List of usage examples for org.springframework.security.core.context SecurityContextImpl SecurityContextImpl
public SecurityContextImpl()
From source file:nl.ctrlaltdev.harbinger.validator.TripwiredValidatorTest.java
@Test public void shouldFullReportWithSpringWithLogInjection() { SecurityContextHolder.setContext(new SecurityContextImpl()); SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("key", "user", Collections.singletonList(new SimpleGrantedAuthority("x")))); MockHttpServletRequest request = new MockHttpServletRequest(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(request)); request.setRemoteAddr("192.168.1.1\n\r"); request.addHeader("X-Forwarded-For", "\n\r\t8.8.8.8"); request.setSession(new MockHttpSession()); assertFalse(validator.isValid("../../etc/passwd\n\r\t", null)); }
From source file:org.jasig.springframework.security.portlet.context.PortletSecurityContextPersistenceFilterTests.java
@Test public void loadedContextContextIsCopiedToSecurityContextHolderAndUpdatedContextIsStored() throws Exception { final MockRenderRequest request = new MockRenderRequest(); final MockRenderResponse response = new MockRenderResponse(); final PortletSecurityContextRepository repo = mock(PortletSecurityContextRepository.class); PortletSecurityContextPersistenceFilter filter = new PortletSecurityContextPersistenceFilter(repo); final TestingAuthenticationToken beforeAuth = new TestingAuthenticationToken("someoneelse", "passwd", "ROLE_B"); final SecurityContext scBefore = new SecurityContextImpl(); final SecurityContext scExpectedAfter = new SecurityContextImpl(); scExpectedAfter.setAuthentication(testToken); scBefore.setAuthentication(beforeAuth); when(repo.loadContext(any(PortletRequestResponseHolder.class))).thenReturn(scBefore); final FilterChain chain = mock(FilterChain.class); doAnswer(new Answer<Object>() { @Override/* www .j a v a 2s. c om*/ public Object answer(InvocationOnMock invocation) throws Throwable { assertEquals(beforeAuth, SecurityContextHolder.getContext().getAuthentication()); // Change the context here SecurityContextHolder.setContext(scExpectedAfter); return null; } }).when(chain).doFilter(any(RenderRequest.class), any(RenderResponse.class)); filter.doFilter(request, response, chain); verify(repo).saveContext(eq(scExpectedAfter), any(PortletRequestResponseHolder.class)); }
From source file:se.vgregion.urlservice.controllers.BookmarkControllerTest.java
@After public void after() { SecurityContextImpl ctx = new SecurityContextImpl(); SecurityContextHolder.setContext(ctx); }
From source file:com.edgenius.wiki.security.acegi.TokenBasedRememberMeServices.java
public SecurityContext createEmptyContext() { return new SecurityContextImpl(); }
From source file:org.openmrs.contrib.metadatarepository.service.impl.UserSecurityAdviceTest.java
@Test public void testAddUserRoleWhenHasAdminRole() throws Exception { SecurityContext securityContext = new SecurityContextImpl(); User user1 = new User("user"); user1.setId(1L);//w ww . ja va 2 s . com user1.setPassword("password"); user1.addRole(new Role(Constants.ADMIN_ROLE)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user1.getUsername(), user1.getPassword(), user1.getAuthorities()); token.setDetails(user1); securityContext.setAuthentication(token); SecurityContextHolder.setContext(securityContext); UserManager userManager = makeInterceptedTarget(); final User user = new User("user"); user.setId(1L); user.getRoles().add(new Role(Constants.ADMIN_ROLE)); user.getRoles().add(new Role(Constants.USER_ROLE)); context.checking(new Expectations() { { one(userDao).saveUser(with(same(user))); } }); userManager.saveUser(user); }
From source file:it.geosolutions.geoserver.sira.security.IrideSiraSecurityTest.java
private void login(String username, String password, String[] roles, IrideIdentity identity, Set<IrideInfoPersona> infoPersonae) { SecurityContextHolder.setContext(new SecurityContextImpl()); final Set<GrantedAuthority> authorities = new LinkedHashSet<>(); for (final String role : roles) { authorities.add(new GeoServerRole(role)); }/*from w ww. j a v a 2 s. c om*/ final GeoServerUser user = new GeoServerUser(username); user.setAuthorities(authorities); user.setPassword(password); user.getProperties().put(IrideUserProperties.IRIDE_IDENTITY, identity); user.getProperties().put(IrideUserProperties.INFO_PERSONAE, infoPersonae); SecurityContextHolder.getContext() .setAuthentication(new UsernamePasswordAuthenticationToken(user, password, authorities)); }
From source file:architecture.ee.web.community.struts2.action.support.SocialCallbackSupport.java
private void createSecurityContext(User userToUse) { if (userToUse.getUserId() > 0) { ExtendedUserDetailsService detailsService = getComponent(ExtendedUserDetailsService.class); UserDetails details = detailsService.loadUserByUsername(userToUse.getUsername()); UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(details, null, details.getAuthorities()); SecurityContextImpl context = new SecurityContextImpl(); context.setAuthentication(authentication); SecurityContextHolder.setContext(context); HttpSession httpsession = request.getSession(true); httpsession.setAttribute("SPRING_SECURITY_CONTEXT", context); }/*from w w w. jav a 2s. co m*/ }
From source file:org.orcid.api.t2.server.delegator.T2OrcidApiServiceVersionedDelegatorTest.java
private void setUpSecurityContext(String userOrcid) { SecurityContextImpl securityContext = new SecurityContextImpl(); OrcidOAuth2Authentication mockedAuthentication = mock(OrcidOAuth2Authentication.class); securityContext.setAuthentication(mockedAuthentication); SecurityContextHolder.setContext(securityContext); when(mockedAuthentication.getPrincipal()).thenReturn(new ProfileEntity(userOrcid)); Set<String> scopes = new HashSet<String>(); scopes.add(ScopePathType.ACTIVITIES_UPDATE.value()); scopes.add(ScopePathType.READ_LIMITED.value()); OAuth2Request authorizationRequest = new OAuth2Request(Collections.<String, String>emptyMap(), userOrcid, Collections.<GrantedAuthority>emptyList(), true, scopes, Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap()); when(mockedAuthentication.getOAuth2Request()).thenReturn(authorizationRequest); }
From source file:org.orcid.api.t2.server.delegator.T2OrcidApiServiceVersionedDelegatorTest.java
private void setUpSecurityContextForClientOnly(String clientId, Set<String> scopes) { SecurityContextImpl securityContext = new SecurityContextImpl(); OrcidOAuth2Authentication mockedAuthentication = mock(OrcidOAuth2Authentication.class); securityContext.setAuthentication(mockedAuthentication); SecurityContextHolder.setContext(securityContext); when(mockedAuthentication.getPrincipal()).thenReturn(new ProfileEntity(clientId)); when(mockedAuthentication.isClientOnly()).thenReturn(true); OAuth2Request authorizationRequest = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, scopes, Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap()); when(mockedAuthentication.getOAuth2Request()).thenReturn(authorizationRequest); }