Examples of GeoServerRole

Examples of org.geoserver.security.impl.GeoServerRole

149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
        assertEquals(0, roleService.getRolesForGroup("g_wfs").size());
        assertEquals(1, roleService.getRolesForGroup("g_all").size());
        assertTrue(roleService.getRolesForGroup("g_all").contains(role_wms));
    }
    protected void checkValuesModified(GeoServerRoleService roleService) throws IOException {
        GeoServerRole role_auth = roleService.getRoleByName("ROLE_AUTHENTICATED");
        GeoServerRole role_wms = roleService.getRoleByName("ROLE_WMS");
        GeoServerRole role_wfs = roleService.getRoleByName("ROLE_WFS");
       
        assertEquals(1,role_auth.getProperties().size());
        assertEquals("4711", role_auth.getProperties().get("employee"));
        assertEquals(1,role_wms.getProperties().size());
        assertEquals("10 10 20 20", role_wms.getProperties().get("envelope"));
        assertEquals(0,role_wfs.getProperties().size());
       
        for (GeoServerRole role : roleService.getRoles()) {
            if ("ROLE_AUTHENTICATED".equals(role.getAuthority())) {
                assertEquals(1,role.getProperties().size());
                assertEquals("4711", role.getProperties().get("employee"));               
            }
            else if ("ROLE_WMS".equals(role.getAuthority())) {
                assertEquals(1,role.getProperties().size());
                assertEquals("10 10 20 20", role.getProperties().get("envelope"));
            } else {
                assertEquals(0,role.getProperties().size());
            }
               
        }
        assertEquals(1,roleService.getGroupNamesForRole(role_wfs).size());
        assertTrue(roleService.getGroupNamesForRole(role_wfs).contains("g_wfs"));
        assertEquals(0,roleService.getUserNamesForRole(role_wfs).size());
       
        assertEquals(1,roleService.getRolesForGroup("g_all").size());
        assertTrue(roleService.getRolesForGroup("g_all").contains(role_wms));
        GeoServerRole role = roleService.getRolesForGroup("g_all").iterator().next();
        assertEquals(1,role.getProperties().size());
        assertEquals("10 10 20 20", role.getProperties().get("envelope"));
       
        assertEquals(1,roleService.getRolesForUser("user1").size());
        assertTrue(roleService.getRolesForUser("user1").contains(role_wms));
        role = roleService.getRolesForUser("user1").iterator().next();
        assertEquals(1,role.getProperties().size());
        assertEquals("10 10 20 20", role.getProperties().get("envelope"));
       
        assertNull(roleService.getParentRole(role_wms));
        assertEquals(role_wms,roleService.getParentRole(role_wfs));
    }
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
        assertNull(roleService.getParentRole(role_wms));
        assertEquals(role_wms,roleService.getParentRole(role_wfs));
    }
    protected void checkValuesInserted(GeoServerRoleService roleService) throws IOException {
   
        GeoServerRole role_auth = roleService.getRoleByName("ROLE_AUTHENTICATED");
        GeoServerRole role_wfs = roleService.getRoleByName("ROLE_WFS");
        GeoServerRole role_wms = roleService.getRoleByName("ROLE_WMS");
        GeoServerRole role_admin = roleService.getRoleByName(
                GeoServerRole.ADMIN_ROLE.getAuthority());
   
       
        assertEquals(4, roleService.getRoles().size());
        assertEquals(4, roleService.getRoleCount());
        assertTrue(roleService.getRoles().contains(role_admin));
        assertTrue(roleService.getRoles().contains(role_auth));
        assertTrue(roleService.getRoles().contains(role_wfs));
        assertTrue(roleService.getRoles().contains(role_wms));
               
       
        assertNull (roleService.getRoleByName("xxx"));
       
        for (GeoServerRole role : roleService.getRoles() ) {
            if (role_auth.getAuthority().equals(role.getAuthority())) {
                assertEquals(2,role.getProperties().size());
                assertEquals(role.getProperties().getProperty("employee"),"");
                assertEquals(role.getProperties().getProperty("bbox"),"lookupAtRuntime");
            } else {
                assertEquals(0,role.getProperties().size());
            }
           
