Search in sources :

Example 46 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project spring-security by spring-projects.

the class DefaultJaasAuthenticationProviderTests method logoutNonJaasAuthentication.

@Test
public void logoutNonJaasAuthentication() {
    SessionDestroyedEvent event = mock(SessionDestroyedEvent.class);
    SecurityContext securityContext = mock(SecurityContext.class);
    when(event.getSecurityContexts()).thenReturn(Arrays.asList(securityContext));
    when(securityContext.getAuthentication()).thenReturn(token);
    provider.handleLogout(event);
    verify(event).getSecurityContexts();
    verify(event).getSecurityContexts();
    verify(securityContext).getAuthentication();
    verifyNoMoreInteractions(event, securityContext);
}
Also used : SecurityContext(org.springframework.security.core.context.SecurityContext) SessionDestroyedEvent(org.springframework.security.core.session.SessionDestroyedEvent) Test(org.junit.Test)

Example 47 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project spring-security by spring-projects.

the class JaasAuthenticationProviderTests method testLogout.

@Test
public void testLogout() throws Exception {
    MockLoginContext loginContext = new MockLoginContext(jaasProvider.getLoginContextName());
    JaasAuthenticationToken token = new JaasAuthenticationToken(null, null, loginContext);
    SecurityContext context = SecurityContextHolder.createEmptyContext();
    context.setAuthentication(token);
    SessionDestroyedEvent event = mock(SessionDestroyedEvent.class);
    when(event.getSecurityContexts()).thenReturn(Arrays.asList(context));
    jaasProvider.handleLogout(event);
    assertThat(loginContext.loggedOut).isTrue();
}
Also used : SecurityContext(org.springframework.security.core.context.SecurityContext) SessionDestroyedEvent(org.springframework.security.core.session.SessionDestroyedEvent) Test(org.junit.Test)

Example 48 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project spring-security by spring-projects.

the class DefaultJaasAuthenticationProviderTests method logout.

@Test
public void logout() throws Exception {
    SessionDestroyedEvent event = mock(SessionDestroyedEvent.class);
    SecurityContext securityContext = mock(SecurityContext.class);
    JaasAuthenticationToken token = mock(JaasAuthenticationToken.class);
    LoginContext context = mock(LoginContext.class);
    when(event.getSecurityContexts()).thenReturn(Arrays.asList(securityContext));
    when(securityContext.getAuthentication()).thenReturn(token);
    when(token.getLoginContext()).thenReturn(context);
    provider.onApplicationEvent(event);
    verify(event).getSecurityContexts();
    verify(securityContext).getAuthentication();
    verify(token).getLoginContext();
    verify(context).logout();
    verifyNoMoreInteractions(event, securityContext, token, context);
}
Also used : LoginContext(javax.security.auth.login.LoginContext) SecurityContext(org.springframework.security.core.context.SecurityContext) SessionDestroyedEvent(org.springframework.security.core.session.SessionDestroyedEvent) Test(org.junit.Test)

Example 49 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project spring-security by spring-projects.

the class DefaultJaasAuthenticationProviderTests method logoutNullAuthentication.

@Test
public void logoutNullAuthentication() {
    SessionDestroyedEvent event = mock(SessionDestroyedEvent.class);
    SecurityContext securityContext = mock(SecurityContext.class);
    when(event.getSecurityContexts()).thenReturn(Arrays.asList(securityContext));
    provider.handleLogout(event);
    verify(event).getSecurityContexts();
    verify(event).getSecurityContexts();
    verify(securityContext).getAuthentication();
    verifyNoMoreInteractions(event, securityContext);
}
Also used : SecurityContext(org.springframework.security.core.context.SecurityContext) SessionDestroyedEvent(org.springframework.security.core.session.SessionDestroyedEvent) Test(org.junit.Test)

Example 50 with SecurityContext

use of org.springframework.security.core.context.SecurityContext in project spring-security by spring-projects.

the class SecurityContextMixinTests method securityContextDeserializeTest.

@Test
public void securityContextDeserializeTest() throws IOException {
    SecurityContext context = mapper.readValue(SECURITY_CONTEXT_JSON, SecurityContextImpl.class);
    assertThat(context).isNotNull();
    assertThat(context.getAuthentication()).isNotNull().isInstanceOf(UsernamePasswordAuthenticationToken.class);
    assertThat(context.getAuthentication().getPrincipal()).isEqualTo("admin");
    assertThat(context.getAuthentication().getCredentials()).isEqualTo("1234");
    assertThat(context.getAuthentication().isAuthenticated()).isTrue();
    assertThat(context.getAuthentication().getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) SecurityContext(org.springframework.security.core.context.SecurityContext) Test(org.junit.Test)

Aggregations

SecurityContext (org.springframework.security.core.context.SecurityContext)138 Test (org.junit.Test)60 Authentication (org.springframework.security.core.Authentication)60 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)46 SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)46 MifosUser (org.mifos.security.MifosUser)38 MifosUserBuilder (org.mifos.builders.MifosUserBuilder)29 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)19 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)19 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)16 HttpServletResponse (javax.servlet.http.HttpServletResponse)15 Before (org.junit.Before)15 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)15 GrantedAuthority (org.springframework.security.core.GrantedAuthority)11 ArrayList (java.util.ArrayList)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)8 PrepareOnlyThisForTest (org.powermock.core.classloader.annotations.PrepareOnlyThisForTest)7 SessionDestroyedEvent (org.springframework.security.core.session.SessionDestroyedEvent)7 HttpSession (javax.servlet.http.HttpSession)6 MeetingBO (org.mifos.application.meeting.business.MeetingBO)5