Example 31 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class AbstractPreAuthenticatedProcessingFilterTests method requiresAuthenticationOverridePrincipalChangedFalse.
@Test
public void requiresAuthenticationOverridePrincipalChangedFalse() throws Exception {
Object principal = new Object();
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(principal, "something", "ROLE_USER"));
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain();
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter() {
@Override
protected boolean principalChanged(HttpServletRequest request, Authentication currentAuthentication) {
return false;
}
};
filter.setCheckForPrincipalChanges(true);
filter.principal = principal;
AuthenticationManager am = mock(AuthenticationManager.class);
filter.setAuthenticationManager(am);
filter.afterPropertiesSet();
filter.doFilter(request, response, chain);
verifyZeroInteractions(am);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.springframework.security.core.Authentication)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Example 32 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class AbstractRememberMeServicesTests method autoLoginShouldFailIfUserAccountIsLocked.
@Test
public void autoLoginShouldFailIfUserAccountIsLocked() {
MockRememberMeServices services = new MockRememberMeServices(uds);
services.setUserDetailsChecker(new AccountStatusUserDetailsChecker());
uds.toReturn = new User("joe", "password", false, true, true, true, joe.getAuthorities());
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(createLoginCookie("cookie:1:2"));
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertThat(result).isNull();
assertCookieCancelled(response);
}
Also used :
AccountStatusUserDetailsChecker(org.springframework.security.authentication.AccountStatusUserDetailsChecker)
User(org.springframework.security.core.userdetails.User)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.springframework.security.core.Authentication)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
PrepareOnlyThisForTest(org.powermock.core.classloader.annotations.PrepareOnlyThisForTest)
Example 33 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class BasicAuthenticationFilterTests method setUp.
// ~ Methods
// ========================================================================================================
@Before
public void setUp() throws Exception {
SecurityContextHolder.clearContext();
UsernamePasswordAuthenticationToken rodRequest = new UsernamePasswordAuthenticationToken("rod", "koala");
rodRequest.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
Authentication rod = new UsernamePasswordAuthenticationToken("rod", "koala", AuthorityUtils.createAuthorityList("ROLE_1"));
manager = mock(AuthenticationManager.class);
when(manager.authenticate(rodRequest)).thenReturn(rod);
when(manager.authenticate(not(eq(rodRequest)))).thenThrow(new BadCredentialsException(""));
filter = new BasicAuthenticationFilter(manager, new BasicAuthenticationEntryPoint());
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Authentication(org.springframework.security.core.Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Before(org.junit.Before)
Example 34 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class PreAuthenticatedAuthenticationProviderTests method authenticateUnknownUserThrowsException.
@Test(expected = UsernameNotFoundException.class)
public final void authenticateUnknownUserThrowsException() throws Exception {
UserDetails ud = new User("dummyUser1", "dummyPwd", true, true, true, true, AuthorityUtils.NO_AUTHORITIES);
PreAuthenticatedAuthenticationProvider provider = getProvider(ud);
Authentication request = new PreAuthenticatedAuthenticationToken("dummyUser2", "dummyPwd");
provider.authenticate(request);
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
User(org.springframework.security.core.userdetails.User)
Authentication(org.springframework.security.core.Authentication)
Test(org.junit.Test)
Example 35 with Authentication
use of org.springframework.security.core.Authentication in project spring-security by spring-projects.
the class PreAuthenticatedAuthenticationProviderTests method nullPrincipalReturnsNullAuthentication.
@Test
public final void nullPrincipalReturnsNullAuthentication() throws Exception {
PreAuthenticatedAuthenticationProvider provider = new PreAuthenticatedAuthenticationProvider();
Authentication request = new PreAuthenticatedAuthenticationToken(null, "dummyPwd");
Authentication result = provider.authenticate(request);
assertThat(result).isNull();
}
Also used :
Authentication(org.springframework.security.core.Authentication)
Test(org.junit.Test)
Aggregations
Authentication (org.springframework.security.core.Authentication)498
Test (org.junit.Test)192
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)114
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)98
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)75
SecurityContext (org.springframework.security.core.context.SecurityContext)63
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)57
GrantedAuthority (org.springframework.security.core.GrantedAuthority)50
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)47
SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)42
MifosUser (org.mifos.security.MifosUser)38
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)34
HttpServletRequest (javax.servlet.http.HttpServletRequest)32
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)32
AuthenticationException (org.springframework.security.core.AuthenticationException)31
UserDetails (org.springframework.security.core.userdetails.UserDetails)31
MifosUserBuilder (org.mifos.builders.MifosUserBuilder)29
HashMap (java.util.HashMap)27
HttpServletResponse (javax.servlet.http.HttpServletResponse)27
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)25
