Examples of org.geoserver.security.GeoServerSecurityManager$AuthProviderHelper

org.geoserver.security.GeoServerSecurityManager
Interface that can be used to assist migration phases, adding XStream behaviours to be used only during migration of configurations from previous versions. A specific implementation can be passed to {@link FilterHelper.loadConfig} and/or {@link FilterHelper.saveConfig} to change XStream mappings and conversions to allow loadingof old (incompatible) configuration files that need to be updated to a new format. The implementation should implement the migrationPersister method to add aliases, converters or other XStream behaviours needed only when migrating old configurations. @author Mauro Bartolomeoli (mauro.bartolomeoli@geo-solutions.it)

    public void testDigestConfigValidation() throws Exception{
        DigestAuthenticationFilterConfig config = new DigestAuthenticationFilterConfig();
        config.setClassName(GeoServerDigestAuthenticationFilter.class.getName());
        config.setName("testDigest");


        GeoServerSecurityManager secMgr = getSecurityManager();


        FilterConfigValidator validator = new FilterConfigValidator(secMgr);
        
        try {
            validator.validateFilterConfig(config);

View Full Code Here

    public void testRoleFilterConfigValidation() throws Exception{
        RoleFilterConfig config = new RoleFilterConfig();
        config.setClassName(GeoServerRoleFilter.class.getName());
        config.setName("testRoleFilter");
        
        GeoServerSecurityManager secMgr = getSecurityManager();
        FilterConfigValidator validator = new FilterConfigValidator(secMgr);
        try {
            validator.validateFilterConfig(config);
            fail("no header attribute should fail");
        } catch (FilterConfigException ex){

View Full Code Here

    public void testSecurityInterceptorFilterConfigValidation() throws Exception{
        SecurityInterceptorFilterConfig config = new SecurityInterceptorFilterConfig();
        config.setClassName(GeoServerSecurityInterceptorFilter.class.getName());
        config.setName("testInterceptFilter");


        GeoServerSecurityManager secMgr = getSecurityManager();
        FilterConfigValidator validator = new FilterConfigValidator(secMgr);
         try {
             validator.validateFilterConfig(config);
             fail("no metadata source should fail");
         } catch (FilterConfigException ex){

View Full Code Here

    class EncryptionPanel extends FormComponentPanel {


        public EncryptionPanel(String id) {
            super(id, new Model());


            GeoServerSecurityManager secMgr = getSecurityManager();
            if (secMgr.isStrongEncryptionAvailable()) {
                
                add(new Label("strongEncryptionMsg", new StringResourceModel("strongEncryption", this, null))
                    .add(new AttributeAppender("class", new Model("info-link"), " "))); 
            }
            else {

View Full Code Here

    static Logger LOGGER = Logging.getLogger(SecurityHomePageContentProvider.class);


    @Override
    public Component getPageBodyComponent(String id) {
        //do a check that the root password is not set
        GeoServerSecurityManager secMgr = GeoServerApplication.get().getSecurityManager();
        if (secMgr.checkAuthenticationForAdminRole()) {
            return new SecurityWarningsPanel(id);
        }
        return null;
    }

View Full Code Here

    @Test
    public void testMappedRoles() throws Exception {
        setMockCreator(new MockCreator() {
            @Override
            public GeoServerSecurityManager createSecurityManager(MockTestData testData) throws Exception {
                GeoServerSecurityManager secMgr = createNiceMock(GeoServerSecurityManager.class);


                GeoServerRoleStore roleStore = 
                    createRoleStore("test", secMgr, "admin", "groupAdmin", "role1");
                addRolesToCreate(roleStore, "admin", "groupAdmin");
                expect(roleStore.getAdminRole()).andReturn(new GeoServerRole("admin")).anyTimes();
                expect(roleStore.getGroupAdminRole()).andReturn(new GeoServerRole("groupAdmin")).anyTimes();


                replay(roleStore, secMgr);
                return secMgr;
            }
        });


        GeoServerSecurityManager secMgr = getSecurityManager();
        RoleStoreValidationWrapper store = 
            new RoleStoreValidationWrapper((GeoServerRoleStore)secMgr.loadRoleService("test"));


        try {
            store.removeRole(store.createRoleObject("admin"));
            fail("removing admin role should fail");
        } catch (IOException ex) {

View Full Code Here

    @Override
    public void onLayerGroup(String name, LayerGroupInfo lg, MockCatalogBuilder b) {
    }


    public GeoServerSecurityManager createSecurityManager(MockTestData testData) throws Exception {
        final GeoServerSecurityManager secMgr = createNiceMock(GeoServerSecurityManager.class);
    
        //application context
        ApplicationContext appContext = createNiceMock(ApplicationContext.class);
        expect(secMgr.getApplicationContext()).andReturn(appContext).anyTimes();
    
        //master password provider
        MasterPasswordProvider masterPasswdProvider = createNiceMock(MasterPasswordProvider.class);
        expect(masterPasswdProvider.getName()).andReturn(MasterPasswordProvider.DEFAULT_NAME).anyTimes();
        expect(secMgr.listMasterPasswordProviders()).andReturn(
            new TreeSet<String>(Arrays.asList(MasterPasswordProvider.DEFAULT_NAME))).anyTimes();
    
        //password validators
        PasswordValidator passwdValidator = createNiceMock(PasswordValidator.class);
        expect(secMgr.loadPasswordValidator(PasswordValidator.DEFAULT_NAME))
            .andReturn(passwdValidator).anyTimes();
    
        PasswordPolicyConfig masterPasswdPolicyConfig = createNiceMock(PasswordPolicyConfig.class);
        expect(masterPasswdPolicyConfig.getMinLength()).andReturn(8).anyTimes();
        expect(masterPasswdPolicyConfig.getMaxLength()).andReturn(-1).anyTimes();
        
    
        PasswordValidatorImpl masterPasswdValidator = new PasswordValidatorImpl(secMgr);
        masterPasswdValidator.setConfig(masterPasswdPolicyConfig);
    
        expect(secMgr.loadPasswordValidator(PasswordValidator.MASTERPASSWORD_NAME))
            .andReturn(masterPasswdValidator).anyTimes();
        expect(secMgr.listPasswordValidators()).andReturn(
                new TreeSet<String>(Arrays.asList(PasswordValidator.DEFAULT_NAME, PasswordValidator.MASTERPASSWORD_NAME))).anyTimes();;
    
        //default user group store
        GeoServerUserGroupStore ugStore = 
            createUserGroupStore(XMLUserGroupService.DEFAULT_NAME, secMgr);
        expect(secMgr.listUserGroupServices()).andReturn(
            new TreeSet<String>(Arrays.asList(XMLUserGroupService.DEFAULT_NAME))).anyTimes();
    
        SecurityUserGroupServiceConfig ugConfig = createNiceMock(SecurityUserGroupServiceConfig.class);
        expect(ugConfig.getName()).andReturn(XMLUserGroupService.DEFAULT_NAME).anyTimes();
        expect(ugConfig.getPasswordPolicyName()).andReturn(PasswordValidator.DEFAULT_NAME).anyTimes();
        expect(secMgr.loadUserGroupServiceConfig(XMLUserGroupService.DEFAULT_NAME))
            .andReturn(ugConfig).anyTimes();
    
        //default role store
        GeoServerRoleStore roleStore = 
            createRoleStore(XMLRoleService.DEFAULT_NAME, secMgr);
        expect(secMgr.listRoleServices()).andReturn(
            new TreeSet<String>(Arrays.asList(XMLRoleService.DEFAULT_NAME))).anyTimes();
        expect(secMgr.getActiveRoleService()).andReturn(roleStore).anyTimes();
    
        //auth providers
        SecurityAuthProviderConfig authProviderConfig = createNiceMock(SecurityAuthProviderConfig.class);
        expect(authProviderConfig.getName()).andReturn(GeoServerAuthenticationProvider.DEFAULT_NAME).anyTimes();
        expect(authProviderConfig.getUserGroupServiceName()).andReturn(XMLUserGroupService.DEFAULT_NAME).anyTimes();
        expect(secMgr.loadAuthenticationProviderConfig(GeoServerAuthenticationProvider.DEFAULT_NAME))
            .andReturn(authProviderConfig).anyTimes();
        
        GeoServerAuthenticationProvider authProvider = createNiceMock(GeoServerAuthenticationProvider.class);
        expect(authProvider.getName()).andReturn(GeoServerAuthenticationProvider.DEFAULT_NAME).anyTimes();
        expect(secMgr.loadAuthenticationProvider(GeoServerAuthenticationProvider.DEFAULT_NAME))
            .andReturn(authProvider).anyTimes();
        expect(secMgr.listAuthenticationProviders()).andReturn(
            new TreeSet<String>(Arrays.asList(GeoServerAuthenticationProvider.DEFAULT_NAME))).anyTimes();
        expect(secMgr.getAuthenticationProviders()).andReturn(Arrays.asList(authProvider)).anyTimes();
    
