Examples of org.geomajas.security.Authentication

• org.geomajas.security.Authentication
  Success object which is returned on successful authentication by the {@link SecurityManager}. It contains some information about the authenticated user (all optional), and the authorization objects. @author Joachim Van der Auwera @since 1.6.0

  public void after() {
    securityService.clear();
  }

  private Authentication createTestAuthentication() {
    Authentication authentication = new Authentication();
    authentication.setAuthorizations(new BaseAuthorization[]{new AllowTestAuthorization()});
    return authentication;
  }

  public String getId() {
    return "staticsecurity.LoginAllowed";
  }

  public Authentication getAuthentication(String authenticationToken) {
    Authentication auth = new Authentication();
    auth.setAuthorizations(new BaseAuthorization[]{new LoginAuthorization()});
    auth.setUserId("anynomous");
    return auth;
  }

  @Autowired
  private LogoutCommand logoutCommand;

  @Test
  public void testLogout() throws Exception {
    Authentication auth = new Authentication();
    auth.setAuthorizations(new BaseAuthorization[0]);
    auth.setSecurityServiceId(StaticSecurityService.SECURITY_SERVICE_ID); // mimic that this comes from the StaticSecurity stuff
    String token = tokenService.login(auth);
    SecurityContextImpl securityContext = (SecurityContextImpl) this.securityContext;
    List<Authentication> auths = new ArrayList<Authentication>();
    auths.add(auth);
    securityContext.setAuthentications(token, auths);

      String userpw = user.getPassword();
      if (null != userpw && userpw.endsWith(PADDING)) {
        userpw = userpw.substring(0, userpw.length() - 2);
      }
      if (login.equals(user.getUserId()) && password.equals(userpw)) {
        Authentication authentication = new Authentication();
        authentication.setUserId(login);
        authentication.setUserName(user.getUserName());
        authentication.setUserLocale(user.getUserLocale());
        authentication.setUserOrganization(user.getUserOrganization());
        authentication.setUserDivision(user.getUserDivision());
        authentication.setAuthorizations(getAuthorizations(user));
        response.setToken(tokenService.login(authentication));
      }
    }
  }

    LoginResponse response = loginCommand.getEmptyCommandResponse();
    loginCommand.execute(request, response);
    String token = response.getToken();
    Assert.assertNotNull(token);

    Authentication auth = tokenService.getAuthentication(token);
    Assert.assertEquals(1, auth.getAuthorizations().length);
    BaseAuthorization authorizaton = auth.getAuthorizations()[0];
    Assert.assertTrue(authorizaton.isToolAuthorized("bla"));
    Assert.assertTrue(authorizaton.isCommandAuthorized("bla"));
    Assert.assertTrue(authorizaton.isLayerVisible("bla"));
    Assert.assertTrue(authorizaton.isLayerVisible("roads"));
    Assert.assertTrue(authorizaton.isLayerVisible("rivers"));

    LoginResponse response = loginCommand.getEmptyCommandResponse();
    loginCommand.execute(request, response);
    String token = response.getToken();
    Assert.assertNotNull(token);

    Authentication auth = tokenService.getAuthentication(token);
    Assert.assertEquals(1, auth.getAuthorizations().length);
    BaseAuthorization authorizaton = auth.getAuthorizations()[0];
    Assert.assertFalse(authorizaton.isToolAuthorized("bla"));
    Assert.assertTrue(authorizaton.isCommandAuthorized("bla"));
    Assert.assertFalse(authorizaton.isLayerVisible("bla"));
    Assert.assertTrue(authorizaton.isLayerVisible("roads"));
    Assert.assertTrue(authorizaton.isLayerVisible("rivers"));

  @Test
  public void testBaseAuthorization() throws Exception {
    SecurityContextImpl securityContext = (SecurityContextImpl)this.securityContext;
    List<Authentication> authentications = new ArrayList<Authentication>();
    Authentication auth1 = getAuthentication(0); // allow nothing
    Authentication auth2 = getAuthentication(1); // base, allow all
    authentications.add(auth1);
    authentications.add(auth2);
    securityContext.setAuthentications("token", authentications);

    InternalFeature feature = new InternalFeatureImpl();

  @Test
  public void testAllAndFeatureAuthorization() throws Exception {
    SecurityContextImpl securityContext = (SecurityContextImpl)this.securityContext;
    List<Authentication> authentications = new ArrayList<Authentication>();
    Authentication auth1 = getAuthentication(1); // base, allow all
    Authentication auth2 = getAttributeAuthentication();
    authentications.add(auth1);
    authentications.add(auth2);
    securityContext.setAuthentications("token", authentications);

    InternalFeature feature = new InternalFeatureImpl();

  @Test
  public void testAttributeAuthorization() throws Exception {
    SecurityContextImpl securityContext = (SecurityContextImpl)this.securityContext;
    List<Authentication> authentications = new ArrayList<Authentication>();
    Authentication auth1 = getAuthentication(0); // allow nothing
    Authentication auth2 = getAttributeAuthentication();
    authentications.add(auth1);
    authentications.add(auth2);
    securityContext.setAuthentications("token", authentications);

    InternalFeature feature = new InternalFeatureImpl();

  @Test
  public void testFeatureAuthorization() throws Exception {
    SecurityContextImpl securityContext = (SecurityContextImpl)this.securityContext;
    List<Authentication> authentications = new ArrayList<Authentication>();
    Authentication auth1 = getAuthentication(0); // allow nothing
    Authentication auth2 = getFeatureAuthentication();
    authentications.add(auth1);
    authentications.add(auth2);
    securityContext.setAuthentications("token", authentications);

    InternalFeature feature = new InternalFeatureImpl();