        }
       
       
        assertEquals(0,role_admin.getProperties().size());
        assertEquals(0,role_wfs.getProperties().size());
        assertEquals(0,role_wms.getProperties().size());
       
        assertEquals(2,role_auth.getProperties().size());
        assertEquals(role_auth.getProperties().getProperty("employee"),"");
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
        Authentication auth = getAuth(testFilterName, testUserName,null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // check wrong password
//        request= createRequest("/foo/bar");
//        response= new MockHttpServletResponse();
//        chain = new MockFilterChain();
//
//        request.addHeader("Authorization",  "Basic " +
//                new String(Base64.encodeBytes((testUserName+":wrongpass").getBytes())));
//        getProxy().doFilter(request, response, chain);
//        tmp = response.getHeader("WWW-Authenticate");
//        assertNotNull(tmp);
//        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
//        assert(tmp.indexOf("Basic") !=-1 );
//        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
//        assertNull(SecurityContextHolder.getContext().getAuthentication());
//        auth = getAuth(testFilterName, testUserName,null,null);
//        assertNull(auth);

       
        // check unknown user
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();

        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes(("unknwon:"+testPassword).getBytes())));
        getProxy().doFilter(request, response, chain);
        tmp = response.getHeader("WWW-Authenticate");
        assertNotNull(tmp);
        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
        assert(tmp.indexOf("Basic") !=-1 );
        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
        auth = getAuth("unknow", testPassword,null,null);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());

        // check root user
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       
       
        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes((GeoServerUser.ROOT_USERNAME+":"+getMasterPassword()).getBytes())));
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(GeoServerUser.ROOT_USERNAME, "geoserver",null,null);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
       

       
        // check disabled user       
        updateUser("ug1", testUserName, false);
       
        // since the cache is working, disabling has no effect
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();
        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes((testUserName+":"+testPassword).getBytes())));
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName, testUserName,null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));

        // clear cache, user should be disabled
        getCache().removeAll();

        request= createRequest("/foo/bar");
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
        Authentication auth = getAuth(testFilterName3, testUserName,null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, auth.getPrincipal());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // test root               
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();               
        request.setUserPrincipal(new Principal() {           
            @Override
            public String getName() {
                return GeoServerUser.ROOT_USERNAME;
            }
        });
        getProxy().doFilter(request, response, chain);
       
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName3, GeoServerUser.ROOT_USERNAME,null,null);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        //checkForAuthenticatedRole(auth);

        config.setRoleServiceName(null);
        getSecurityManager().saveFilter(config);
       
        // test preauthenticated with active role service               
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();               
        request.setUserPrincipal(new Principal() {           
            @Override
            public String getName() {
                return testUserName;
            }
        });
        request.setUserInRole(derivedRole,true);
        request.setUserInRole(rootRole,false);
        getProxy().doFilter(request, response, chain);
       
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName3, testUserName,null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, auth.getPrincipal());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // Test anonymous
        insertAnonymousFilter();
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

410
411
412
413
414
415
416
417
418
419
420
421
            }
            assertNotNull(auth);
            assertNull(SecurityContextHolder.getContext().getAuthentication());
            checkForAuthenticatedRole(auth);
            assertEquals(testUserName, auth.getPrincipal());
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));       
        }

        // unknown user
        for (PreAuthenticatedUserNameRoleSource rs : PreAuthenticatedUserNameRoleSource.values()) {
            getCache().removeAll();           
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
        Authentication auth = getAuth(testFilterName2, testUserName,300,300);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
       
        // check wrong password
//        request= createRequest("/foo/bar");
//        response= new MockHttpServletResponse();
//        chain = new MockFilterChain();
//       
//        headerValue=clientDigestString(tmp, testUserName, "wrongpass", request.getMethod());
//        request.addHeader("Authorization",  headerValue);       
//        getProxy().doFilter(request, response, chain);
//        tmp = response.getHeader("WWW-Authenticate");
//        assertNotNull(tmp);
//        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
//        assert(tmp.indexOf("Digest") !=-1 );
//        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
//        auth = getAuth(testFilterName2, testUserName,300,300);
//        assertNull(auth);
//        assertNull(SecurityContextHolder.getContext().getAuthentication());
       
