Example 1 with AuthenticationSuccessHandler
use of org.springframework.security.web.authentication.AuthenticationSuccessHandler in project spring-security by spring-projects.
the class CasAuthenticationFilterTests method testDoFilterAuthenticateAll.
@Test
public void testDoFilterAuthenticateAll() throws Exception {
AuthenticationSuccessHandler successHandler = mock(AuthenticationSuccessHandler.class);
AuthenticationManager manager = mock(AuthenticationManager.class);
Authentication authentication = new TestingAuthenticationToken("un", "pwd", "ROLE_USER");
when(manager.authenticate(any(Authentication.class))).thenReturn(authentication);
ServiceProperties serviceProperties = new ServiceProperties();
serviceProperties.setAuthenticateAllArtifacts(true);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setParameter("ticket", "ST-1-123");
request.setServletPath("/authenticate");
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = mock(FilterChain.class);
CasAuthenticationFilter filter = new CasAuthenticationFilter();
filter.setServiceProperties(serviceProperties);
filter.setAuthenticationSuccessHandler(successHandler);
filter.setProxyGrantingTicketStorage(mock(ProxyGrantingTicketStorage.class));
filter.setAuthenticationManager(manager);
filter.afterPropertiesSet();
filter.doFilter(request, response, chain);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull().withFailMessage("Authentication should not be null");
verify(chain).doFilter(request, response);
verifyZeroInteractions(successHandler);
// validate for when the filterProcessUrl matches
filter.setFilterProcessesUrl(request.getServletPath());
SecurityContextHolder.clearContext();
filter.doFilter(request, response, chain);
verifyNoMoreInteractions(chain);
verify(successHandler).onAuthenticationSuccess(request, response, authentication);
}
Also used :
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
AuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler)
ServiceProperties(org.springframework.security.cas.ServiceProperties)
ProxyGrantingTicketStorage(org.jasig.cas.client.proxy.ProxyGrantingTicketStorage)
Authentication(org.springframework.security.core.Authentication)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
FilterChain(javax.servlet.FilterChain)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
Test(org.junit.Test)
Example 2 with AuthenticationSuccessHandler
use of org.springframework.security.web.authentication.AuthenticationSuccessHandler in project spring-security-oauth by spring-projects.
the class ClientCredentialsTokenEndpointFilter method afterPropertiesSet.
@Override
public void afterPropertiesSet() {
super.afterPropertiesSet();
setAuthenticationFailureHandler(new AuthenticationFailureHandler() {
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
if (exception instanceof BadCredentialsException) {
exception = new BadCredentialsException(exception.getMessage(), new BadClientCredentialsException());
}
authenticationEntryPoint.commence(request, response, exception);
}
});
setAuthenticationSuccessHandler(new AuthenticationSuccessHandler() {
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
// no-op - just allow filter chain to continue to token endpoint
}
});
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletException(javax.servlet.ServletException)
BadClientCredentialsException(org.springframework.security.oauth2.common.exceptions.BadClientCredentialsException)
AuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler)
AuthenticationException(org.springframework.security.core.AuthenticationException)
Authentication(org.springframework.security.core.Authentication)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IOException(java.io.IOException)
AuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Aggregations
Authentication (org.springframework.security.core.Authentication)2
AuthenticationSuccessHandler (org.springframework.security.web.authentication.AuthenticationSuccessHandler)2
IOException (java.io.IOException)1
FilterChain (javax.servlet.FilterChain)1
ServletException (javax.servlet.ServletException)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
ProxyGrantingTicketStorage (org.jasig.cas.client.proxy.ProxyGrantingTicketStorage)1
Test (org.junit.Test)1
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1
AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)1
ServiceProperties (org.springframework.security.cas.ServiceProperties)1
AuthenticationException (org.springframework.security.core.AuthenticationException)1
BadClientCredentialsException (org.springframework.security.oauth2.common.exceptions.BadClientCredentialsException)1
AuthenticationFailureHandler (org.springframework.security.web.authentication.AuthenticationFailureHandler)1
