def testAuthenticationProcessingFilterWithBadPassword(self):
def start_response():
pass
def application(environ, start_response):
return ["Success"]
environ = {}
environ["PATH_INFO"] = "/index.html"
inMemoryUserDetailsService = InMemoryUserDetailsService()
inMemoryUserDetailsService.user_dict = {"user1": ("good_password", ["role1", "blue"], True)}
inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider()
inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService
inMemoryDaoAuthenticationManager = AuthenticationManager([inMemoryDaoAuthenticationProvider])
authenticationFilter = AuthenticationProcessingFilter()
authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager
authenticationFilter.alwaysReauthenticate = False
token = UsernamePasswordAuthenticationToken("user1", "bad_password", None)
self.assertFalse(token.isAuthenticated())
SecurityContextHolder.setContext(SecurityContext())
SecurityContextHolder.getContext().authentication = token
filterChainProxy = FilterChainProxy()
filterChainProxy.filterInvocationDefinitionSource = [("/.*", [authenticationFilter])]
filterChainProxy.application = application
self.assertRaises(BadCredentialsException, filterChainProxy, environ, start_response)
self.assertFalse(SecurityContextHolder.getContext().authentication.isAuthenticated())
def testHttpSessionContextIntegrationFilter(self):
def start_response():
pass
def application(environ, start_response):
return ["Success"]
environ = {}
environ["PATH_INFO"] = "/index.html"
sessionStrategy = StubSessionStrategy()
httpSessionContextIntegrationFilter = HttpSessionContextIntegrationFilter(
sessionStrategy)
# HttpSessionContextIntegrationFilter expects another filter after it to alter the credentials.
stubAuthenticationFilter = StubAuthenticationFilter()
filterChainProxy = FilterChainProxy()
filterChainProxy.filterInvocationDefinitionSource = [
("/.*",
[httpSessionContextIntegrationFilter, stubAuthenticationFilter])
]
filterChainProxy.application = application
self.assertEquals(["Success"],
filterChainProxy(environ, start_response))
self.assertEquals(["Success"],
filterChainProxy(environ, start_response))
httpSession = sessionStrategy.getHttpSession(environ)
httpSession[httpSessionContextIntegrationFilter.
SPRINGPYTHON_SECURITY_CONTEXT_KEY] = pickle.dumps(
"Bad credentials")
self.assertEquals(["Success"],
filterChainProxy(environ, start_response))
def testFilterChainProxyWithMixedURLs(self):
"""
This test goes through the FilterChainProxy, and proves that it takes differing routes through filters
based on URL pattern matching.
"""
class PassthroughFilter1(Filter):
"""This filter inserts a simple value to prove it was used."""
def __call__(self, environ, start_response):
environ["PASSTHROUGH_FILTER1"] = True
return self.doNextFilter(environ, start_response)
class PassthroughFilter2(Filter):
"""This filter inserts a simple value to prove it was used."""
def __call__(self, environ, start_response):
environ["PASSTHROUGH_FILTER2"] = True
return self.doNextFilter(environ, start_response)
def start_response():
pass
def application(environ, start_response):
return ["Success"]
filterChainProxy = FilterChainProxy()
filterChainProxy.filterInvocationDefinitionSource = [("/.*html", [PassthroughFilter1()]), ("/.*jsp", [PassthroughFilter2()])]
filterChainProxy.application = application
environ = {}
environ["PATH_INFO"] = "/index.html"
filterChainProxy(environ, start_response)
self.assertTrue("PASSTHROUGH_FILTER1" in environ)
self.assertTrue("PASSTHROUGH_FILTER2" not in environ)
environ = {}
environ["PATH_INFO"] = "/index.jsp"
filterChainProxy(environ, start_response)
self.assertTrue("PASSTHROUGH_FILTER1" not in environ)
self.assertTrue("PASSTHROUGH_FILTER2" in environ)
filterChainProxy2 = FilterChainProxy(filterInvocationDefinitionSource=[("/.*html", [PassthroughFilter1()]), ("/.*jsp", [PassthroughFilter2()])])
filterChainProxy2.application = application
environ = {}
environ["PATH_INFO"] = "/index.html"
filterChainProxy2(environ, start_response)
self.assertTrue("PASSTHROUGH_FILTER1" in environ)
self.assertTrue("PASSTHROUGH_FILTER2" not in environ)
environ = {}
environ["PATH_INFO"] = "/index.jsp"
filterChainProxy2(environ, start_response)
self.assertTrue("PASSTHROUGH_FILTER1" not in environ)
self.assertTrue("PASSTHROUGH_FILTER2" in environ)
def testAuthenticationProcessingFilterWithGoodPassword(self):
def start_response():
pass
def application(environ, start_response):
return ["Success"]
environ = {}
environ["PATH_INFO"] = "/index.html"
inMemoryUserDetailsService = InMemoryUserDetailsService()
inMemoryUserDetailsService.user_dict = {
"user1": ("good_password", ["role1", "blue"], True)
}
inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider()
inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService
inMemoryDaoAuthenticationManager = AuthenticationManager(
[inMemoryDaoAuthenticationProvider])
authenticationFilter = AuthenticationProcessingFilter()
authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager
authenticationFilter.alwaysReauthenticate = False
token = UsernamePasswordAuthenticationToken("user1", "good_password",
None)
self.assertFalse(token.isAuthenticated())
SecurityContextHolder.setContext(SecurityContext())
SecurityContextHolder.getContext().authentication = token
filterChainProxy = FilterChainProxy()
filterChainProxy.filterInvocationDefinitionSource = [
("/.*", [authenticationFilter])
]
filterChainProxy.application = application
self.assertEquals(["Success"],
filterChainProxy(environ, start_response))
self.assertTrue(SecurityContextHolder.getContext().authentication.
isAuthenticated())
self.assertEquals(["Success"],
filterChainProxy(environ, start_response))
self.assertTrue(SecurityContextHolder.getContext().authentication.
isAuthenticated())
def testFilterChainProxyWithMixedURLs(self):
"""
This test goes through the FilterChainProxy, and proves that it takes differing routes through filters
based on URL pattern matching.
"""
class PassthroughFilter1(Filter):
"""This filter inserts a simple value to prove it was used."""
def __call__(self, environ, start_response):
environ["PASSTHROUGH_FILTER1"] = True
return self.doNextFilter(environ, start_response)
class PassthroughFilter2(Filter):
"""This filter inserts a simple value to prove it was used."""
def __call__(self, environ, start_response):
environ["PASSTHROUGH_FILTER2"] = True
return self.doNextFilter(environ, start_response)
def start_response():
pass
def application(environ, start_response):
return ["Success"]
filterChainProxy = FilterChainProxy()
filterChainProxy.filterInvocationDefinitionSource = [
("/.*html", [PassthroughFilter1()]),
("/.*jsp", [PassthroughFilter2()])
]
filterChainProxy.application = application
environ = {}
environ["PATH_INFO"] = "/index.html"
filterChainProxy(environ, start_response)
self.assertTrue("PASSTHROUGH_FILTER1" in environ)
