def testAuthenticationProcessingFilterWithBadPassword(self): def start_response(): pass def application(environ, start_response): return ["Success"] environ = {} environ["PATH_INFO"] = "/index.html" inMemoryUserDetailsService = InMemoryUserDetailsService() inMemoryUserDetailsService.user_dict = {"user1": ("good_password", ["role1", "blue"], True)} inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider() inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService inMemoryDaoAuthenticationManager = AuthenticationManager([inMemoryDaoAuthenticationProvider]) authenticationFilter = AuthenticationProcessingFilter() authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager authenticationFilter.alwaysReauthenticate = False token = UsernamePasswordAuthenticationToken("user1", "bad_password", None) self.assertFalse(token.isAuthenticated()) SecurityContextHolder.setContext(SecurityContext()) SecurityContextHolder.getContext().authentication = token filterChainProxy = FilterChainProxy() filterChainProxy.filterInvocationDefinitionSource = [("/.*", [authenticationFilter])] filterChainProxy.application = application self.assertRaises(BadCredentialsException, filterChainProxy, environ, start_response) self.assertFalse(SecurityContextHolder.getContext().authentication.isAuthenticated())
def testProgrammaticSetupForAffirmativeBased(self): inMemoryUserDetailsService = InMemoryUserDetailsService() inMemoryUserDetailsService.user_dict["blueuser"] = ("password1", ["LABEL_BLUE" ], False) inMemoryUserDetailsService.user_dict["superuser"] = ("password2", ["LABEL_SHARED" ], False), inMemoryUserDetailsService.user_dict["orangeuser"] = ("password3", ["LABEL_ORANGE" ], False), inMemoryUserDetailsService.user_dict["multiuser"] = ("password4", [ "LABEL_BLUE", "LABEL_ORANGE" ], False) inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider() inMemoryDaoAuthenticationProvider.userDetailsService = inMemoryUserDetailsService authenticationProvider = AuthenticationManager( [inMemoryDaoAuthenticationProvider]) auth_manager = AuthenticationManager() auth_manager.authenticationProviderList = [authenticationProvider] labelBasedAclVoter = LabelBasedAclVoter() labelBasedAclVoter.label_dict["LABEL_BLUE"] = ["blue", "blue-orange"] labelBasedAclVoter.label_dict["LABEL_ORANGE"] = [ "orange", "blue-orange" ] labelBasedAclVoter.label_dict["LABEL_SHARED"] = [ "blue", "orange", "blue-orange" ] labelBasedAclVoter.attr_indicating_labeled_op = "LABELED_OPERATION" labelBasedAclVoter.access_decision_mgr = AffirmativeBased(access_decision_voters = [labelBasedAclVoter], \ allow_if_all_abstain = False)
def shaAuthenticationProvider(self): """This authentication provider takes a user details service and links it with a password encoder, to hash passwords before comparing with the user details service.""" provider = DaoAuthenticationProvider() provider.user_details_service = self.shaUserDetailsService() provider.password_encoder = self.shaEncoder() return provider
def testAuthenticationProcessingFilterWithGoodPassword(self): def start_response(): pass def application(environ, start_response): return ["Success"] environ = {} environ["PATH_INFO"] = "/index.html" inMemoryUserDetailsService = InMemoryUserDetailsService() inMemoryUserDetailsService.user_dict = { "user1": ("good_password", ["role1", "blue"], True) } inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider() inMemoryDaoAuthenticationProvider.user_details_service = inMemoryUserDetailsService inMemoryDaoAuthenticationManager = AuthenticationManager( [inMemoryDaoAuthenticationProvider]) authenticationFilter = AuthenticationProcessingFilter() authenticationFilter.auth_manager = inMemoryDaoAuthenticationManager authenticationFilter.alwaysReauthenticate = False token = UsernamePasswordAuthenticationToken("user1", "good_password", None) self.assertFalse(token.isAuthenticated()) SecurityContextHolder.setContext(SecurityContext()) SecurityContextHolder.getContext().authentication = token filterChainProxy = FilterChainProxy() filterChainProxy.filterInvocationDefinitionSource = [ ("/.*", [authenticationFilter]) ] filterChainProxy.application = application self.assertEquals(["Success"], filterChainProxy(environ, start_response)) self.assertTrue(SecurityContextHolder.getContext().authentication. isAuthenticated()) self.assertEquals(["Success"], filterChainProxy(environ, start_response)) self.assertTrue(SecurityContextHolder.getContext().authentication. isAuthenticated())
def testProgrammaticSetupForConsensusBased(self): inMemoryUserDetailsService = InMemoryUserDetailsService() inMemoryUserDetailsService.user_dict["blueuser"] = ("password1", ["LABEL_BLUE"], False) inMemoryUserDetailsService.user_dict["superuser"] = ("password2", ["LABEL_SHARED"], False), inMemoryUserDetailsService.user_dict["orangeuser"] = ("password3", ["LABEL_ORANGE"], False), inMemoryUserDetailsService.user_dict["multiuser"] = ("password4", ["LABEL_BLUE", "LABEL_ORANGE"], False) inMemoryDaoAuthenticationProvider = DaoAuthenticationProvider() inMemoryDaoAuthenticationProvider.userDetailsService = inMemoryUserDetailsService authenticationProvider = AuthenticationManager([inMemoryDaoAuthenticationProvider]) auth_manager = AuthenticationManager() auth_manager.authenticationProviderList = [authenticationProvider] labelBasedAclVoter = LabelBasedAclVoter() labelBasedAclVoter.label_dict["LABEL_BLUE"] = ["blue", "blue-orange"] labelBasedAclVoter.label_dict["LABEL_ORANGE"] = ["orange", "blue-orange"] labelBasedAclVoter.label_dict["LABEL_SHARED"] = ["blue", "orange", "blue-orange"] labelBasedAclVoter.attr_indicating_labeled_op = "LABELED_OPERATION" labelBasedAclVoter.access_decision_mgr = ConsensusBased(access_decision_voters = [labelBasedAclVoter], \ allow_if_all_abstain = False)
def shaAuthenticationProvider(self): provider = DaoAuthenticationProvider() provider.user_details_service = self.shaUserDetailsService() provider.password_encoder = self.shaEncoder() return provider