Examples with SessionAuthenticationStrategy org.springframework.security.web.authentication.session.SessionAuthenticationStrategy used on opensource projects

Search in sources :

Example 6 with SessionAuthenticationStrategy

use of org.springframework.security.web.authentication.session.SessionAuthenticationStrategy in project spring-security by spring-projects.

the class SessionManagementFilterTests method responseIsRedirectedToTimeoutUrlIfSetAndSessionIsInvalid.

@Test
public void responseIsRedirectedToTimeoutUrlIfSetAndSessionIsInvalid() throws Exception {
    SecurityContextRepository repo = mock(SecurityContextRepository.class);
    // repo will return false to containsContext()
    SessionAuthenticationStrategy strategy = mock(SessionAuthenticationStrategy.class);
    SessionManagementFilter filter = new SessionManagementFilter(repo, strategy);
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRequestedSessionId("xxx");
    request.setRequestedSessionIdValid(false);
    MockHttpServletResponse response = new MockHttpServletResponse();
    filter.doFilter(request, response, new MockFilterChain());
    assertThat(response.getRedirectedUrl()).isNull();
    // Now set a redirect URL
    request = new MockHttpServletRequest();
    request.setRequestedSessionId("xxx");
    request.setRequestedSessionIdValid(false);
    SimpleRedirectInvalidSessionStrategy iss = new SimpleRedirectInvalidSessionStrategy("/timedOut");
    iss.setCreateNewSession(true);
    filter.setInvalidSessionStrategy(iss);
    FilterChain fc = mock(FilterChain.class);
    filter.doFilter(request, response, fc);
    verifyZeroInteractions(fc);
    assertThat(response.getRedirectedUrl()).isEqualTo("/timedOut");
}
Also used : SessionAuthenticationStrategy(org.springframework.security.web.authentication.session.SessionAuthenticationStrategy) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(javax.servlet.FilterChain) MockFilterChain(org.springframework.mock.web.MockFilterChain) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 7 with SessionAuthenticationStrategy

use of org.springframework.security.web.authentication.session.SessionAuthenticationStrategy in project spring-security by spring-projects.

the class SessionManagementFilterTests method strategyIsNotInvokedIfAuthenticationIsNull.

@Test
public void strategyIsNotInvokedIfAuthenticationIsNull() throws Exception {
    SecurityContextRepository repo = mock(SecurityContextRepository.class);
    SessionAuthenticationStrategy strategy = mock(SessionAuthenticationStrategy.class);
    SessionManagementFilter filter = new SessionManagementFilter(repo, strategy);
    HttpServletRequest request = new MockHttpServletRequest();
    filter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
    verifyZeroInteractions(strategy);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) SessionAuthenticationStrategy(org.springframework.security.web.authentication.session.SessionAuthenticationStrategy) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) SecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository) MockFilterChain(org.springframework.mock.web.MockFilterChain) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Aggregations

SessionAuthenticationStrategy (org.springframework.security.web.authentication.session.SessionAuthenticationStrategy)7 Test (org.junit.Test)5 MockFilterChain (org.springframework.mock.web.MockFilterChain)5 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)5 SecurityContextRepository (org.springframework.security.web.context.SecurityContextRepository)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)4 FilterChain (javax.servlet.FilterChain)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1 Authentication (org.springframework.security.core.Authentication)1 SessionRegistry (org.springframework.security.core.session.SessionRegistry)1 PortMapper (org.springframework.security.web.PortMapper)1 AuthenticationFailureHandler (org.springframework.security.web.authentication.AuthenticationFailureHandler)1 RememberMeServices (org.springframework.security.web.authentication.RememberMeServices)1 CompositeSessionAuthenticationStrategy (org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy)1 ConcurrentSessionControlAuthenticationStrategy (org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy)1 RegisterSessionAuthenticationStrategy (org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy)1 SessionAuthenticationException (org.springframework.security.web.authentication.session.SessionAuthenticationException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial