def testAuthenticationProcessingFilterWithBadPassword(self): def start_response(): pass def application(environ, start_response): return ["Success"] environ = {} environ["PATH_INFO"] = "/index.html" inMemoryUserDetailsService = InMemoryUserDetailsService() inMemoryUserDetailsService.user_dict = {"user1": ("good_password", ["role1", "blue"], True)} inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider() inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService inMemoryDaoAuthenticationManager = AuthenticationManager([inMemoryDaoAuthenticationProvider]) authenticationFilter = AuthenticationProcessingFilter() authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager authenticationFilter.alwaysReauthenticate = False token = UsernamePasswordAuthenticationToken("user1", "bad_password", None) self.assertFalse(token.isAuthenticated()) SecurityContextHolder.setContext(SecurityContext()) SecurityContextHolder.getContext().authentication = token filterChainProxy = FilterChainProxy() filterChainProxy.filterInvocationDefinitionSource = [("/.*", [authenticationFilter])] filterChainProxy.application = application self.assertRaises(BadCredentialsException, filterChainProxy, environ, start_response) self.assertFalse(SecurityContextHolder.getContext().authentication.isAuthenticated())
def testAuthenticationProcessingFilterWithGoodPassword(self): def start_response(): pass def application(environ, start_response): return ["Success"] environ = {} environ["PATH_INFO"] = "/index.html" inMemoryUserDetailsService = InMemoryUserDetailsService() inMemoryUserDetailsService.user_dict = { "user1": ("good_password", ["role1", "blue"], True) } inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider() inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService inMemoryDaoAuthenticationManager = AuthenticationManager( [inMemoryDaoAuthenticationProvider]) authenticationFilter = AuthenticationProcessingFilter() authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager authenticationFilter.alwaysReauthenticate = False token = UsernamePasswordAuthenticationToken("user1", "good_password", None) self.assertFalse(token.isAuthenticated()) SecurityContextHolder.setContext(SecurityContext()) SecurityContextHolder.getContext().authentication = token filterChainProxy = FilterChainProxy() filterChainProxy.filterInvocationDefinitionSource = [ ("/.*", [authenticationFilter]) ] filterChainProxy.application = application self.assertEquals(["Success"], filterChainProxy(environ, start_response)) self.assertTrue(SecurityContextHolder.getContext().authentication. isAuthenticated()) self.assertEquals(["Success"], filterChainProxy(environ, start_response)) self.assertTrue(SecurityContextHolder.getContext().authentication. isAuthenticated())
def testProgrammaticSetupForConsensusBased(self): inMemoryUserDetailsService = InMemoryUserDetailsService() inMemoryUserDetailsService.user_dict["blueuser"] = ("password1", ["LABEL_BLUE"], False) inMemoryUserDetailsService.user_dict["superuser"] = ("password2", ["LABEL_SHARED"], False), inMemoryUserDetailsService.user_dict["orangeuser"] = ("password3", ["LABEL_ORANGE"], False), inMemoryUserDetailsService.user_dict["multiuser"] = ("password4", ["LABEL_BLUE", "LABEL_ORANGE"], False) inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider() inMemoryDaoAuthenticationProvider.userDetailsService = inMemoryUserDetailsService authenticationProvider = AuthenticationManager([inMemoryDaoAuthenticationProvider]) auth_manager = AuthenticationManager() auth_manager.authenticationProviderList = [authenticationProvider] labelBasedAclVoter = LabelBasedAclVoter() labelBasedAclVoter.label_dict["LABEL_BLUE"] = ["blue", "blue-orange"] labelBasedAclVoter.label_dict["LABEL_ORANGE"] = ["orange", "blue-orange"] labelBasedAclVoter.label_dict["LABEL_SHARED"] = ["blue", "orange", "blue-orange"] labelBasedAclVoter.attr_indicating_labeled_op = "LABELED_OPERATION" labelBasedAclVoter.access_decision_mgr = ConsensusBased(access_decision_voters = [labelBasedAclVoter], \ allow_if_all_abstain = False)
def testProgrammaticSetupForAffirmativeBased(self): inMemoryUserDetailsService = InMemoryUserDetailsService() inMemoryUserDetailsService.user_dict["blueuser"] = ("password1", ["LABEL_BLUE" ], False) inMemoryUserDetailsService.user_dict["superuser"] = ("password2", ["LABEL_SHARED" ], False), inMemoryUserDetailsService.user_dict["orangeuser"] = ("password3", ["LABEL_ORANGE" ], False), inMemoryUserDetailsService.user_dict["multiuser"] = ("password4", [ "LABEL_BLUE", "LABEL_ORANGE" ], False) inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider() inMemoryDaoAuthenticationProvider.userDetailsService = inMemoryUserDetailsService authenticationProvider = AuthenticationManager( [inMemoryDaoAuthenticationProvider]) auth_manager = AuthenticationManager() auth_manager.authenticationProviderList = [authenticationProvider] labelBasedAclVoter = LabelBasedAclVoter() labelBasedAclVoter.label_dict["LABEL_BLUE"] = ["blue", "blue-orange"] labelBasedAclVoter.label_dict["LABEL_ORANGE"] = [ "orange", "blue-orange" ] labelBasedAclVoter.label_dict["LABEL_SHARED"] = [ "blue", "orange", "blue-orange" ] labelBasedAclVoter.attr_indicating_labeled_op = "LABELED_OPERATION" labelBasedAclVoter.access_decision_mgr = AffirmativeBased(access_decision_voters = [labelBasedAclVoter], \ allow_if_all_abstain = False)
def userDetailsService3(self): userDetailsService = InMemoryUserDetailsService() userDetailsService.user_dict = { "jcoleman": ("password5", ["CUSTOMER_ANY"], True) } return userDetailsService
def userDetailsService2(self): userDetailsService = InMemoryUserDetailsService() userDetailsService.user_dict = { "jcarter": ("password6", ["VET_ANY"], True) } return userDetailsService
def userDetailsService(self): """This user details service uses a pre-built, in-memory for demonstration purposes only. Do NOT use in a production system!!!""" userDetailsService = InMemoryUserDetailsService() userDetailsService.user_dict = {"alice": ("password1", ["ROLE_ANY"], True), "bob": ("password2", ["ROLE_ANY"], True)} return userDetailsService
def userDetailsService(self): """This user details service uses a pre-built, in-memory for demonstration purposes only. Do NOT use in a production system!!!""" userDetailsService = InMemoryUserDetailsService() userDetailsService.user_dict = {"jcoleman": ("password5", ["ROLE_ANY"], True)} return userDetailsService
def userDetailsService3(self): userDetailsService = InMemoryUserDetailsService() userDetailsService.user_dict = {"jcoleman": ("password5", ["CUSTOMER_ANY"], True)} return userDetailsService
def userDetailsService2(self): userDetailsService = InMemoryUserDetailsService() userDetailsService.user_dict = {"jcarter": ("password6", ["VET_ANY"], True)} return userDetailsService