Ejemplo n.º 1
0
    def testAuthenticationProcessingFilterWithBadPassword(self):
        def start_response():
            pass
        def application(environ, start_response):
            return ["Success"]

        environ = {}
        environ["PATH_INFO"] = "/index.html"
        
        inMemoryUserDetailsService = InMemoryUserDetailsService()
        inMemoryUserDetailsService.user_dict = {"user1": ("good_password", ["role1", "blue"], True)}
        inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider()
        inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService
        inMemoryDaoAuthenticationManager = AuthenticationManager([inMemoryDaoAuthenticationProvider])

        authenticationFilter = AuthenticationProcessingFilter()
        authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager
        authenticationFilter.alwaysReauthenticate = False
        
        token = UsernamePasswordAuthenticationToken("user1", "bad_password", None)
        self.assertFalse(token.isAuthenticated())
        
        SecurityContextHolder.setContext(SecurityContext())
        SecurityContextHolder.getContext().authentication = token
        
        filterChainProxy = FilterChainProxy()
        filterChainProxy.filterInvocationDefinitionSource = [("/.*", [authenticationFilter])]
        filterChainProxy.application = application
        self.assertRaises(BadCredentialsException, filterChainProxy, environ, start_response)
        self.assertFalse(SecurityContextHolder.getContext().authentication.isAuthenticated())
Ejemplo n.º 2
0
    def testAuthenticationProcessingFilterWithGoodPassword(self):
        def start_response():
            pass

        def application(environ, start_response):
            return ["Success"]

        environ = {}
        environ["PATH_INFO"] = "/index.html"

        inMemoryUserDetailsService = InMemoryUserDetailsService()
        inMemoryUserDetailsService.user_dict = {
            "user1": ("good_password", ["role1", "blue"], True)
        }
        inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider()
        inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService
        inMemoryDaoAuthenticationManager = AuthenticationManager(
            [inMemoryDaoAuthenticationProvider])

        authenticationFilter = AuthenticationProcessingFilter()
        authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager
        authenticationFilter.alwaysReauthenticate = False

        token = UsernamePasswordAuthenticationToken("user1", "good_password",
                                                    None)
        self.assertFalse(token.isAuthenticated())

        SecurityContextHolder.setContext(SecurityContext())
        SecurityContextHolder.getContext().authentication = token

        filterChainProxy = FilterChainProxy()
        filterChainProxy.filterInvocationDefinitionSource = [
            ("/.*", [authenticationFilter])
        ]
        filterChainProxy.application = application

        self.assertEquals(["Success"],
                          filterChainProxy(environ, start_response))
        self.assertTrue(SecurityContextHolder.getContext().authentication.
                        isAuthenticated())

        self.assertEquals(["Success"],
                          filterChainProxy(environ, start_response))
        self.assertTrue(SecurityContextHolder.getContext().authentication.
                        isAuthenticated())
Ejemplo n.º 3
0
 def authenticationProcessingFilter(self):
     filter = AuthenticationProcessingFilter()
     filter.auth_manager = self.authenticationManager()
     filter.alwaysReauthenticate = False
     return filter
Ejemplo n.º 4
0
 def authenticationProcessingFilter(self):
     """This defines the filter for confirming a user's identity."""
     filter = AuthenticationProcessingFilter()
     filter.auth_manager = self.authenticationManager()
     filter.alwaysReauthenticate = False
     return filter
Ejemplo n.º 5
0
 def authenticationProcessingFilter(self):
     """This defines the filter for confirming a user's identity."""
     filter = AuthenticationProcessingFilter()
     filter.auth_manager = self.authenticationManager()
     filter.alwaysReauthenticate = False
     return filter
Ejemplo n.º 6
0
 def authenticationProcessingFilter(self):
     filter = AuthenticationProcessingFilter()
     filter.auth_manager = self.authenticationManager()
     filter.alwaysReauthenticate = False
     return filter