Search in sources :

Example 1 with InMemoryXmlApplicationContext

use of org.springframework.security.config.util.InMemoryXmlApplicationContext in project spring-security by spring-projects.

the class AuthenticationProviderBeanDefinitionParserTests method externalUserServicePasswordEncoderAndSaltSourceWork.

@Test
public void externalUserServicePasswordEncoderAndSaltSourceWork() throws Exception {
    appContext = new InMemoryXmlApplicationContext("    <authentication-manager>" + "      <authentication-provider user-service-ref='customUserService'>" + "        <password-encoder ref='customPasswordEncoder'>" + "            <salt-source ref='saltSource'/>" + "        </password-encoder>" + "      </authentication-provider>" + "    </authentication-manager>" + "    <b:bean id='customPasswordEncoder' " + "class='org.springframework.security.authentication.encoding.Md5PasswordEncoder'/>" + "    <b:bean id='saltSource' " + "           class='" + ReflectionSaltSource.class.getName() + "'>" + "         <b:property name='userPropertyToUse' value='username'/>" + "    </b:bean>" + "    <b:bean id='customUserService' " + "           class='org.springframework.security.provisioning.InMemoryUserDetailsManager'>" + "        <b:constructor-arg>" + "            <b:props>" + "                <b:prop key='bob'>f117f0862384e9497ff4f470e3522606,ROLE_A</b:prop>" + "            </b:props>" + "        </b:constructor-arg>" + "    </b:bean>");
    getProvider().authenticate(bob);
}
Also used : InMemoryXmlApplicationContext(org.springframework.security.config.util.InMemoryXmlApplicationContext) Test(org.junit.Test)

Example 2 with InMemoryXmlApplicationContext

use of org.springframework.security.config.util.InMemoryXmlApplicationContext in project spring-security by spring-projects.

the class LdapProviderBeanDefinitionParserTests method supportsPasswordComparisonAuthentication.

@Test
public void supportsPasswordComparisonAuthentication() {
    this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>" + "<authentication-manager>" + "  <ldap-authentication-provider user-dn-pattern='uid={0},ou=people'>" + "    <password-compare />" + "  </ldap-authentication-provider>" + "</authentication-manager>");
    AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, AuthenticationManager.class);
    Authentication auth = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
    assertThat(auth).isNotNull();
}
Also used : AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) InMemoryXmlApplicationContext(org.springframework.security.config.util.InMemoryXmlApplicationContext) Test(org.junit.jupiter.api.Test)

Example 3 with InMemoryXmlApplicationContext

use of org.springframework.security.config.util.InMemoryXmlApplicationContext in project spring-security by spring-projects.

the class LdapProviderBeanDefinitionParserTests method inetOrgContextMapperIsSupported.

@Test
public void inetOrgContextMapperIsSupported() {
    this.appCtx = new InMemoryXmlApplicationContext("<ldap-server url='ldap://127.0.0.1:343/dc=springframework,dc=org' port='0'/>" + "<authentication-manager>" + "  <ldap-authentication-provider user-details-class='inetOrgPerson' />" + "</authentication-manager>");
    ProviderManager providerManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
    assertThat(providerManager.getProviders()).hasSize(1);
    assertThat(providerManager.getProviders()).extracting("userDetailsContextMapper").allSatisfy((contextMapper) -> assertThat(contextMapper).isInstanceOf(InetOrgPersonContextMapper.class));
}
Also used : ProviderManager(org.springframework.security.authentication.ProviderManager) InMemoryXmlApplicationContext(org.springframework.security.config.util.InMemoryXmlApplicationContext) InetOrgPersonContextMapper(org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper) Test(org.junit.jupiter.api.Test)

Example 4 with InMemoryXmlApplicationContext

use of org.springframework.security.config.util.InMemoryXmlApplicationContext in project spring-security by spring-projects.

the class LdapProviderBeanDefinitionParserTests method supportsCryptoPasswordEncoder.

// SEC-2472
@Test
public void supportsCryptoPasswordEncoder() {
    this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>" + "<authentication-manager>" + "  <ldap-authentication-provider user-dn-pattern='uid={0},ou=people'>" + "    <password-compare>" + "      <password-encoder ref='pe' />" + "    </password-compare>" + "  </ldap-authentication-provider>" + "</authentication-manager>" + "<b:bean id='pe' class='org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder' />");
    AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, AuthenticationManager.class);
    Authentication auth = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("bcrypt", "password"));
    assertThat(auth).isNotNull();
}
Also used : AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) InMemoryXmlApplicationContext(org.springframework.security.config.util.InMemoryXmlApplicationContext) Test(org.junit.jupiter.api.Test)

Example 5 with InMemoryXmlApplicationContext

use of org.springframework.security.config.util.InMemoryXmlApplicationContext in project spring-security by spring-projects.

the class LdapProviderBeanDefinitionParserTests method ldapAuthenticationProviderWorksWithPlaceholders.

@Test
public void ldapAuthenticationProviderWorksWithPlaceholders() {
    System.setProperty("udp", "people");
    System.setProperty("gsf", "member");
    this.appCtx = new InMemoryXmlApplicationContext("<ldap-server />" + "<authentication-manager>" + "  <ldap-authentication-provider user-dn-pattern='uid={0},ou=${udp}' group-search-filter='${gsf}={0}' />" + "</authentication-manager>" + "<b:bean id='org.springframework.beans.factory.config.PropertyPlaceholderConfigurer' class='org.springframework.beans.factory.config.PropertyPlaceholderConfigurer' />");
    ProviderManager providerManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
    assertThat(providerManager.getProviders()).hasSize(1);
    AuthenticationProvider authenticationProvider = providerManager.getProviders().get(0);
    assertThat(authenticationProvider).extracting("authenticator.userDnFormat").satisfies((messageFormats) -> assertThat(messageFormats).isEqualTo(new MessageFormat[] { new MessageFormat("uid={0},ou=people") }));
    assertThat(authenticationProvider).extracting("authoritiesPopulator.groupSearchFilter").satisfies((searchFilter) -> assertThat(searchFilter).isEqualTo("member={0}"));
}
Also used : MessageFormat(java.text.MessageFormat) ProviderManager(org.springframework.security.authentication.ProviderManager) AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider) InMemoryXmlApplicationContext(org.springframework.security.config.util.InMemoryXmlApplicationContext) Test(org.junit.jupiter.api.Test)

Aggregations

InMemoryXmlApplicationContext (org.springframework.security.config.util.InMemoryXmlApplicationContext)20 Test (org.junit.jupiter.api.Test)15 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)4 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)4 Authentication (org.springframework.security.core.Authentication)4 LdapTemplate (org.springframework.ldap.core.LdapTemplate)3 ProviderManager (org.springframework.security.authentication.ProviderManager)3 DefaultSpringSecurityContextSource (org.springframework.security.ldap.DefaultSpringSecurityContextSource)3 Filter (jakarta.servlet.Filter)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2 MessageFormat (java.text.MessageFormat)1 Test (org.junit.Test)1 AuthenticationProvider (org.springframework.security.authentication.AuthenticationProvider)1 UserDetails (org.springframework.security.core.userdetails.UserDetails)1 MessageDigestPasswordEncoder (org.springframework.security.crypto.password.MessageDigestPasswordEncoder)1 ApacheDSContainer (org.springframework.security.ldap.server.ApacheDSContainer)1 InetOrgPersonContextMapper (org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper)1