def testAuthenticationProcessingFilterWithBadPassword(self):
def start_response():
pass
def application(environ, start_response):
return ["Success"]
environ = {}
environ["PATH_INFO"] = "/index.html"
inMemoryUserDetailsService = InMemoryUserDetailsService()
inMemoryUserDetailsService.user_dict = {"user1": ("good_password", ["role1", "blue"], True)}
inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider()
inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService
inMemoryDaoAuthenticationManager = AuthenticationManager([inMemoryDaoAuthenticationProvider])
authenticationFilter = AuthenticationProcessingFilter()
authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager
authenticationFilter.alwaysReauthenticate = False
token = UsernamePasswordAuthenticationToken("user1", "bad_password", None)
self.assertFalse(token.isAuthenticated())
SecurityContextHolder.setContext(SecurityContext())
SecurityContextHolder.getContext().authentication = token
filterChainProxy = FilterChainProxy()
filterChainProxy.filterInvocationDefinitionSource = [("/.*", [authenticationFilter])]
filterChainProxy.application = application
self.assertRaises(BadCredentialsException, filterChainProxy, environ, start_response)
self.assertFalse(SecurityContextHolder.getContext().authentication.isAuthenticated())
def testAuthenticationProcessingFilterWithGoodPassword(self):
def start_response():
pass
def application(environ, start_response):
return ["Success"]
environ = {}
environ["PATH_INFO"] = "/index.html"
inMemoryUserDetailsService = InMemoryUserDetailsService()
inMemoryUserDetailsService.user_dict = {
"user1": ("good_password", ["role1", "blue"], True)
}
inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider()
inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService
inMemoryDaoAuthenticationManager = AuthenticationManager(
[inMemoryDaoAuthenticationProvider])
authenticationFilter = AuthenticationProcessingFilter()
authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager
authenticationFilter.alwaysReauthenticate = False
token = UsernamePasswordAuthenticationToken("user1", "good_password",
None)
self.assertFalse(token.isAuthenticated())
SecurityContextHolder.setContext(SecurityContext())
SecurityContextHolder.getContext().authentication = token
filterChainProxy = FilterChainProxy()
filterChainProxy.filterInvocationDefinitionSource = [
("/.*", [authenticationFilter])
]
filterChainProxy.application = application
self.assertEquals(["Success"],
filterChainProxy(environ, start_response))
self.assertTrue(SecurityContextHolder.getContext().authentication.
isAuthenticated())
self.assertEquals(["Success"],
filterChainProxy(environ, start_response))
self.assertTrue(SecurityContextHolder.getContext().authentication.
isAuthenticated())
def testIteratingThroughASimpleFilterChain(self):
filterChain = FilterChain()
self.assertEquals(0, len(filterChain.chain))
httpSessionContextIntegrationFilter = HttpSessionContextIntegrationFilter(
)
exceptionTranslationFilter = ExceptionTranslationFilter()
authenticationProcessFilter = AuthenticationProcessingFilter()
filterSecurityInterceptor = FilterSecurityInterceptor()
filterChain.addFilter(httpSessionContextIntegrationFilter)
filterChain.addFilter(exceptionTranslationFilter)
filterChain.addFilter(authenticationProcessFilter)
filterChain.addFilter(filterSecurityInterceptor)
chain = filterChain.getFilterChain()
self.assertEquals(httpSessionContextIntegrationFilter, chain.next())
self.assertEquals(exceptionTranslationFilter, chain.next())
self.assertEquals(authenticationProcessFilter, chain.next())
self.assertEquals(filterSecurityInterceptor, chain.next())
self.assertRaises(StopIteration, chain.next)
def authenticationProcessingFilter(self):
filter = AuthenticationProcessingFilter()
filter.auth_manager = self.authenticationManager()
filter.alwaysReauthenticate = False
return filter
def authenticationProcessingFilter(self):
"""This defines the filter for confirming a user's identity."""
filter = AuthenticationProcessingFilter()
filter.auth_manager = self.authenticationManager()
filter.alwaysReauthenticate = False
return filter
def authenticationProcessingFilter(self):
"""This defines the filter for confirming a user's identity."""
filter = AuthenticationProcessingFilter()
filter.auth_manager = self.authenticationManager()
filter.alwaysReauthenticate = False
return filter
def authenticationProcessingFilter(self):
filter = AuthenticationProcessingFilter()
filter.auth_manager = self.authenticationManager()
filter.alwaysReauthenticate = False
return filter
