def handle(self, event): request = event.get('request') # check the current token token = self.security_context.token if token and token.authenticated and token.username == request.authorization.username: self.logger.info("BasicAuthenticationListener - token is valid") return if not request.authorization: self.logger.info("BasicAuthenticationListener - no authorization headers, sending default one") self.security_context.token = None event.set('response', self.entry_point.start(request)) return # no token, create a new one and check credential try: token = UsernamePasswordToken(self.provider_key, request.authorization.username) token.credentials = request.authorization.password token = self.authentication_manager.authenticate(token) self.security_context.token = token if self.logger: self.logger.info("BasicAuthenticationListener - AuthenticationException OK") except AuthenticationException, e: self.security_context.token = None event.set('response', self.entry_point.start(request)) if self.logger: self.logger.info("BasicAuthenticationListener - AuthenticationException occurs : %s" % e)
def test_authenticate(self): provider = InMemoryProvider([{"username": "******", "password": "******", "roles": ["ADMIN"]}, {"username": "******"}]) auth_provider = DaoAuthenticationProvider(provider, "admin") t = UsernamePasswordToken("admin", "foo") t.credentials = "bar" token = auth_provider.authenticate(t) self.assertEquals(["ADMIN"], token.roles)
def test_authenticate(self): auth_provider = DaoAuthenticationProvider(InMemoryProvider(), "admin") auth_manager = AuthenticationProviderManager(Dispatcher(), [auth_provider]) t = UsernamePasswordToken("admin", "foo") t.credentials = "bar" with self.assertRaises(UsernameNotFoundException): auth_manager.authenticate(t)
def test_authenticate_exception(self): provider = InMemoryProvider([{"username": "******", "password": "******", "roles": ["ADMIN"]}, {"username": "******"}]) auth_provider = DaoAuthenticationProvider(provider, "admin") with self.assertRaises(UsernameNotFoundException): auth_provider.authenticate(UsernamePasswordToken("admin", "anno.")) with self.assertRaises(BadCredentialsException): t = UsernamePasswordToken("admin", "foo") t.credentials = "fake password" auth_provider.authenticate(t)
def test_authenticate(self): provider = InMemoryProvider([ {'username': '******', 'password': '******', 'roles': ['ADMIN']}, {'username': '******'} ]) auth_provider = DaoAuthenticationProvider(provider, 'admin') t = UsernamePasswordToken('admin', 'foo') t.credentials = 'bar' token = auth_provider.authenticate(t) self.assertEquals(['ADMIN'], token.roles)
def test_authenticate_exception(self): provider = InMemoryProvider([ {'username': '******', 'password': '******', 'roles': ['ADMIN']}, {'username': '******'} ]) auth_provider = DaoAuthenticationProvider(provider, 'admin') with self.assertRaises(UsernameNotFoundException): auth_provider.authenticate(UsernamePasswordToken('admin', 'anno.')) with self.assertRaises(BadCredentialsException): t = UsernamePasswordToken('admin', 'foo') t.credentials = 'fake password' auth_provider.authenticate(t)
def authenticate(self, token): if not self.supports(token): return try: user = self.user_provider.loadUserByUsername(token.username) if user.password != token.credentials: raise BadCredentialsException('Invalid credentials, check login or password') token = UsernamePasswordToken(token.key, user, roles=user.roles) token.authenticated = True return token except UsernameNotFoundException, e: raise e