Example 11 with ServiceProperties
use of org.springframework.security.cas.ServiceProperties in project spring-security by spring-projects.
the class CasAuthenticationEntryPointTests method testNormalOperationWithRenewTrue.
@Test
public void testNormalOperationWithRenewTrue() throws Exception {
ServiceProperties sp = new ServiceProperties();
sp.setSendRenew(true);
sp.setService("https://mycompany.com/bigWebApp/login/cas");
CasAuthenticationEntryPoint ep = new CasAuthenticationEntryPoint();
ep.setLoginUrl("https://cas/login");
ep.setServiceProperties(sp);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
MockHttpServletResponse response = new MockHttpServletResponse();
ep.afterPropertiesSet();
ep.commence(request, response, null);
assertThat("https://cas/login?service=" + URLEncoder.encode("https://mycompany.com/bigWebApp/login/cas", "UTF-8") + "&renew=true").isEqualTo(response.getRedirectedUrl());
}
Also used :
ServiceProperties(org.springframework.security.cas.ServiceProperties)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Example 12 with ServiceProperties
use of org.springframework.security.cas.ServiceProperties in project spring-security by spring-projects.
the class CasAuthenticationFilterTests method testDoFilterAuthenticateAll.
@Test
public void testDoFilterAuthenticateAll() throws Exception {
AuthenticationSuccessHandler successHandler = mock(AuthenticationSuccessHandler.class);
AuthenticationManager manager = mock(AuthenticationManager.class);
Authentication authentication = new TestingAuthenticationToken("un", "pwd", "ROLE_USER");
when(manager.authenticate(any(Authentication.class))).thenReturn(authentication);
ServiceProperties serviceProperties = new ServiceProperties();
serviceProperties.setAuthenticateAllArtifacts(true);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setParameter("ticket", "ST-1-123");
request.setServletPath("/authenticate");
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = mock(FilterChain.class);
CasAuthenticationFilter filter = new CasAuthenticationFilter();
filter.setServiceProperties(serviceProperties);
filter.setAuthenticationSuccessHandler(successHandler);
filter.setProxyGrantingTicketStorage(mock(ProxyGrantingTicketStorage.class));
filter.setAuthenticationManager(manager);
filter.afterPropertiesSet();
filter.doFilter(request, response, chain);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull().withFailMessage("Authentication should not be null");
verify(chain).doFilter(request, response);
verifyZeroInteractions(successHandler);
// validate for when the filterProcessUrl matches
filter.setFilterProcessesUrl(request.getServletPath());
SecurityContextHolder.clearContext();
filter.doFilter(request, response, chain);
verifyNoMoreInteractions(chain);
verify(successHandler).onAuthenticationSuccess(request, response, authentication);
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
AuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler)
ServiceProperties(org.springframework.security.cas.ServiceProperties)
ProxyGrantingTicketStorage(org.jasig.cas.client.proxy.ProxyGrantingTicketStorage)
Authentication(org.springframework.security.core.Authentication)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(javax.servlet.FilterChain)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Example 13 with ServiceProperties
use of org.springframework.security.cas.ServiceProperties in project spring-security by spring-projects.
the class CasAuthenticationFilterTests method testRequiresAuthenticationAuthAll.
@Test
public void testRequiresAuthenticationAuthAll() {
ServiceProperties properties = new ServiceProperties();
properties.setAuthenticateAllArtifacts(true);
String url = "/login/cas";
CasAuthenticationFilter filter = new CasAuthenticationFilter();
filter.setFilterProcessesUrl(url);
filter.setServiceProperties(properties);
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
request.setServletPath(url);
assertThat(filter.requiresAuthentication(request, response)).isTrue();
request.setServletPath("/other");
assertThat(filter.requiresAuthentication(request, response)).isFalse();
request.setParameter(properties.getArtifactParameter(), "value");
assertThat(filter.requiresAuthentication(request, response)).isTrue();
SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("key", "principal", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS")));
assertThat(filter.requiresAuthentication(request, response)).isTrue();
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("un", "principal", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS")));
assertThat(filter.requiresAuthentication(request, response)).isTrue();
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("un", "principal", "ROLE_ANONYMOUS"));
assertThat(filter.requiresAuthentication(request, response)).isFalse();
}
Also used :
ServiceProperties(org.springframework.security.cas.ServiceProperties)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Aggregations
ServiceProperties (org.springframework.security.cas.ServiceProperties)13
Test (org.junit.Test)10
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)4
SamlServiceProperties (org.springframework.security.cas.SamlServiceProperties)3
Authentication (org.springframework.security.core.Authentication)3
ProxyGrantingTicketStorage (org.jasig.cas.client.proxy.ProxyGrantingTicketStorage)2
AssertionImpl (org.jasig.cas.client.validation.AssertionImpl)2
TicketValidator (org.jasig.cas.client.validation.TicketValidator)2
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)2
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)2
ServiceAuthenticationDetails (org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails)2
FilterChain (javax.servlet.FilterChain)1
AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)1
AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1
AuthenticationSuccessHandler (org.springframework.security.web.authentication.AuthenticationSuccessHandler)1
WebAuthenticationDetails (org.springframework.security.web.authentication.WebAuthenticationDetails)1
