Example 31 with AuthenticationManager
use of org.springframework.security.authentication.AuthenticationManager in project spring-security by spring-projects.
the class WebSpherePreAuthenticatedProcessingFilterTests method principalsAndCredentialsAreExtractedCorrectly.
@Test
public void principalsAndCredentialsAreExtractedCorrectly() throws Exception {
new WebSpherePreAuthenticatedProcessingFilter();
WASUsernameAndGroupsExtractor helper = mock(WASUsernameAndGroupsExtractor.class);
when(helper.getCurrentUserName()).thenReturn("jerry");
WebSpherePreAuthenticatedProcessingFilter filter = new WebSpherePreAuthenticatedProcessingFilter(helper);
assertThat(filter.getPreAuthenticatedPrincipal(new MockHttpServletRequest())).isEqualTo("jerry");
assertThat(filter.getPreAuthenticatedCredentials(new MockHttpServletRequest())).isEqualTo("N/A");
AuthenticationManager am = mock(AuthenticationManager.class);
when(am.authenticate(any(Authentication.class))).thenAnswer(new Answer<Authentication>() {
public Authentication answer(InvocationOnMock invocation) throws Throwable {
return (Authentication) invocation.getArguments()[0];
}
});
filter.setAuthenticationManager(am);
WebSpherePreAuthenticatedWebAuthenticationDetailsSource ads = new WebSpherePreAuthenticatedWebAuthenticationDetailsSource(helper);
ads.setWebSphereGroups2GrantedAuthoritiesMapper(new SimpleAttributes2GrantedAuthoritiesMapper());
filter.setAuthenticationDetailsSource(ads);
filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), mock(FilterChain.class));
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
SimpleAttributes2GrantedAuthoritiesMapper(org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.springframework.security.core.Authentication)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
FilterChain(javax.servlet.FilterChain)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Example 32 with AuthenticationManager
use of org.springframework.security.authentication.AuthenticationManager in project spring-security by spring-projects.
the class RequestAttributeAuthenticationFilterTests method createAuthenticationManager.
/**
* Create an authentication manager which returns the passed in object.
*/
private AuthenticationManager createAuthenticationManager() {
AuthenticationManager am = mock(AuthenticationManager.class);
when(am.authenticate(any(Authentication.class))).thenAnswer(new Answer<Authentication>() {
public Authentication answer(InvocationOnMock invocation) throws Throwable {
return (Authentication) invocation.getArguments()[0];
}
});
return am;
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
Authentication(org.springframework.security.core.Authentication)
InvocationOnMock(org.mockito.invocation.InvocationOnMock)
Example 33 with AuthenticationManager
use of org.springframework.security.authentication.AuthenticationManager in project spring-security by spring-projects.
the class RememberMeAuthenticationFilterTests method onUnsuccessfulLoginIsCalledWhenProviderRejectsAuth.
@Test
public void onUnsuccessfulLoginIsCalledWhenProviderRejectsAuth() throws Exception {
final Authentication failedAuth = new TestingAuthenticationToken("failed", "");
AuthenticationManager am = mock(AuthenticationManager.class);
when(am.authenticate(any(Authentication.class))).thenThrow(new BadCredentialsException(""));
RememberMeAuthenticationFilter filter = new RememberMeAuthenticationFilter(am, new MockRememberMeServices(remembered)) {
protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) {
super.onUnsuccessfulAuthentication(request, response, failed);
SecurityContextHolder.getContext().setAuthentication(failedAuth);
}
};
filter.setApplicationEventPublisher(mock(ApplicationEventPublisher.class));
filter.afterPropertiesSet();
MockHttpServletRequest request = new MockHttpServletRequest();
FilterChain fc = mock(FilterChain.class);
request.setRequestURI("x");
filter.doFilter(request, new MockHttpServletResponse(), fc);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(failedAuth);
verify(fc).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
}
Also used :
AuthenticationException(org.springframework.security.core.AuthenticationException)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(javax.servlet.FilterChain)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Authentication(org.springframework.security.core.Authentication)
ApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Example 34 with AuthenticationManager
use of org.springframework.security.authentication.AuthenticationManager in project spring-security-oauth by spring-projects.
the class ResourceServerSecurityConfigurer method configure.
@Override
public void configure(HttpSecurity http) throws Exception {
AuthenticationManager oauthAuthenticationManager = oauthAuthenticationManager(http);
resourcesServerFilter = new OAuth2AuthenticationProcessingFilter();
resourcesServerFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
resourcesServerFilter.setAuthenticationManager(oauthAuthenticationManager);
if (eventPublisher != null) {
resourcesServerFilter.setAuthenticationEventPublisher(eventPublisher);
}
if (tokenExtractor != null) {
resourcesServerFilter.setTokenExtractor(tokenExtractor);
}
resourcesServerFilter = postProcess(resourcesServerFilter);
resourcesServerFilter.setStateless(stateless);
// @formatter:off
http.authorizeRequests().expressionHandler(expressionHandler).and().addFilterBefore(resourcesServerFilter, AbstractPreAuthenticatedProcessingFilter.class).exceptionHandling().accessDeniedHandler(accessDeniedHandler).authenticationEntryPoint(authenticationEntryPoint);
// @formatter:on
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
OAuth2AuthenticationManager(org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager)
AbstractPreAuthenticatedProcessingFilter(org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter)
OAuth2AuthenticationProcessingFilter(org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter)
Example 35 with AuthenticationManager
use of org.springframework.security.authentication.AuthenticationManager in project spring-security-oauth by spring-projects.
the class ResourceOwnerPasswordTokenGranterTests method testAccountLocked.
@Test(expected = InvalidGrantException.class)
public void testAccountLocked() {
ResourceOwnerPasswordTokenGranter granter = new ResourceOwnerPasswordTokenGranter(new AuthenticationManager() {
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
throw new LockedException("test");
}
}, providerTokenServices, clientDetailsService, requestFactory);
granter.grant("password", tokenRequest);
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
LockedException(org.springframework.security.authentication.LockedException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
Test(org.junit.Test)
Aggregations
AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)45
Test (org.junit.Test)30
Authentication (org.springframework.security.core.Authentication)24
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)19
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)19
MockFilterChain (org.springframework.mock.web.MockFilterChain)11
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)11
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)10
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)8
FilterChain (javax.servlet.FilterChain)7
AuthenticationException (org.springframework.security.core.AuthenticationException)7
InvocationOnMock (org.mockito.invocation.InvocationOnMock)5
HttpServletRequest (javax.servlet.http.HttpServletRequest)4
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)4
Before (org.junit.Before)3
HttpServletResponse (javax.servlet.http.HttpServletResponse)2
MockServletContext (org.springframework.mock.web.MockServletContext)2
User (org.springframework.security.core.userdetails.User)2
UserDetails (org.springframework.security.core.userdetails.UserDetails)2
OAuth2AuthenticationProcessingFilter (org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter)2