        // check unknown user
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();

        headerValue=clientDigestString(tmp, "unknown", testPassword, request.getMethod());
        request.addHeader("Authorization",  headerValue);       
        getProxy().doFilter(request, response, chain);
        tmp = response.getHeader("WWW-Authenticate");
        assertNotNull(tmp);
        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
        assert(tmp.indexOf("Digest") !=-1 );
        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
        auth = getAuth(testFilterName2, "unknown",300,300);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());

        // check root user
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       
       
        headerValue=clientDigestString(tmp, GeoServerUser.ROOT_USERNAME, getMasterPassword(), request.getMethod());
        request.addHeader("Authorization",  headerValue);       
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName2, GeoServerUser.ROOT_USERNAME,300,300);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
       
        // check root user with wrong password
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       
       
        headerValue=clientDigestString(tmp, GeoServerUser.ROOT_USERNAME, "geoserver1", request.getMethod());
        request.addHeader("Authorization",  headerValue);       
        getProxy().doFilter(request, response, chain);
        tmp = response.getHeader("WWW-Authenticate");
        assertNotNull(tmp);
        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
        assert(tmp.indexOf("Digest") !=-1 );
        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
        auth = getAuth(testFilterName2, GeoServerUser.ROOT_USERNAME,300,300);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());


       
        // check disabled user, should not work becaus of cache
        updateUser("ug1", testUserName, false);
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       

        headerValue=clientDigestString(tmp, testUserName, testPassword, request.getMethod());
        request.addHeader("Authorization",  headerValue);
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName2, testUserName,300,300);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));

        // clear cache, now disabling should work
        getCache().removeAll();
       
        request= createRequest("/foo/bar");
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

799
800
801
802
803
804
805
806
807
808
809
810
            Authentication auth = getAuth(testFilterName8, testUserName,null,null);
            assertNotNull(auth);
            assertNull(SecurityContextHolder.getContext().getAuthentication());
            checkForAuthenticatedRole(auth);
            assertEquals(testUserName, auth.getPrincipal());
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));       
        }

        // unknown user
        for (PreAuthenticatedUserNameRoleSource rs :
            PreAuthenticatedUserNameRoleSource.values()) {
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
        Authentication auth = getAuth(testFilterName2, testUserName, 300,300);       
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // check success for basic authentication
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       

        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes((testUserName+":"+testPassword).getBytes())));
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName, testUserName, null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));

    }
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

758
759
760
761
762
763
764
765
766
767
768
        if (roles != null && !roles.isEmpty()) {
            GeoServerRoleService roleService = secMgr.getActiveRoleService();
            GeoServerRoleStore roleStore = roleService.createStore();
            for (String roleName : roles) {
                GeoServerRole role = roleStore.getRoleByName(roleName);
                if (role == null) {
                    role = roleStore.createRoleObject(roleName);
                    roleStore.addRole(role);
                }
View Full Code Here

Examples of org.geoserver.security.impl.GeoServerRole

478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
        GeoServerRoleStore roleStore = createNiceMock(GeoServerRoleStore.class);
        expect(roleStore.getSecurityManager()).andReturn(secMgr).anyTimes();
        expect(roleStore.getName()).andReturn(name).anyTimes();
   
        for (String roleName : roleNames) {
            expect(roleStore.getRoleByName(roleName)).andReturn(new GeoServerRole(roleName)).anyTimes();
        }
   
        for (GeoServerRole role : GeoServerRole.SystemRoles) {
            String roleName = role.getAuthority();
            expect(roleStore.createRoleObject(roleName)).andReturn(new GeoServerRole(roleName)).anyTimes();
        }
   
        expect(secMgr.loadRoleService(name)).andReturn(roleStore).anyTimes();
        return roleStore;
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.