)1 HashMap (java.util.HashMap)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial