Search in sources :

Example 56 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SpringCacheBasedAclCacheTests method cacheOperationsAclWithParent.

@SuppressWarnings("rawtypes")
@Test
public void cacheOperationsAclWithParent() throws Exception {
    Cache cache = getCache();
    Map realCache = (Map) cache.getNativeCache();
    Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
    auth.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(auth);
    ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(1));
    ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2));
    AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), new SimpleGrantedAuthority("ROLE_GENERAL"));
    AuditLogger auditLogger = new ConsoleAuditLogger();
    PermissionGrantingStrategy permissionGrantingStrategy = new DefaultPermissionGrantingStrategy(auditLogger);
    SpringCacheBasedAclCache myCache = new SpringCacheBasedAclCache(cache, permissionGrantingStrategy, aclAuthorizationStrategy);
    MutableAcl acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, auditLogger);
    MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, auditLogger);
    acl.setParent(parentAcl);
    assertThat(realCache).isEmpty();
    myCache.putInCache(acl);
    assertThat(4).isEqualTo(realCache.size());
    // Check we can get from cache the same objects we put in
    AclImpl aclFromCache = (AclImpl) myCache.getFromCache(Long.valueOf(1));
    assertThat(aclFromCache).isEqualTo(acl);
    // SEC-951 check transient fields are set on parent
    assertThat(FieldUtils.getFieldValue(aclFromCache.getParentAcl(), "aclAuthorizationStrategy")).isNotNull();
    assertThat(FieldUtils.getFieldValue(aclFromCache.getParentAcl(), "permissionGrantingStrategy")).isNotNull();
    assertThat(myCache.getFromCache(identity)).isEqualTo(acl);
    assertThat(FieldUtils.getFieldValue(aclFromCache, "aclAuthorizationStrategy")).isNotNull();
    AclImpl parentAclFromCache = (AclImpl) myCache.getFromCache(Long.valueOf(2));
    assertThat(parentAclFromCache).isEqualTo(parentAcl);
    assertThat(FieldUtils.getFieldValue(parentAclFromCache, "aclAuthorizationStrategy")).isNotNull();
    assertThat(myCache.getFromCache(identityParent)).isEqualTo(parentAcl);
}
Also used : TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) PermissionGrantingStrategy(org.springframework.security.acls.model.PermissionGrantingStrategy) ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity) Authentication(org.springframework.security.core.Authentication) MutableAcl(org.springframework.security.acls.model.MutableAcl) Map(java.util.Map) Cache(org.springframework.cache.Cache) Test(org.junit.Test)

Example 57 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SidTests method testPrincipalSidConstructorsRequiredFields.

// ~ Methods
// ========================================================================================================
@Test
public void testPrincipalSidConstructorsRequiredFields() throws Exception {
    // Check one String-argument constructor
    try {
        String string = null;
        new PrincipalSid(string);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        new PrincipalSid("");
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    new PrincipalSid("johndoe");
    // Check one Authentication-argument constructor
    try {
        Authentication authentication = null;
        new PrincipalSid(authentication);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        Authentication authentication = new TestingAuthenticationToken(null, "password");
        new PrincipalSid(authentication);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
    new PrincipalSid(authentication);
// throws no exception
}
Also used : Authentication(org.springframework.security.core.Authentication) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) Test(org.junit.Test)

Example 58 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SidTests method testPrincipalSidEquals.

@Test
public void testPrincipalSidEquals() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
    Sid principalSid = new PrincipalSid(authentication);
    assertThat(principalSid.equals(null)).isFalse();
    assertThat(principalSid.equals("DIFFERENT_TYPE_OBJECT")).isFalse();
    assertThat(principalSid.equals(principalSid)).isTrue();
    assertThat(principalSid.equals(new PrincipalSid(authentication))).isTrue();
    assertThat(principalSid.equals(new PrincipalSid(new TestingAuthenticationToken("johndoe", null)))).isTrue();
    assertThat(principalSid.equals(new PrincipalSid(new TestingAuthenticationToken("scott", null)))).isFalse();
    assertThat(principalSid.equals(new PrincipalSid("johndoe"))).isTrue();
    assertThat(principalSid.equals(new PrincipalSid("scott"))).isFalse();
}
Also used : Authentication(org.springframework.security.core.Authentication) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) Sid(org.springframework.security.acls.model.Sid) GrantedAuthoritySid(org.springframework.security.acls.domain.GrantedAuthoritySid) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) Test(org.junit.Test)

Example 59 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SidTests method testGetters.

@Test
public void testGetters() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
    PrincipalSid principalSid = new PrincipalSid(authentication);
    GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
    GrantedAuthoritySid gaSid = new GrantedAuthoritySid(ga);
    assertThat("johndoe".equals(principalSid.getPrincipal())).isTrue();
    assertThat("scott".equals(principalSid.getPrincipal())).isFalse();
    assertThat("ROLE_TEST".equals(gaSid.getGrantedAuthority())).isTrue();
    assertThat("ROLE_TEST2".equals(gaSid.getGrantedAuthority())).isFalse();
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthoritySid(org.springframework.security.acls.domain.GrantedAuthoritySid) Authentication(org.springframework.security.core.Authentication) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) Test(org.junit.Test)

Example 60 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SidTests method testPrincipalSidHashCode.

@Test
public void testPrincipalSidHashCode() throws Exception {
    Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
    Sid principalSid = new PrincipalSid(authentication);
    assertThat(principalSid.hashCode()).isEqualTo("johndoe".hashCode());
    assertThat(principalSid.hashCode()).isEqualTo(new PrincipalSid("johndoe").hashCode());
    assertThat(principalSid.hashCode()).isNotEqualTo(new PrincipalSid("scott").hashCode());
    assertThat(principalSid.hashCode()).isNotEqualTo(new PrincipalSid(new TestingAuthenticationToken("scott", "password")).hashCode());
}
Also used : Authentication(org.springframework.security.core.Authentication) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) Sid(org.springframework.security.acls.model.Sid) GrantedAuthoritySid(org.springframework.security.acls.domain.GrantedAuthoritySid) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) Test(org.junit.Test)

Aggregations

TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)183 Test (org.junit.Test)106 Authentication (org.springframework.security.core.Authentication)76 SecurityContext (org.springframework.security.core.context.SecurityContext)46 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)38 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)38 MifosUser (org.mifos.security.MifosUser)36 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)32 MifosUserBuilder (org.mifos.builders.MifosUserBuilder)28 Before (org.junit.Before)25 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)12 HttpServletResponse (javax.servlet.http.HttpServletResponse)10 ConfigAttribute (org.springframework.security.access.ConfigAttribute)10 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)9 MockFilterChain (org.springframework.mock.web.MockFilterChain)9 GrantedAuthority (org.springframework.security.core.GrantedAuthority)9 FilterChain (javax.servlet.FilterChain)8 MutableAcl (org.springframework.security.acls.model.MutableAcl)8 PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)7