Example usage for org.apache.shiro.subject.support DelegatingSubject DelegatingSubject

List of usage examples for org.apache.shiro.subject.support DelegatingSubject DelegatingSubject

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.subject.support.*
  5. DelegatingSubject
  6. DelegatingSubject

Introduction

In this page you can find the example usage for org.apache.shiro.subject.support DelegatingSubject DelegatingSubject.

Prototype

public DelegatingSubject(SecurityManager securityManager)

Source Link

Usage

From source file:com.ning.billing.server.security.TestKillbillJdbcRealm.java

License:Apache License

@Test(groups = "slow")
public void testAuthentication() throws Exception {
    final DelegatingSubject subject = new DelegatingSubject(securityManager);

    // Good combo
    final AuthenticationToken goodToken = new UsernamePasswordToken(tenant.getApiKey(), tenant.getApiSecret());
    try {//from w w w  . j  ava 2  s  .  c o m
        securityManager.login(subject, goodToken);
        Assert.assertTrue(true);
    } catch (AuthenticationException e) {
        Assert.fail();
    }

    // Bad login
    final AuthenticationToken badPasswordToken = new UsernamePasswordToken(tenant.getApiKey(),
            tenant.getApiSecret() + "T");
    try {
        securityManager.login(subject, badPasswordToken);
        Assert.fail();
    } catch (AuthenticationException e) {
        Assert.assertTrue(true);
    }

    // Bad password
    final AuthenticationToken badLoginToken = new UsernamePasswordToken(tenant.getApiKey() + "U",
            tenant.getApiSecret());
    try {
        securityManager.login(subject, badLoginToken);
        Assert.fail();
    } catch (AuthenticationException e) {
        Assert.assertTrue(true);
    }
}

From source file:org.killbill.billing.server.security.TestKillbillJdbcTenantRealm.java

License:Apache License

@Test(groups = "slow")
public void testAuthentication() throws Exception {
    final DelegatingSubject subject = new DelegatingSubject(securityManager);

    // Good combo
    final AuthenticationToken goodToken = new UsernamePasswordToken(tenant.getApiKey(), tenant.getApiSecret());
    try {//from  w  w  w .  jav  a 2  s . co m
        securityManager.login(subject, goodToken);
        Assert.assertTrue(true);
    } catch (final AuthenticationException e) {
        Assert.fail();
    }

    // Bad login
    final AuthenticationToken badPasswordToken = new UsernamePasswordToken(tenant.getApiKey(),
            tenant.getApiSecret() + "T");
    try {
        securityManager.login(subject, badPasswordToken);
        Assert.fail();
    } catch (final AuthenticationException e) {
        Assert.assertTrue(true);
    }

    // Bad password
    final AuthenticationToken badLoginToken = new UsernamePasswordToken(tenant.getApiKey() + "U",
            tenant.getApiSecret());
    try {
        securityManager.login(subject, badLoginToken);
        Assert.fail();
    } catch (final AuthenticationException e) {
        Assert.assertTrue(true);
    }
}

From source file:org.killbill.billing.util.security.shiro.realm.TestKillBillJdbcRealm.java

License:Apache License

@Test(groups = "slow")
public void testAuthentication() throws SecurityApiException {

    final String username = "toto";
    final String password = "supperCompli43cated";

    securityApi.addRoleDefinition("root", ImmutableList.of("*"), callContext);
    securityApi.addUserRoles(username, password, ImmutableList.of("root"), callContext);
    final DelegatingSubject subject = new DelegatingSubject(securityManager);

    final AuthenticationToken goodToken = new UsernamePasswordToken(username, password);
    securityManager.login(subject, goodToken);
    Assert.assertTrue(true);//from   w  ww . ja  va 2 s  .  co m

    try {
        final AuthenticationToken badToken = new UsernamePasswordToken(username, "somethingelse");
        securityManager.login(subject, badToken);
        Assert.assertTrue(true);
        securityManager.logout(subject);
        securityManager.login(subject, badToken);
        Assert.fail("Should not succeed to login with an incorrect password");
    } catch (final AuthenticationException e) {
    }

    // Update password and try again
    final String newPassword = "suppersimple";
    securityApi.updateUserPassword(username, newPassword, callContext);

    try {
        final AuthenticationToken notGoodTokenAnyLonger = goodToken;
        securityManager.login(subject, notGoodTokenAnyLonger);
        Assert.fail("Should not succeed to login with an incorrect password");
    } catch (final AuthenticationException e) {
    }

    final AuthenticationToken newGoodToken = new UsernamePasswordToken(username, newPassword);
    securityManager.login(subject, newGoodToken);
    Assert.assertTrue(true);

    securityManager.logout(subject);
    securityApi.invalidateUser(username, callContext);

    try {
        final AuthenticationToken notGoodTokenAnyLonger = goodToken;
        securityManager.login(subject, notGoodTokenAnyLonger);
        Assert.fail("Should not succeed to login with an incorrect password");
    } catch (final AuthenticationException e) {
    }

}