Examples with TargetObject org.springframework.security.TargetObject used on opensource projects

Search in sources :

Example 1 with TargetObject

use of org.springframework.security.TargetObject in project spring-security by spring-projects.

the class ContextPropagatingRemoteInvocationTests method testNullContextHolderDoesNotCauseInvocationProblems.

@Test
public void testNullContextHolderDoesNotCauseInvocationProblems() throws Exception {
    // just to be explicit
    SecurityContextHolder.clearContext();
    ContextPropagatingRemoteInvocation remoteInvocation = getRemoteInvocation();
    // unnecessary, but for
    SecurityContextHolder.clearContext();
    // explicitness
    assertThat(remoteInvocation.invoke(new TargetObject())).isEqualTo("some_string Authentication empty");
}
Also used : TargetObject(org.springframework.security.TargetObject) Test(org.junit.Test)

Example 2 with TargetObject

use of org.springframework.security.TargetObject in project spring-security by spring-projects.

the class ContextPropagatingRemoteInvocationTests method testNormalOperation.

@Test
public void testNormalOperation() throws Exception {
    // Setup client-side context
    Authentication clientSideAuthentication = new UsernamePasswordAuthenticationToken("rod", "koala");
    SecurityContextHolder.getContext().setAuthentication(clientSideAuthentication);
    ContextPropagatingRemoteInvocation remoteInvocation = getRemoteInvocation();
    // Set to null, as ContextPropagatingRemoteInvocation already obtained
    // a copy and nulling is necessary to ensure the Context delivered by
    // ContextPropagatingRemoteInvocation is used on server-side
    SecurityContextHolder.clearContext();
    // The result from invoking the TargetObject should contain the
    // Authentication class delivered via the SecurityContextHolder
    assertThat(remoteInvocation.invoke(new TargetObject())).isEqualTo("some_string org.springframework.security.authentication.UsernamePasswordAuthenticationToken false");
}
Also used : Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) TargetObject(org.springframework.security.TargetObject) Test(org.junit.Test)

Example 3 with TargetObject

use of org.springframework.security.TargetObject in project spring-security by spring-projects.

the class AspectJMethodSecurityInterceptorTests method adapterHoldsCorrectData.

@Test
public void adapterHoldsCorrectData() throws Exception {
    TargetObject to = new TargetObject();
    Method m = ClassUtils.getMethodIfAvailable(TargetObject.class, "countLength", new Class[] { String.class });
    when(joinPoint.getTarget()).thenReturn(to);
    when(joinPoint.getArgs()).thenReturn(new Object[] { "Hi" });
    MethodInvocationAdapter mia = new MethodInvocationAdapter(joinPoint);
    assertThat(mia.getArguments()[0]).isEqualTo("Hi");
    assertThat(mia.getStaticPart()).isEqualTo(m);
    assertThat(mia.getMethod()).isEqualTo(m);
    assertThat(mia.getThis()).isSameAs(to);
}
Also used : Method(java.lang.reflect.Method) TargetObject(org.springframework.security.TargetObject) Test(org.junit.Test)

Example 4 with TargetObject

use of org.springframework.security.TargetObject in project spring-security by spring-projects.

the class MethodInvocationPrivilegeEvaluatorTests method allowsAccessUsingCreate.

@Test
public void allowsAccessUsingCreate() throws Exception {
    Object object = new TargetObject();
    final MethodInvocation mi = MethodInvocationUtils.create(object, "makeLowerCase", "foobar");
    MethodInvocationPrivilegeEvaluator mipe = new MethodInvocationPrivilegeEvaluator();
    when(mds.getAttributes(mi)).thenReturn(role);
    mipe.setSecurityInterceptor(interceptor);
    mipe.afterPropertiesSet();
    assertThat(mipe.isAllowed(mi, token)).isTrue();
}
Also used : MethodInvocationPrivilegeEvaluator(org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator) ITargetObject(org.springframework.security.ITargetObject) OtherTargetObject(org.springframework.security.OtherTargetObject) TargetObject(org.springframework.security.TargetObject) MethodInvocation(org.aopalliance.intercept.MethodInvocation) ITargetObject(org.springframework.security.ITargetObject) OtherTargetObject(org.springframework.security.OtherTargetObject) TargetObject(org.springframework.security.TargetObject) Test(org.junit.Test)

Example 5 with TargetObject

use of org.springframework.security.TargetObject in project spring-security by spring-projects.

the class MethodInvocationPrivilegeEvaluatorTests method declinesAccessUsingCreate.

@Test
public void declinesAccessUsingCreate() throws Exception {
    Object object = new TargetObject();
    final MethodInvocation mi = MethodInvocationUtils.create(object, "makeLowerCase", "foobar");
    MethodInvocationPrivilegeEvaluator mipe = new MethodInvocationPrivilegeEvaluator();
    mipe.setSecurityInterceptor(interceptor);
    when(mds.getAttributes(mi)).thenReturn(role);
    doThrow(new AccessDeniedException("rejected")).when(adm).decide(token, mi, role);
    assertThat(mipe.isAllowed(mi, token)).isFalse();
}
Also used : MethodInvocationPrivilegeEvaluator(org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator) AccessDeniedException(org.springframework.security.access.AccessDeniedException) ITargetObject(org.springframework.security.ITargetObject) OtherTargetObject(org.springframework.security.OtherTargetObject) TargetObject(org.springframework.security.TargetObject) MethodInvocation(org.aopalliance.intercept.MethodInvocation) ITargetObject(org.springframework.security.ITargetObject) OtherTargetObject(org.springframework.security.OtherTargetObject) TargetObject(org.springframework.security.TargetObject) Test(org.junit.Test)

Aggregations

TargetObject (org.springframework.security.TargetObject)9 Test (org.junit.Test)7 Method (java.lang.reflect.Method)4 MethodInvocation (org.aopalliance.intercept.MethodInvocation)3 ITargetObject (org.springframework.security.ITargetObject)3 OtherTargetObject (org.springframework.security.OtherTargetObject)2 MethodInvocationPrivilegeEvaluator (org.springframework.security.access.intercept.MethodInvocationPrivilegeEvaluator)2 MethodSecurityMetadataSource (org.springframework.security.access.method.MethodSecurityMetadataSource)2 ProxyFactory (org.springframework.aop.framework.ProxyFactory)1 AccessDeniedException (org.springframework.security.access.AccessDeniedException)1 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1 Authentication (org.springframework.security.core.Authentication)1 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial