Examples with ConfigAttribute org.springframework.security.access.ConfigAttribute used on opensource projects

Search in sources :

Example 31 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.

the class DefaultFilterInvocationSecurityMetadataSourceTests method lookupRequiringExactMatchWithAdditionalSlashesIsSuccessful.

@Test
public void lookupRequiringExactMatchWithAdditionalSlashesIsSuccessful() {
    createFids("/someAdminPage.html**", null);
    FilterInvocation fi = createFilterInvocation("/someAdminPage.html", null, "a=/test", null);
    Collection<ConfigAttribute> response = this.fids.getAttributes(fi);
    // see SEC-161 (it should truncate after ?
    assertThat(response);
// sign).isEqualTo(def)
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) FilterInvocation(org.springframework.security.web.FilterInvocation) Test(org.junit.Test)

Example 32 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security-oauth by spring-projects.

the class ClientScopeVoterTests method testAccessDeniedNoException.

@Test
public void testAccessDeniedNoException() {
    voter.setThrowException(false);
    client.setScope(Arrays.asList("none"));
    assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(authentication, null, Arrays.<ConfigAttribute>asList(new SecurityConfig("CLIENT_HAS_SCOPE"))));
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) Test(org.junit.Test)

Example 33 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security-oauth by spring-projects.

the class ScopeVoterTests method testAccessGrantedIfScopesPresent.

@Test
public void testAccessGrantedIfScopesPresent() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(oAuth2Authentication, null, Collections.<ConfigAttribute>singleton(new SecurityConfig("SCOPE_READ"))));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 34 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security-oauth by spring-projects.

the class ScopeVoterTests method testAccessGrantedIfScopesPresentWithPrefix.

@Test
public void testAccessGrantedIfScopesPresentWithPrefix() throws Exception {
    voter.setScopePrefix("scope=");
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(oAuth2Authentication, null, Collections.<ConfigAttribute>singleton(new SecurityConfig("scope=read"))));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 35 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security-oauth by spring-projects.

the class ScopeVoterTests method testExceptionThrownIfWrongScopesPresent.

@Test(expected = AccessDeniedException.class)
public void testExceptionThrownIfWrongScopesPresent() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(oAuth2Authentication, null, Collections.<ConfigAttribute>singleton(new SecurityConfig("SCOPE_WRITE"))));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Aggregations

ConfigAttribute (org.springframework.security.access.ConfigAttribute)88 Test (org.junit.Test)54 SecurityConfig (org.springframework.security.access.SecurityConfig)21 FilterInvocation (org.springframework.security.web.FilterInvocation)15 AccessDeniedException (org.springframework.security.access.AccessDeniedException)13 MockMethodInvocation (org.springframework.security.access.intercept.method.MockMethodInvocation)12 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)10 ArrayList (java.util.ArrayList)9 LinkedHashMap (java.util.LinkedHashMap)8 Authentication (org.springframework.security.core.Authentication)8 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8 Collection (java.util.Collection)6 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)6 Method (java.lang.reflect.Method)5 List (java.util.List)5 MethodInvocation (org.aopalliance.intercept.MethodInvocation)5 GrantedAuthority (org.springframework.security.core.GrantedAuthority)5 RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)5 AuthorizationFailureEvent (org.springframework.security.access.event.AuthorizationFailureEvent)4 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial