Examples of org.apache.qpid.server.security.auth.SubjectAuthenticationResult

• org.apache.qpid.server.security.auth.SubjectAuthenticationResult
  Encapsulates the result of an attempt to authenticate using a {@link SubjectCreator}.

  iff authentication was successful, {@link #getSubject()} will return a non-null value and{@link #getStatus()} will return {@link AuthenticationResult.AuthenticationStatus#SUCCESS}. In this case, the {@link Subject} will contain the user {@link Principal} and zero or more other principalsrepresenting groups.

  @see SubjectCreator

                //save clientProperties
                setClientProperties(clientProperties);

                setSaslServer(ss);

                final SubjectAuthenticationResult authResult = subjectCreator.authenticate(ss, response);

                MethodRegistry methodRegistry = getMethodRegistry();

                switch (authResult.getStatus())
                {
                    case ERROR:
                        Exception cause = authResult.getCause();

                        _logger.info("Authentication failed:" + (cause == null ? "" : cause.getMessage()));

                        closeConnection(AMQConstant.NOT_ALLOWED, "Authentication failed", 0);

                        disposeSaslServer();
                        break;

                    case SUCCESS:
                        if (_logger.isInfoEnabled())
                        {
                            _logger.info("Connected as: " + authResult.getSubject());
                        }
                        setAuthorizedSubject(authResult.getSubject());

                        int frameMax = broker.getContextValue(Integer.class, Broker.BROKER_FRAME_SIZE);

                        if (frameMax <= 0)
                        {
                            frameMax = Integer.MAX_VALUE;
                        }

                        ConnectionTuneBody
                                tuneBody =
                                methodRegistry.createConnectionTuneBody(broker.getConnection_sessionCountLimit(),
                                                                        frameMax,
                                                                        broker.getConnection_heartBeatDelay());
                        writeFrame(tuneBody.generateFrame(0));
                        break;
                    case CONTINUE:
                        ConnectionSecureBody
                                secureBody = methodRegistry.createConnectionSecureBody(authResult.getChallenge());
                        writeFrame(secureBody.generateFrame(0));
                }
            }
        }
        catch (SaslException e)

        when(_authenticationProvider.authenticate(USERNAME, PASSWORD)).thenReturn(_authenticationResult);
    }

    public void testAuthenticateUsernameAndPasswordReturnsSubjectWithUserAndGroupPrincipals()
    {
        final SubjectAuthenticationResult actualResult = _subjectCreator.authenticate(USERNAME, PASSWORD);

        assertEquals(AuthenticationStatus.SUCCESS, actualResult.getStatus());

        final Subject actualSubject = actualResult.getSubject();

        assertEquals("Should contain one user principal and two groups ", 3, actualSubject.getPrincipals().size());

        assertTrue(actualSubject.getPrincipals().contains(new AuthenticatedPrincipal(_userPrincipal)));
        assertTrue(actualSubject.getPrincipals().contains(_group1));

    {
        when(_authenticationProvider.authenticate(_testSaslServer, _saslResponseBytes)).thenReturn(_authenticationResult);
        when(_testSaslServer.isComplete()).thenReturn(true);
        when(_testSaslServer.getAuthorizationID()).thenReturn(USERNAME);

        SubjectAuthenticationResult result = _subjectCreator.authenticate(_testSaslServer, _saslResponseBytes);

        final Subject actualSubject = result.getSubject();
        assertEquals("Should contain one user principal and two groups ", 3, actualSubject.getPrincipals().size());

        assertTrue(actualSubject.getPrincipals().contains(new AuthenticatedPrincipal(_userPrincipal)));
        assertTrue(actualSubject.getPrincipals().contains(_group1));
        assertTrue(actualSubject.getPrincipals().contains(_group2));

    {
        AuthenticationResult failedAuthenticationResult = new AuthenticationResult(expectedStatus);

        when(_authenticationProvider.authenticate(USERNAME, PASSWORD)).thenReturn(failedAuthenticationResult);

        SubjectAuthenticationResult subjectAuthenticationResult = _subjectCreator.authenticate(USERNAME, PASSWORD);

        assertSame(expectedStatus, subjectAuthenticationResult.getStatus());
        assertNull(subjectAuthenticationResult.getSubject());
    }

        when(_authenticationProvider.authenticate(_testSaslServer, _saslResponseBytes)).thenReturn(
                failedAuthenticationResult);
        when(_testSaslServer.isComplete()).thenReturn(false);

        SubjectAuthenticationResult subjectAuthenticationResult = _subjectCreator.authenticate(_testSaslServer, _saslResponseBytes);

        assertSame(expectedStatus, subjectAuthenticationResult.getStatus());
        assertNull(subjectAuthenticationResult.getSubject());
    }

    }

    protected void secure(final SaslServer ss, final Connection conn, final byte[] response)
    {
        final ServerConnection sconn = (ServerConnection) conn;
        final SubjectAuthenticationResult authResult = _subjectCreator.authenticate(ss, response);

        if (AuthenticationStatus.SUCCESS.equals(authResult.getStatus()))
        {
            tuneAuthorizedConnection(sconn);
            sconn.setAuthorizedSubject(authResult.getSubject());
        }
        else if (AuthenticationStatus.CONTINUE.equals(authResult.getStatus()))
        {
            connectionAuthContinue(sconn, authResult.getChallenge());
        }
        else
        {
            connectionAuthFailed(sconn, authResult.getCause());
        }
    }