List of usage examples for org.springframework.security.access SecurityConfig createList
public static List<ConfigAttribute> createList(String... attributeNames)
From source file:be.dnsbelgium.rate.spring.security.LeakyBucketVoterTest.java
@Test public void testEmptyBucket() { LeakyBucketService service = mock(LeakyBucketService.class); when(service.add(any(LeakyBucketKey.class), eq(CONFIG_AMOUNT))).thenReturn(true); final LeakyBucketVoter voter = new LeakyBucketVoter(service, keyFactory, DEFAULT_AMOUNT); final Authentication authentication = mock(Authentication.class); final Object securedObject = mock(Object.class); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(authentication, securedObject, SecurityConfig.createList(LB_CONFIG))); verify(service, times(1)).add(any(LeakyBucketKey.class), eq(CONFIG_AMOUNT)); }
From source file:grails.plugin.springsecurity.web.access.intercept.ChannelFilterInvocationSecurityMetadataSourceFactoryBean.java
protected LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> buildMap() { LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> map = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>(); for (Map.Entry<String, String> entry : definition.entrySet()) { String value = entry.getValue(); if (value == null) { throw new IllegalArgumentException("The rule for URL '" + value + "' cannot be null"); }//from www . j a va 2 s. c o m value = value.trim(); if (!SUPPORTED.contains(value)) { throw new IllegalArgumentException("The rule for URL '" + value + "' must be one of REQUIRES_SECURE_CHANNEL, REQUIRES_INSECURE_CHANNEL, or ANY_CHANNEL"); } map.put(new AntPathRequestMatcher(entry.getKey()), SecurityConfig.createList(value)); } return map; }
From source file:be.dnsbelgium.rate.spring.security.LeakyBucketVoterTest.java
@Test(expected = RDAPErrorException.class) public void testFullBucket() { LeakyBucketService service = mock(LeakyBucketService.class); when(service.add(any(LeakyBucketKey.class), eq(CONFIG_AMOUNT))).thenReturn(false); final LeakyBucketVoter voter = new LeakyBucketVoter(service, keyFactory, DEFAULT_AMOUNT); final Authentication authentication = mock(Authentication.class); final Object securedObject = mock(Object.class); try {// w w w . j a v a 2s . com voter.vote(authentication, securedObject, SecurityConfig.createList(LB_CONFIG)); } catch (RDAPErrorException rde) { verify(service, times(1)).add(any(LeakyBucketKey.class), eq(CONFIG_AMOUNT)); throw rde; } }
From source file:be.dnsbelgium.rate.spring.security.LeakyBucketVoterTest.java
@Test public void testNoLeakyBucketConfigAttributes() { LeakyBucketService service = mock(LeakyBucketService.class); when(service.add(any(LeakyBucketKey.class), eq(DEFAULT_AMOUNT))).thenReturn(true); final LeakyBucketVoter voter = new LeakyBucketVoter(service, keyFactory, DEFAULT_AMOUNT); final Authentication authentication = mock(Authentication.class); final Object securedObject = mock(Object.class); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(authentication, securedObject, SecurityConfig.createList("ROLE_USER"))); verify(service, times(1)).add(any(LeakyBucketKey.class), eq(DEFAULT_AMOUNT)); }
From source file:org.apache.coheigea.cxf.spring.security.authentication.SpringSecurityUTValidator.java
public Credential validate(Credential credential, RequestData data) throws WSSecurityException { if (credential == null || credential.getUsernametoken() == null) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential"); }/* w w w .j a v a2s . c o m*/ // Validate the UsernameToken UsernameToken usernameToken = credential.getUsernametoken(); String pwType = usernameToken.getPasswordType(); if (log.isDebugEnabled()) { log.debug("UsernameToken user " + usernameToken.getName()); log.debug("UsernameToken password type " + pwType); } if (!WSConstants.PASSWORD_TEXT.equals(pwType)) { if (log.isDebugEnabled()) { log.debug("Authentication failed - digest passwords are not accepted"); } throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } if (usernameToken.getPassword() == null) { if (log.isDebugEnabled()) { log.debug("Authentication failed - no password was provided"); } throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } // Validate it via Spring Security // Set a Subject up UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken( usernameToken.getName(), usernameToken.getPassword()); Subject subject = new Subject(); subject.getPrincipals().add(authToken); Set<Authentication> authentications = subject.getPrincipals(Authentication.class); Authentication authenticated = null; try { authenticated = authenticationManager.authenticate(authentications.iterator().next()); } catch (AuthenticationException ex) { if (log.isDebugEnabled()) { log.debug(ex.getMessage(), ex); } throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } if (!authenticated.isAuthenticated()) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } for (GrantedAuthority authz : authenticated.getAuthorities()) { System.out.println("Granted: " + authz.getAuthority()); } // Authorize request if (accessDecisionManager != null && !requiredRoles.isEmpty()) { List<ConfigAttribute> attributes = SecurityConfig .createList(requiredRoles.toArray(new String[requiredRoles.size()])); for (ConfigAttribute attr : attributes) { System.out.println("Attr: " + attr.getAttribute()); } accessDecisionManager.decide(authenticated, this, attributes); } credential.setSubject(subject); return credential; }
From source file:be.dnsbelgium.rate.spring.security.LeakyBucketVoterTest.java
@Test public void testNoNumber() throws Exception { LeakyBucketService service = mock(LeakyBucketService.class); when(service.add(any(LeakyBucketKey.class), eq(DEFAULT_AMOUNT))).thenReturn(true); final LeakyBucketVoter voter = new LeakyBucketVoter(service, keyFactory, DEFAULT_AMOUNT); final Authentication authentication = mock(Authentication.class); final Object securedObject = mock(Object.class); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(authentication, securedObject, SecurityConfig.createList(LeakyBucketVoter.PREFIX + "#A"))); verify(service, times(1)).add(any(LeakyBucketKey.class), eq(DEFAULT_AMOUNT)); }
From source file:be.dnsbelgium.rate.spring.security.LeakyBucketVoterTest.java
@Test public void testNegativeNumber() throws Exception { LeakyBucketService service = mock(LeakyBucketService.class); when(service.add(any(LeakyBucketKey.class), eq(DEFAULT_AMOUNT))).thenReturn(true); final LeakyBucketVoter voter = new LeakyBucketVoter(service, keyFactory, DEFAULT_AMOUNT); final Authentication authentication = mock(Authentication.class); final Object securedObject = mock(Object.class); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(authentication, securedObject, SecurityConfig.createList(LeakyBucketVoter.PREFIX + "#" + (-DEFAULT_AMOUNT)))); verify(service, never()).add(any(LeakyBucketKey.class), eq(DEFAULT_AMOUNT)); }
From source file:be.dnsbelgium.rate.spring.security.LeakyBucketVoterTest.java
@Test public void testEmptyNumber() throws Exception { LeakyBucketService service = mock(LeakyBucketService.class); when(service.add(any(LeakyBucketKey.class), eq(DEFAULT_AMOUNT))).thenReturn(true); final LeakyBucketVoter voter = new LeakyBucketVoter(service, keyFactory, DEFAULT_AMOUNT); final Authentication authentication = mock(Authentication.class); final Object securedObject = mock(Object.class); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(authentication, securedObject, SecurityConfig.createList(LeakyBucketVoter.PREFIX + "#"))); verify(service, times(1)).add(any(LeakyBucketKey.class), eq(DEFAULT_AMOUNT)); }