Package org.apache.isis.security.shiro

Source Code of org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizorTest_authenticate

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
/*
*  Licensed to the Apache Software Foundation (ASF) under one
*  or more contributor license agreements.  See the NOTICE file
*  distributed with this work for additional information
*  regarding copyright ownership.  The ASF licenses this file
*  to you under the Apache License, Version 2.0 (the
*  "License"); you may not use this file except in compliance
*  with the License.  You may obtain a copy of the License at
*
*        http://www.apache.org/licenses/LICENSE-2.0
*
*  Unless required by applicable law or agreed to in writing,
*  software distributed under the License is distributed on an
*  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
*  KIND, either express or implied.  See the License for the
*  specific language governing permissions and limitations
*  under the License.
*/
package org.apache.isis.security.shiro;

import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.not;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertThat;

import org.apache.isis.applib.Identifier;
import org.apache.isis.core.commons.authentication.AuthenticationSession;
import org.apache.isis.core.commons.config.IsisConfiguration;
import org.apache.isis.core.runtime.authentication.AuthenticationRequest;
import org.apache.isis.core.runtime.authentication.AuthenticationRequestPassword;
import org.apache.isis.core.unittestsupport.jmocking.JUnitRuleMockery2;
import org.apache.isis.core.unittestsupport.jmocking.JUnitRuleMockery2.Mode;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.jmock.auto.Mock;
import org.junit.After;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;

public class ShiroAuthenticatorOrAuthorizorTest_authenticate {

    @Rule
    public JUnitRuleMockery2 context = JUnitRuleMockery2.createFor(Mode.INTERFACES_AND_CLASSES);

    @Mock
    private IsisConfiguration mockConfiguration;

    private ShiroAuthenticatorOrAuthorizor authOrAuth;

    @Before
    public void setUp() throws Exception {
        authOrAuth = new ShiroAuthenticatorOrAuthorizor(mockConfiguration);
        authOrAuth.init();
    }

    @After
    public void tearDown() throws Exception {
        Subject subject = SecurityUtils.getSubject();
        if(subject != null) {
            subject.logout();
        }
        SecurityUtils.setSecurityManager(null);
    }

    @Test
    public void cannotAuthenticateIfShiroEnvironmentNotInitialized() throws Exception {

        assertThat(authOrAuth.canAuthenticate(AuthenticationRequestPassword.class), is(false));
        assertThat(authOrAuth.authenticate(new AuthenticationRequestPassword("dummy", "dummy"), "unused"), is(nullValue()));
    }

    @Test
    public void happyCase() throws Exception {

        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);

       
        assertThat(authOrAuth.canAuthenticate(AuthenticationRequestPassword.class), is(true));

        AuthenticationRequest ar = new AuthenticationRequestPassword("lonestarr", "vespa");
        AuthenticationSession isisAuthSession = authOrAuth.authenticate(ar, null);

        assertThat(isisAuthSession, is(not(nullValue())));
        assertThat(isisAuthSession.getUserName(), is("lonestarr"));
        assertThat(isisAuthSession.getValidationCode(), is(nullValue()));

        Identifier changeAddressIdentifier = Identifier.actionIdentifier("com.mycompany.myapp.Customer", "changeAddress", String.class, String.class);
        assertThat(authOrAuth.isVisibleInAnyRole(changeAddressIdentifier), is(true));

        Identifier changeEmailIdentifier = Identifier.actionIdentifier("com.mycompany.myapp.Customer", "changeEmail", String.class);
        assertThat(authOrAuth.isVisibleInAnyRole(changeEmailIdentifier), is(true));

        Identifier submitOrderIdentifier = Identifier.actionIdentifier("com.mycompany.myapp.Order", "submit");
        assertThat(authOrAuth.isVisibleInAnyRole(submitOrderIdentifier), is(true));

        Identifier cancelOrderIdentifier = Identifier.actionIdentifier("com.mycompany.myapp.Order", "cancel");
        assertThat(authOrAuth.isVisibleInAnyRole(cancelOrderIdentifier), is(false));
    }


}
TOP

Related Classes of org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizorTest_authenticate

  • org.apache.isis.applib.Identifier
  • org.apache.isis.core.commons.authentication.AuthenticationSession
  • org.apache.isis.core.runtime.authentication.AuthenticationRequest
  • org.apache.isis.core.runtime.authentication.AuthenticationRequestPassword
  • org.apache.shiro.config.IniSecurityManagerFactory
  • org.apache.shiro.mgt.SecurityManager
  • org.apache.shiro.subject.Subject
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.