/** * Ensure that we have an authentication manager to work with. If one has not been * specifically wired in, then look for beans to "auto-wire" in. Look for a bean of * one of the following types (in order): {@link ProviderManager}, * {@link AuthenticationProvider}, and {@link AuthenticationManager}. * * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet() */ public void afterPropertiesSet() { // Ensure that we have our authentication manager if( authenticationManager == null ) { if( logger.isDebugEnabled() ) { logger.debug( "No AuthenticationManager defined, look for one" ); } // Try the class types in sequence Class[] types = new Class[] { ProviderManager.class, AuthenticationProvider.class, AuthenticationManager.class }; for( int i = 0; i < types.length; i++ ) { if( tryToWire( types[i] ) ) { break; } } } // If we still don't have one, then that's it if( authenticationManager == null ) { throw new IllegalArgumentException( "authenticationManager must be defined" ); } }
@Test public void shouldConvey_itsBasicProcessingFilter() throws IOException, ServletException { BasicAuthenticationFilter filter = new BasicAuthenticationFilter(localizer); final Boolean[] hadBasicMarkOnInsideAuthenticationManager = new Boolean[]{false}; filter.setAuthenticationManager(new AuthenticationManager() { public Authentication authenticate(Authentication authentication) throws AuthenticationException { hadBasicMarkOnInsideAuthenticationManager[0] = BasicAuthenticationFilter.isProcessingBasicAuth(); return new UsernamePasswordAuthenticationToken("school-principal", "u can be principal if you know this!"); } }); assertThat(BasicAuthenticationFilter.isProcessingBasicAuth(), is(false)); MockHttpServletRequest httpRequest = new MockHttpServletRequest(); httpRequest.addHeader("Authorization", "Basic " + Base64.getEncoder().encodeToString("loser:boozer".getBytes())); filter.doFilterHttp(httpRequest, new MockHttpServletResponse(), new FilterChain() { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException { } }); assertThat(BasicAuthenticationFilter.isProcessingBasicAuth(), is(false)); assertThat(hadBasicMarkOnInsideAuthenticationManager[0], is(true)); }
@Before public void setUp() throws Exception { request = mock(HttpServletRequest.class); response = mock(HttpServletResponse.class); filterChain = mock(FilterChain.class); authenticationManager = mock(AuthenticationManager.class); authorizationExtension = mock(AuthorizationExtension.class); configService = mock(GoConfigService.class); filter = new PreAuthenticatedRequestsProcessingFilter(authorizationExtension, configService); securityConfig = new SecurityConfig(); filter.setAuthenticationManager(authenticationManager); filter.setFilterProcessesUrl("^/go/plugin/([\\w\\-.]+)/authenticate$"); stub(configService.security()).toReturn(securityConfig); stub(request.getHeaderNames()).toReturn(Collections.emptyEnumeration()); }
/** * Try to locate and "wire in" a suitable authentication manager. * @param type The type of bean to look for * @return true if we found and wired a suitable bean */ protected boolean tryToWire(Class type) { boolean success = false; String className = type.getName(); Map map = Application.instance().getApplicationContext().getBeansOfType( type ); if( logger.isDebugEnabled() ) { logger.debug( "Search for '" + className + "' found: " + map ); } if( map.size() == 1 ) { // Got one - wire it in Map.Entry entry = (Map.Entry) map.entrySet().iterator().next(); String name = (String) entry.getKey(); AuthenticationManager am = (AuthenticationManager) entry.getValue(); setAuthenticationManager( am ); success = true; if( logger.isInfoEnabled() ) { logger.info( "Auto-configuration using '" + name + "' as authenticationManager" ); } } else if( map.size() > 1 ) { if( logger.isInfoEnabled() ) { logger.info( "Need a single '" + className + "', found: " + map.keySet() ); } } else { // Size 0, no potentials if( logger.isInfoEnabled() ) { logger.info( "Auto-configuration did not find a suitable authenticationManager of type " + type ); } } return success; }
public void testConfiguration() { Object asm = applicationContext.getBean( "applicationSecurityManager" ); Object am = applicationContext.getBean( "authenticationManager" ); Object sc = applicationContext.getBean( "securityConfigurer" ); assertTrue( "securityManager must implement ApplicationSecurityManager", asm instanceof ApplicationSecurityManager ); assertTrue( "securityManager must be instance of DefaultApplicationSecurityManager", asm instanceof DefaultApplicationSecurityManager ); assertTrue( "authenticationManager must implement AuthenticationManager", am instanceof AuthenticationManager ); assertTrue( "authenticationManager must be instance of TestAuthenticationManager", am instanceof TestAuthenticationManager ); assertEquals( asm, ApplicationServicesLocator.services().getService(ApplicationSecurityManager.class) ); assertTrue( "securityConfigurer must implement SecurityAwareConfigurer", sc instanceof SecurityAwareConfigurer ); }
public void testConfiguration() { prepareApplication( "security-test-ctx.xml" ); Object asm = ac.getBean( "applicationSecurityManager" ); Object am = ac.getBean( "authenticationManager" ); assertTrue( "securityManager must implement ApplicationSecurityManager", asm instanceof ApplicationSecurityManager ); assertTrue( "securityManager must be instance of DefaultApplicationSecurityManager", asm instanceof DefaultApplicationSecurityManager ); assertTrue( "authenticationManager must implement AuthenticationManager", am instanceof AuthenticationManager ); assertTrue( "authenticationManager must be instance of TestAuthenticationManager", am instanceof TestAuthenticationManager ); assertEquals( asm, ApplicationServicesLocator.services().getService(ApplicationSecurityManager.class) ); }
@Before public void setUp() throws Exception { securityContext = mock(SecurityContext.class); SecurityContextHolder.setContext(securityContext); authenticationManager = mock(AuthenticationManager.class); filter = new OauthAuthenticationFilter(authenticationManager); req = mock(HttpServletRequest.class); res = mock(HttpServletResponse.class); chain = mock(FilterChain.class); }
/** * DB에 등록된 사용자의 인증 실패 테스트 * @throws Exception */ @Test @ExpectedException(BadCredentialsException.class) public void testRejectAccessForUnauthorizedUser() throws Exception { UsernamePasswordAuthenticationToken login = new UsernamePasswordAuthenticationToken("jimi", "wrongpw"); AuthenticationManager authManager = (AuthenticationManager) context.getBean(BeanIds.AUTHENTICATION_MANAGER); log.debug("### jimi's password is wrong!!"); SecurityContextHolder.getContext().setAuthentication(authManager.authenticate(login)); }
public AuthenticationManager getAuthenticationManager() { return authenticationManager; }
public void setAuthenticationManager(AuthenticationManager authenticationManager) { this.authenticationManager = authenticationManager; }
public void setAuthenticationManager(AuthenticationManager manager) { this.authenticationManager = manager; }
public OauthAuthenticationFilter(AuthenticationManager authenticationManager) { this.authenticationManager = authenticationManager; }
/** * Set the authentication manager to use. * @param authenticationManager instance to use for authentication requests */ public void setAuthenticationManager(AuthenticationManager authenticationManager) { this.authenticationManager = authenticationManager; }
/** * Get the authentication manager in use. * @return authenticationManager instance used for authentication requests */ public AuthenticationManager getAuthenticationManager() { return authenticationManager; }
/** * Set the authentication manager to use. * @param authenticationManager instance to use for authentication requests */ public void setAuthenticationManager(AuthenticationManager authenticationManager);
/** * Get the authentication manager in use. * @return authenticationManager instance used for authentication requests */ public AuthenticationManager getAuthenticationManager();