self.assertTrue("PASSTHROUGH_FILTER2" not in environ)
environ = {}
environ["PATH_INFO"] = "/index.jsp"
filterChainProxy(environ, start_response)
self.assertTrue("PASSTHROUGH_FILTER1" not in environ)
self.assertTrue("PASSTHROUGH_FILTER2" in environ)
filterChainProxy2 = FilterChainProxy(
filterInvocationDefinitionSource=[(
"/.*html",
[PassthroughFilter1()]), ("/.*jsp", [PassthroughFilter2()])])
filterChainProxy2.application = application
environ = {}
environ["PATH_INFO"] = "/index.html"
filterChainProxy2(environ, start_response)
self.assertTrue("PASSTHROUGH_FILTER1" in environ)
self.assertTrue("PASSTHROUGH_FILTER2" not in environ)
environ = {}
environ["PATH_INFO"] = "/index.jsp"
filterChainProxy2(environ, start_response)
self.assertTrue("PASSTHROUGH_FILTER1" not in environ)
self.assertTrue("PASSTHROUGH_FILTER2" in environ)
def __call__(self, environ=None, start_response=None):
if cherrypy.request.handler is None:
return False
def cherrypy_handler(*args, **kwargs):
return cherrypy.request.handler(*args, **kwargs)
def func(args):
return args[0]()
self.application = (func, (cherrypy_handler,))
cherrypy.response.body = FilterChainProxy.__call__(self, cherrypy.request.wsgi_environ, None)
return True
def testHttpSessionContextIntegrationFilter(self):
def start_response():
pass
def application(environ, start_response):
return ["Success"]
environ = {}
environ["PATH_INFO"] = "/index.html"
sessionStrategy = StubSessionStrategy()
httpSessionContextIntegrationFilter = HttpSessionContextIntegrationFilter(sessionStrategy)
# HttpSessionContextIntegrationFilter expects another filter after it to alter the credentials.
stubAuthenticationFilter = StubAuthenticationFilter()
filterChainProxy = FilterChainProxy()
filterChainProxy.filterInvocationDefinitionSource = [("/.*", [httpSessionContextIntegrationFilter, stubAuthenticationFilter])]
filterChainProxy.application = application
self.assertEquals(["Success"], filterChainProxy(environ, start_response))
self.assertEquals(["Success"], filterChainProxy(environ, start_response))
httpSession = sessionStrategy.getHttpSession(environ)
httpSession[httpSessionContextIntegrationFilter.SPRINGPYTHON_SECURITY_CONTEXT_KEY] = pickle.dumps("Bad credentials")
self.assertEquals(["Success"], filterChainProxy(environ, start_response))
def __call__(self, environ=None, start_response=None):
innerfunc = cherrypy.request.handler
def mini_app(*args, **kwargs):
def cherrypy_wrapper(nexthandler, *args, **kwargs):
results = nexthandler(*args, **kwargs)
self.logger.debug("Results = %s" % results)
return results
return cherrypy_wrapper(innerfunc, *args, **kwargs)
self.application = (self.invoke, (mini_app,))
# Store the final results...
cherrypy.response.body = FilterChainProxy.__call__(self, cherrypy.request.wsgi_environ, None)
#...and then signal there is no more handling for CherryPy to do.
return True
def __call__(self, environ=None, start_response=None):
innerfunc = cherrypy.request.handler
def mini_app(*args, **kwargs):
def cherrypy_wrapper(nexthandler, *args, **kwargs):
results = nexthandler(*args, **kwargs)
self.logger.debug("Results = %s" % results)
return results
return cherrypy_wrapper(innerfunc, *args, **kwargs)
self.application = (self.invoke, (mini_app,))
# Store the final results...
cherrypy.response.body = FilterChainProxy.__call__(self, cherrypy.request.wsgi_environ, None)
#...and then signal there is no more handling for CherryPy to do.
return True
def __init__(self, filterInvocationDefinitionSource=None):
FilterChainProxy.__init__(self, filterInvocationDefinitionSource)
self.logger = logging.getLogger("springpython.security.cherrypy3.CP3FilterChainProxy")
cherrypy.tools.filterChainProxy = cherrypy._cptools.HandlerTool(self)
def __init__(self, filterInvocationDefinitionSource=None):
FilterChainProxy.__init__(self, filterInvocationDefinitionSource)
self.logger = logging.getLogger("springpython.security.cherrypy3.CP3FilterChainProxy")
cherrypy.tools.filterChainProxy = cherrypy._cptools.HandlerTool(self)
