List of usage examples for org.apache.shiro.web.subject WebSubject login
void login(AuthenticationToken token) throws AuthenticationException;
From source file:no.priv.bang.ukelonn.api.resources.LoginTest.java
License:Apache License
/** * Verify that a GET to the LoginServlet will return the current state * when a user is logged in/*from w w w .j a v a2 s .c o m*/ * * Used to initialize webapp if the webapp is reloaded. * * @throws Exception */ @Test public void testGetLoginStateWhenLoggedIn() throws Exception { // Set up the request HttpSession session = mock(HttpSession.class); HttpServletRequest request = mock(HttpServletRequest.class); when(request.getSession()).thenReturn(session); HttpServletResponse response = mock(HttpServletResponse.class); // Create mock OSGi services to inject MockLogService logservice = new MockLogService(); // Set up Shiro to be in a logged-in state WebSubject subject = createSubjectAndBindItToThread(request, response); UsernamePasswordToken token = new UsernamePasswordToken("jad", "1ad".toCharArray(), true); subject.login(token); // Create the resource and check the login state with HTTP GET Login resource = new Login(); resource.logservice = logservice; LoginResult result = resource.loginStatus(); // Check the response assertThat(result.getRoles().length).isGreaterThan(0); assertEquals("", result.getErrorMessage()); }
From source file:no.priv.bang.ukelonn.api.ServletTestBase.java
License:Apache License
protected void loginUser(HttpServletRequest request, HttpServletResponse response, String username, String password) {// w w w. j ava 2 s . c o m WebSubject subject = createSubjectAndBindItToThread(request, response); UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray(), true); subject.login(token); }
From source file:no.priv.bang.ukelonn.api.UkelonnRestApiServletTest.java
License:Apache License
/** * Verify that a GET to the LoginServlet will return the current state * when a user is logged in//from w w w .j av a 2s . c o m * * Used to initialize webapp if the webapp is reloaded. * * @throws Exception */ @Test public void testGetLoginStateWhenLoggedIn() throws Exception { // Set up the request HttpServletRequest request = mock(HttpServletRequest.class); when(request.getProtocol()).thenReturn("HTTP/1.1"); when(request.getMethod()).thenReturn("GET"); when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8181/ukelonn/api/login")); when(request.getRequestURI()).thenReturn("/ukelonn/api/login"); when(request.getContextPath()).thenReturn("/ukelonn"); when(request.getServletPath()).thenReturn("/api"); when(request.getHeaderNames()).thenReturn(Collections.emptyEnumeration()); HttpSession session = mock(HttpSession.class); when(request.getSession()).thenReturn(session); // Create the response that will cause a NullPointerException // when trying to print the body MockHttpServletResponse response = mock(MockHttpServletResponse.class, CALLS_REAL_METHODS); // Create mock OSGi services to inject MockLogService logservice = new MockLogService(); // Set up Shiro to be in a logged-in state WebSubject subject = createSubjectAndBindItToThread(request, response); UsernamePasswordToken token = new UsernamePasswordToken("jad", "1ad".toCharArray(), true); subject.login(token); // Create the servlet UkelonnRestApiServlet servlet = new UkelonnRestApiServlet(); servlet.setLogservice(logservice); servlet.setUkelonnService(getUkelonnServiceSingleton()); // Activate the servlet DS component servlet.activate(); // When the servlet is activated it will be plugged into the http whiteboard and configured ServletConfig config = createServletConfigWithApplicationAndPackagenameForJerseyResources(); servlet.init(config); // Check the login state with HTTP GET servlet.service(request, response); // Check the response assertEquals(200, response.getStatus()); assertEquals("application/json", response.getContentType()); LoginResult result = ServletTestBase.mapper .readValue(response.getOutput().toString(StandardCharsets.UTF_8.toString()), LoginResult.class); assertThat(result.getRoles().length).isGreaterThan(0); assertEquals("", result.getErrorMessage()); }
From source file:org.sonatype.nexus.security.StatelessAndStatefulWebSessionManagerTest.java
License:Open Source License
/** * Verifies a session is NOT stored in the when a stateless client logs in. (uses the default MapCache impl) *///from w ww.jav a 2 s.c o m @Test public void testStatelessSession() { // mock a stateless client connection HttpServletRequest request = Mockito.mock(HttpServletRequest.class); Mockito.when(request.getHeader("X-Nexus-Session")).thenReturn("none"); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); // create a user and login WebSubject subject = new WebSubject.Builder(securityManager, request, response).buildWebSubject(); subject.login(new UsernamePasswordToken("user", "user123")); verifyNoSessionStored(); // verify accessing the session does not blow up subject.getSession().getAttributeKeys(); // verify the session is NOT stored in a cache try { sessionManager.getSession(new DefaultSessionKey(subject.getSession().getId())); // again using the sessionManager Assert.fail("expected UnknownSessionException"); } catch (UnknownSessionException e) { // expected } // force clearing the ehcache sessionDAO.getActiveSessionsCache().clear(); // verify accessing the session does not blow up subject.getSession().getAttributeKeys(); // using the sessionManager API will fail try { sessionManager.getSession(new DefaultSessionKey(subject.getSession().getId())); // again using the sessionManager Assert.fail("expected UnknownSessionException"); } catch (UnknownSessionException e) { // expected } }
From source file:org.sonatype.nexus.security.StatelessAndStatefulWebSessionManagerTest.java
License:Open Source License
/** * Verifies a session IS stored in the when a state-full client logs in. (uses the default MapCache impl) *//*from w w w . j a v a2 s . c o m*/ @Test public void testStateFullSession() { // mock a state-full client connection HttpServletRequest request = Mockito.mock(HttpServletRequest.class); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); // create a user and login WebSubject subject = new WebSubject.Builder(securityManager, request, response).buildWebSubject(); subject.login(new UsernamePasswordToken("user", "user123")); // verify 1 active sessions verifySingleSessionStored(subject.getSession().getId()); // verify accessing the session does not blow up subject.getSession().getAttributeKeys(); // directly against the subject object // force clearing the ehcache sessionDAO.getActiveSessionsCache().clear(); // now the session should not be found try { subject.getSession().getAttributeKeys(); // directly against the subject object Assert.fail("expected UnknownSessionException"); } catch (UnknownSessionException e) { // expected } try { sessionManager.getSession(new DefaultSessionKey(subject.getSession().getId())); // again using the sessionManager Assert.fail("expected UnknownSessionException"); } catch (UnknownSessionException e) { // expected } }