Search in sources :

Example 71 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SecurityContextHolderAwareRequestWrapperTests method testRolePrefix.

@Test
public void testRolePrefix() {
    Authentication auth = new TestingAuthenticationToken("user", "koala", "ROLE_HELLO", "ROLE_FOOBAR");
    SecurityContextHolder.getContext().setAuthentication(auth);
    MockHttpServletRequest request = new MockHttpServletRequest();
    SecurityContextHolderAwareRequestWrapper wrapper = new SecurityContextHolderAwareRequestWrapper(request, "ROLE_");
    assertThat(wrapper.isUserInRole("HELLO")).isTrue();
    assertThat(wrapper.isUserInRole("FOOBAR")).isTrue();
}
Also used : Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 72 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SecurityContextHolderAwareRequestWrapperTests method testUseOfRolePrefixMeansItIsntNeededWhenCallngIsUserInRole.

@Test
public void testUseOfRolePrefixMeansItIsntNeededWhenCallngIsUserInRole() {
    Authentication auth = new TestingAuthenticationToken("rod", "koala", "ROLE_FOO");
    SecurityContextHolder.getContext().setAuthentication(auth);
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRequestURI("/");
    SecurityContextHolderAwareRequestWrapper wrapper = new SecurityContextHolderAwareRequestWrapper(request, "ROLE_");
    assertThat(wrapper.isUserInRole("FOO")).isTrue();
}
Also used : Authentication(org.springframework.security.core.Authentication) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 73 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class AuthenticationPrincipalArgumentResolverTests method setAuthenticationPrincipal.

private void setAuthenticationPrincipal(Object principal) {
    this.expectedPrincipal = principal;
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(expectedPrincipal, "password", "ROLE_USER"));
}
Also used : TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)

Example 74 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SecurityContextHolderAwareRequestFilterTests method startAsyncWithRequestResponseStart.

@Test
public void startAsyncWithRequestResponseStart() throws Exception {
    ArgumentCaptor<Runnable> runnableCaptor = ArgumentCaptor.forClass(Runnable.class);
    SecurityContext context = SecurityContextHolder.createEmptyContext();
    TestingAuthenticationToken expectedAuth = new TestingAuthenticationToken("user", "password", "ROLE_USER");
    context.setAuthentication(expectedAuth);
    SecurityContextHolder.setContext(context);
    AsyncContext asyncContext = mock(AsyncContext.class);
    when(this.request.startAsync(this.request, this.response)).thenReturn(asyncContext);
    Runnable runnable = new Runnable() {

        @Override
        public void run() {
        }
    };
    wrappedRequest().startAsync(this.request, this.response).start(runnable);
    verifyZeroInteractions(this.authenticationManager, this.logoutHandler);
    verify(asyncContext).start(runnableCaptor.capture());
    DelegatingSecurityContextRunnable wrappedRunnable = (DelegatingSecurityContextRunnable) runnableCaptor.getValue();
    assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, "delegateSecurityContext")).isEqualTo(context);
    assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, "delegate")).isEqualTo(runnable);
}
Also used : DelegatingSecurityContextRunnable(org.springframework.security.concurrent.DelegatingSecurityContextRunnable) SecurityContext(org.springframework.security.core.context.SecurityContext) AsyncContext(javax.servlet.AsyncContext) DelegatingSecurityContextRunnable(org.springframework.security.concurrent.DelegatingSecurityContextRunnable) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 75 with TestingAuthenticationToken

use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.

the class SecurityContextHolderAwareRequestFilterTests method authenticateTrue.

@Test
public void authenticateTrue() throws Exception {
    SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("test", "password", "ROLE_USER"));
    assertThat(wrappedRequest().authenticate(this.response)).isTrue();
    verifyZeroInteractions(this.authenticationEntryPoint, this.authenticationManager, this.logoutHandler);
    verify(this.request, times(0)).authenticate(any(HttpServletResponse.class));
}
Also used : MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Aggregations

TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)183 Test (org.junit.Test)106 Authentication (org.springframework.security.core.Authentication)76 SecurityContext (org.springframework.security.core.context.SecurityContext)46 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)38 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)38 MifosUser (org.mifos.security.MifosUser)36 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)32 MifosUserBuilder (org.mifos.builders.MifosUserBuilder)28 Before (org.junit.Before)25 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)12 HttpServletResponse (javax.servlet.http.HttpServletResponse)10 ConfigAttribute (org.springframework.security.access.ConfigAttribute)10 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)9 MockFilterChain (org.springframework.mock.web.MockFilterChain)9 GrantedAuthority (org.springframework.security.core.GrantedAuthority)9 FilterChain (javax.servlet.FilterChain)8 MutableAcl (org.springframework.security.acls.model.MutableAcl)8 PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)7