Example 61 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project spring-security by spring-projects.
the class SwitchUserFilterTests method modificationOfAuthoritiesWorks.
@Test
public void modificationOfAuthoritiesWorks() {
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
SecurityContextHolder.getContext().setAuthentication(auth);
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
SwitchUserFilter filter = new SwitchUserFilter();
filter.setUserDetailsService(new MockUserDetailsService());
filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
public Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<? extends GrantedAuthority> authoritiesToBeGranted) {
List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
auths.add(new SimpleGrantedAuthority("ROLE_NEW"));
return auths;
}
});
Authentication result = filter.attemptSwitchUser(request);
assertThat(result != null).isTrue();
assertThat(result.getAuthorities()).hasSize(2);
assertThat(AuthorityUtils.authorityListToSet(result.getAuthorities())).contains("ROLE_NEW");
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Authentication(org.springframework.security.core.Authentication)
Example 62 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project spring-security-oauth by spring-projects.
the class OAuth2SecurityExpressionMethodsTests method testClientOnly.
@Test
public void testClientOnly() throws Exception {
OAuth2Request request = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar", Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")));
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(request, userAuthentication);
assertFalse(new OAuth2SecurityExpressionMethods(oAuth2Authentication).isClient());
assertTrue(new OAuth2SecurityExpressionMethods(new OAuth2Authentication(request, null)).isClient());
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Test(org.junit.Test)
Example 63 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project spring-security-oauth by spring-projects.
the class OAuth2SecurityExpressionMethodsTests method testOAuthUser.
@Test
public void testOAuthUser() throws Exception {
OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar", Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")));
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).isUser());
assertFalse(new OAuth2SecurityExpressionMethods(new OAuth2Authentication(clientAuthentication, null)).isUser());
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Test(org.junit.Test)
Example 64 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project spring-security by spring-projects.
the class EhCacheBasedAclCacheTests method setup.
@Before
public void setup() {
myCache = new EhCacheBasedAclCache(cache, new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()), new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_USER")));
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100));
AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), new SimpleGrantedAuthority("ROLE_GENERAL"));
acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity)
Before(org.junit.Before)
Example 65 with SimpleGrantedAuthority
use of org.springframework.security.core.authority.SimpleGrantedAuthority in project spring-security by spring-projects.
the class CasAuthenticationProviderTests method statefulAuthenticationIsSuccessful.
@Test
public void statefulAuthenticationIsSuccessful() throws Exception {
CasAuthenticationProvider cap = new CasAuthenticationProvider();
cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator());
cap.setKey("qwerty");
StatelessTicketCache cache = new MockStatelessTicketCache();
cap.setStatelessTicketCache(cache);
cap.setServiceProperties(makeServiceProperties());
cap.setTicketValidator(new MockTicketValidator(true));
cap.afterPropertiesSet();
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(CasAuthenticationFilter.CAS_STATEFUL_IDENTIFIER, "ST-123");
token.setDetails("details");
Authentication result = cap.authenticate(token);
// Confirm ST-123 was NOT added to the cache
assertThat(cache.getByTicketId("ST-456") == null).isTrue();
if (!(result instanceof CasAuthenticationToken)) {
fail("Should have returned a CasAuthenticationToken");
}
CasAuthenticationToken casResult = (CasAuthenticationToken) result;
assertThat(casResult.getPrincipal()).isEqualTo(makeUserDetailsFromAuthoritiesPopulator());
assertThat(casResult.getCredentials()).isEqualTo("ST-123");
assertThat(casResult.getAuthorities()).contains(new SimpleGrantedAuthority("ROLE_A"));
assertThat(casResult.getAuthorities()).contains(new SimpleGrantedAuthority("ROLE_B"));
assertThat(casResult.getKeyHash()).isEqualTo(cap.getKey().hashCode());
assertThat(casResult.getDetails()).isEqualTo("details");
// Now confirm the CasAuthenticationToken is automatically re-accepted.
// To ensure TicketValidator not called again, set it to deliver an exception...
cap.setTicketValidator(new MockTicketValidator(false));
Authentication laterResult = cap.authenticate(result);
assertThat(laterResult).isEqualTo(result);
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
Authentication(org.springframework.security.core.Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Aggregations
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)109
GrantedAuthority (org.springframework.security.core.GrantedAuthority)64
Test (org.junit.Test)49
ArrayList (java.util.ArrayList)30
Authentication (org.springframework.security.core.Authentication)27
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)22
HashSet (java.util.HashSet)14
User (org.springframework.security.core.userdetails.User)11
ObjectIdentity (org.springframework.security.acls.model.ObjectIdentity)8
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8
MutableAcl (org.springframework.security.acls.model.MutableAcl)7
AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)7
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)7
AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)7
Before (org.junit.Before)6
OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)6
ScopePathType (org.orcid.jaxb.model.message.ScopePathType)6
List (java.util.List)5
Map (java.util.Map)5
DBUnitTest (org.orcid.test.DBUnitTest)5
