Search in sources :

Example 46 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class UnanimousBasedTests method testOneDenyVoteTwoAbstainVotesDeniesAccess.

@Test
public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
    TestingAuthenticationToken auth = makeTestToken();
    UnanimousBased mgr = makeDecisionManager();
    List<ConfigAttribute> config = SecurityConfig.createList("ROLE_WE_DO_NOT_HAVE");
    try {
        mgr.decide(auth, new Object(), config);
        fail("Should have thrown AccessDeniedException");
    } catch (AccessDeniedException expected) {
    }
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) ConfigAttribute(org.springframework.security.access.ConfigAttribute) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 47 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class UnanimousBasedTests method testThreeAbstainVotesDeniesAccessWithDefault.

@Test
public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception {
    TestingAuthenticationToken auth = makeTestToken();
    UnanimousBased mgr = makeDecisionManager();
    // check default
    assertThat(!mgr.isAllowIfAllAbstainDecisions()).isTrue();
    List<ConfigAttribute> config = SecurityConfig.createList("IGNORED_BY_ALL");
    try {
        mgr.decide(auth, new Object(), config);
        fail("Should have thrown AccessDeniedException");
    } catch (AccessDeniedException expected) {
    }
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) ConfigAttribute(org.springframework.security.access.ConfigAttribute) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 48 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class UnanimousBasedTests method testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess.

@Test
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess() throws Exception {
    TestingAuthenticationToken auth = makeTestToken();
    UnanimousBased mgr = makeDecisionManager();
    List<ConfigAttribute> config = SecurityConfig.createList(new String[] { "ROLE_1", "DENY_FOR_SURE" });
    try {
        mgr.decide(auth, new Object(), config);
        fail("Should have thrown AccessDeniedException");
    } catch (AccessDeniedException expected) {
    }
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) ConfigAttribute(org.springframework.security.access.ConfigAttribute) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 49 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class AnonymousAuthenticationProviderTests method testIgnoresClassesItDoesNotSupport.

@Test
public void testIgnoresClassesItDoesNotSupport() throws Exception {
    AnonymousAuthenticationProvider aap = new AnonymousAuthenticationProvider("qwerty");
    TestingAuthenticationToken token = new TestingAuthenticationToken("user", "password", "ROLE_A");
    assertThat(aap.supports(TestingAuthenticationToken.class)).isFalse();
    // Try it anyway
    assertThat(aap.authenticate(token)).isNull();
}
Also used : TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) AnonymousAuthenticationProvider(org.springframework.security.authentication.AnonymousAuthenticationProvider)

Example 50 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class ConsensusBasedTests method testOneAffirmativeVoteTwoAbstainVotesGrantsAccess.

@Test
public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception {
    TestingAuthenticationToken auth = makeTestToken();
    ConsensusBased mgr = makeDecisionManager();
    mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_2"));
}
Also used : TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)

Aggregations

TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)183 Test (org.junit.Test)106 Authentication (org.springframework.security.core.Authentication)76 SecurityContext (org.springframework.security.core.context.SecurityContext)46 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)38 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)38 MifosUser (org.mifos.security.MifosUser)36 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)32 MifosUserBuilder (org.mifos.builders.MifosUserBuilder)28 Before (org.junit.Before)25 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)12 HttpServletResponse (javax.servlet.http.HttpServletResponse)10 ConfigAttribute (org.springframework.security.access.ConfigAttribute)10 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)9 MockFilterChain (org.springframework.mock.web.MockFilterChain)9 GrantedAuthority (org.springframework.security.core.GrantedAuthority)9 FilterChain (javax.servlet.FilterChain)8 MutableAcl (org.springframework.security.acls.model.MutableAcl)8 PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)7