Search in sources :

Example 6 with RequestAttributeAuthenticationFilter

use of org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter in project spring-security by spring-projects.

the class RequestAttributeAuthenticationFilterTests method rejectsMissingHeader.

@Test(expected = PreAuthenticatedCredentialsNotFoundException.class)
public void rejectsMissingHeader() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    MockFilterChain chain = new MockFilterChain();
    RequestAttributeAuthenticationFilter filter = new RequestAttributeAuthenticationFilter();
    filter.doFilter(request, response, chain);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestAttributeAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 7 with RequestAttributeAuthenticationFilter

use of org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter in project spring-security by spring-projects.

the class RequestAttributeAuthenticationFilterTests method credentialsAreRetrievedIfHeaderNameIsSet.

@Test
public void credentialsAreRetrievedIfHeaderNameIsSet() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    MockFilterChain chain = new MockFilterChain();
    RequestAttributeAuthenticationFilter filter = new RequestAttributeAuthenticationFilter();
    filter.setAuthenticationManager(createAuthenticationManager());
    filter.setCredentialsEnvironmentVariable("myCredentialsVariable");
    request.setAttribute("REMOTE_USER", "cat");
    request.setAttribute("myCredentialsVariable", "catspassword");
    filter.doFilter(request, response, chain);
    assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull();
    assertThat(SecurityContextHolder.getContext().getAuthentication().getCredentials()).isEqualTo("catspassword");
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestAttributeAuthenticationFilter(org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)7 MockFilterChain (org.springframework.mock.web.MockFilterChain)7 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)7 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)7 RequestAttributeAuthenticationFilter (org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter)7 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1 Authentication (org.springframework.security.core.Authentication)1