use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class ProviderManagerTests method detailsAreSetOnAuthenticationTokenIfNotAlreadySetByProvider.
@Test
public void detailsAreSetOnAuthenticationTokenIfNotAlreadySetByProvider() throws Exception {
Object details = new Object();
ProviderManager authMgr = makeProviderManager();
TestingAuthenticationToken request = createAuthenticationToken();
request.setDetails(details);
Authentication result = authMgr.authenticate(request);
assertThat(result.getCredentials()).isNotNull();
assertThat(result.getDetails()).isSameAs(details);
}
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class ProviderManagerTests method credentialsAreClearedByDefault.
@Test
public void credentialsAreClearedByDefault() throws Exception {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password");
ProviderManager mgr = makeProviderManager();
Authentication result = mgr.authenticate(token);
assertThat(result.getCredentials()).isNull();
mgr.setEraseCredentialsAfterAuthentication(false);
token = new UsernamePasswordAuthenticationToken("Test", "Password");
result = mgr.authenticate(token);
assertThat(result.getCredentials()).isNotNull();
}
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class ProviderManagerTests method detailsAreNotSetOnAuthenticationTokenIfAlreadySetByProvider.
@Test
public void detailsAreNotSetOnAuthenticationTokenIfAlreadySetByProvider() throws Exception {
Object requestDetails = "(Request Details)";
final Object resultDetails = "(Result Details)";
// A provider which sets the details object
AuthenticationProvider provider = new AuthenticationProvider() {
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
((TestingAuthenticationToken) authentication).setDetails(resultDetails);
return authentication;
}
public boolean supports(Class<?> authentication) {
return true;
}
};
ProviderManager authMgr = new ProviderManager(Arrays.asList(provider));
TestingAuthenticationToken request = createAuthenticationToken();
request.setDetails(requestDetails);
Authentication result = authMgr.authenticate(request);
assertThat(result.getDetails()).isEqualTo(resultDetails);
}
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class ProviderManagerTests method authenticationExceptionFromParentOverridesPreviousOnes.
@Test
public void authenticationExceptionFromParentOverridesPreviousOnes() throws Exception {
AuthenticationManager parent = mock(AuthenticationManager.class);
ProviderManager mgr = new ProviderManager(Arrays.asList(createProviderWhichThrows(new BadCredentialsException(""))), parent);
final Authentication authReq = mock(Authentication.class);
AuthenticationEventPublisher publisher = mock(AuthenticationEventPublisher.class);
mgr.setAuthenticationEventPublisher(publisher);
// Set a provider that throws an exception - this is the exception we expect to be
// propagated
final BadCredentialsException expected = new BadCredentialsException("I'm the one from the parent");
when(parent.authenticate(authReq)).thenThrow(expected);
try {
mgr.authenticate(authReq);
fail("Expected exception");
} catch (BadCredentialsException e) {
assertThat(e).isSameAs(expected);
}
verify(publisher).publishAuthenticationFailure(expected, authReq);
}
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class ProviderManagerTests method authenticationExceptionIsIgnoredIfLaterProviderAuthenticates.
@Test
public void authenticationExceptionIsIgnoredIfLaterProviderAuthenticates() throws Exception {
final Authentication authReq = mock(Authentication.class);
ProviderManager mgr = new ProviderManager(Arrays.asList(createProviderWhichThrows(new BadCredentialsException("", new Throwable())), createProviderWhichReturns(authReq)));
assertThat(mgr.authenticate(mock(Authentication.class))).isSameAs(authReq);
}
Aggregations