Examples of org.springframework.richclient.security.ApplicationSecurityManager

Package org.springframework.richclient.security

Examples of org.springframework.richclient.security.ApplicationSecurityManager

org.springframework.richclient.security.ApplicationSecurityManager
This interface defines the operations required of an Application Security Manager for the RCP framework. The security manager is responsible for handling login and logout requests, interacting with the {@link org.springframework.security.AuthenticationManager} thatwill perform the actual user authentication, and firing the events associated with application security lifecycle. See {@link ClientSecurityEvent} and its subclasses.
The Security Manager is available as an application service via {@link org.springframework.richclient.application.ApplicationServices#getSecurityManager}.
See {@link SecurityAwareConfigurer} for more details on how to configure components forautomatic notification of security events. @author Larry Streepy @see org.springframework.richclient.security.support.DefaultApplicationSecurityManager @see AuthenticationAware @see LoginAware @see SecurityAwareConfigurer


    /**
     * Test the processing of beans referenced in the app context.
     */
    public void testApplicationContext() {
        ApplicationSecurityManager securityManager = (ApplicationSecurityManager)ApplicationServicesLocator.services().getService(ApplicationSecurityManager.class);


        int authorizeCount = 1;


        assertFalse( "Object should not be authorized", testAuth1.isAuthorized() );
        assertEquals( "Object should be updated", authorizeCount++, testAuth1.getAuthCount() );


        CommandManager cmgr = Application.instance().getActiveWindow().getCommandManager();
        ActionCommand cmdWrite = cmgr.getActionCommand( "cmdWrite" );
        ActionCommand cmdAdmin = cmgr.getActionCommand( "cmdAdmin" );
        ActionCommand cmdAdminAlias = cmgr.getActionCommand( "cmdAdminAlias" );


        assertFalse( "Object should not be authorized", cmdWrite.isAuthorized() );
        assertFalse( "Object should not be authorized", cmdAdmin.isAuthorized() );
        assertFalse( "Object should not be authorized", cmdAdminAlias.isAuthorized() );


        // Now login with ROLE_WRITE
        Authentication auth = TestAuthenticationManager.makeAuthentication( "test", "test", "ROLE_WRITE" );
        securityManager.doLogin( auth );


        assertTrue( "Object should be authorized", cmdWrite.isAuthorized() );
        assertFalse( "Object should not be authorized", cmdAdmin.isAuthorized() );
        assertFalse( "Object should not be authorized", cmdAdminAlias.isAuthorized() );
        assertFalse( "Object should not be authorized", testAuth1.isAuthorized() );
        assertEquals( "Object should be updated", authorizeCount++, testAuth1.getAuthCount() );


        // Now login with ROLE_ADMIN
        auth = TestAuthenticationManager.makeAuthentication( "test", "test", "ROLE_ADMIN" );
        securityManager.doLogin( auth );


        assertTrue( "Object should be authorized", cmdWrite.isAuthorized() );
        assertTrue( "Object should be authorized", cmdAdmin.isAuthorized() );
        assertTrue( "Object should be authorized", cmdAdminAlias.isAuthorized() );
        assertTrue( "Object should be authorized", testAuth1.isAuthorized() );

View Full Code Here


    /**
     * Test that the authorized state overrides the enabled state
     */
    public void testAuthorizedOverridesEnabled() {
        ApplicationSecurityManager securityManager = (ApplicationSecurityManager)ApplicationServicesLocator.services().getService(ApplicationSecurityManager.class);
        CommandManager cmgr = Application.instance().getActiveWindow().getCommandManager();
        ActionCommand cmdWrite = cmgr.getActionCommand( "cmdWrite" );


        // We start with no authentication, so nothing should be authorized
        assertFalse( "Object should not be authorized", cmdWrite.isAuthorized() );
        assertFalse( "Object should not be enabled", cmdWrite.isEnabled() );


        // Try to enable them, should not happen
        cmdWrite.setEnabled( true );
        assertFalse( "Object should not be enabled", cmdWrite.isEnabled() );


        // Now authorize it
        Authentication auth = TestAuthenticationManager.makeAuthentication( "test", "test", "ROLE_WRITE" );
        securityManager.doLogin( auth );


        assertTrue( "Object should be authorized", cmdWrite.isAuthorized() );
        assertTrue( "Object should be enabled", cmdWrite.isEnabled() );


        // Now we should be able to disable and re-enabled it
        cmdWrite.setEnabled( false );
        assertFalse( "Object should not be enabled", cmdWrite.isEnabled() );
        cmdWrite.setEnabled( true );
        assertTrue( "Object should be enabled", cmdWrite.isEnabled() );


        // Now leave it disabled, remove the authorization, re-authorize and it
        // should still be disabled
        cmdWrite.setEnabled( false );
        assertFalse( "Object should not be enabled", cmdWrite.isEnabled() );
        securityManager.doLogout();


        assertFalse( "Object should not be authorized", cmdWrite.isAuthorized() );
        assertFalse( "Object should not be enabled", cmdWrite.isEnabled() );


        securityManager.doLogin( auth );


        assertTrue( "Object should be authorized", cmdWrite.isAuthorized() );
        assertFalse( "Object should not be enabled", cmdWrite.isEnabled() );
    }

View Full Code Here

TOP

Related Classes of org.springframework.richclient.security.ApplicationSecurityManager

org.springframework.richclient.security.support.DefaultSecurityControllerManagerTests

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.