        //security filters
        SecurityInterceptorFilterConfig filterConfig = createNiceMock(SecurityInterceptorFilterConfig.class);        
        expect(secMgr.loadFilterConfig(
            GeoServerSecurityFilterChain.FILTER_SECURITY_INTERCEPTOR)).andReturn(filterConfig).anyTimes();
        
        GeoServerAnonymousAuthenticationFilter authFilter = createNiceMock(GeoServerAnonymousAuthenticationFilter.class);
        expect(authFilter.applicableForServices()).andReturn(true).anyTimes();
        expect(authFilter.applicableForHtml()).andReturn(true).anyTimes();
        expect(secMgr.loadFilter(
                GeoServerSecurityFilterChain.ANONYMOUS_FILTER)).andReturn(authFilter).anyTimes();
        
        GeoServerRoleFilter roleFilter = createNiceMock(GeoServerRoleFilter.class);
        expect(secMgr.loadFilter(
                GeoServerSecurityFilterChain.ROLE_FILTER)).andReturn(roleFilter).anyTimes();


        GeoServerUserNamePasswordAuthenticationFilter formFilter = createNiceMock(GeoServerUserNamePasswordAuthenticationFilter.class);
        expect(formFilter.applicableForHtml()).andReturn(true).anyTimes();
        expect(secMgr.loadFilter(
                GeoServerSecurityFilterChain.FORM_LOGIN_FILTER)).andReturn(formFilter).anyTimes();


        GeoServerBasicAuthenticationFilter basicFilter = createNiceMock(GeoServerBasicAuthenticationFilter.class);
        expect(basicFilter.applicableForServices()).andReturn(true).anyTimes();
        expect(secMgr.loadFilter(
                GeoServerSecurityFilterChain.BASIC_AUTH_FILTER)).andReturn(basicFilter).anyTimes();


    
        //password encoders
        expect(secMgr.loadPasswordEncoder(GeoServerEmptyPasswordEncoder.class)).andAnswer(
            new IAnswer<GeoServerEmptyPasswordEncoder>() {
                @Override
                public GeoServerEmptyPasswordEncoder answer() throws Throwable {
                    return createEmptyPasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoder("emptyPasswordEncoder")).andAnswer(
            new IAnswer<GeoServerPasswordEncoder>() {
                @Override
                public GeoServerPasswordEncoder answer() throws Throwable {
                    return createEmptyPasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoder(GeoServerPlainTextPasswordEncoder.class)).andAnswer(
            new IAnswer<GeoServerPlainTextPasswordEncoder>() {
                @Override
                public GeoServerPlainTextPasswordEncoder answer() throws Throwable {
                    return createPlainTextPasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoder("plainTextPasswordEncoder")).andAnswer(
            new IAnswer<GeoServerPasswordEncoder>() {
                @Override
                public GeoServerPasswordEncoder answer() throws Throwable {
                    return createPlainTextPasswordEncoder(secMgr);
                }
            }).anyTimes();
    
        expect(secMgr.loadPasswordEncoder(GeoServerPBEPasswordEncoder.class, null,false)).andAnswer(
            new IAnswer<GeoServerPBEPasswordEncoder>() {
                @Override
                public GeoServerPBEPasswordEncoder answer() throws Throwable {
                    return createPbePasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoder("pbePasswordEncoder")).andAnswer(
            new IAnswer<GeoServerPasswordEncoder>() {
                @Override
                public GeoServerPasswordEncoder answer() throws Throwable {
                    return createPbePasswordEncoder(secMgr);
                }
            }).anyTimes();
        
        expect(secMgr.loadPasswordEncoder(GeoServerPBEPasswordEncoder.class, null,true)).andAnswer(
            new IAnswer<GeoServerPBEPasswordEncoder>() {
                @Override
                public GeoServerPBEPasswordEncoder answer() throws Throwable {
                    return createStrongPbePasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoder("strongPbePasswordEncoder")).andAnswer(
            new IAnswer<GeoServerPasswordEncoder>() {
                @Override
                public GeoServerPasswordEncoder answer() throws Throwable {
                    return createStrongPbePasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoder(GeoServerDigestPasswordEncoder.class, null,true)).andAnswer(
            new IAnswer<GeoServerDigestPasswordEncoder>() {
                @Override
                public GeoServerDigestPasswordEncoder answer() throws Throwable {
                    return createDigestPasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoder(GeoServerDigestPasswordEncoder.class)).andAnswer(
            new IAnswer<GeoServerDigestPasswordEncoder>() {
                @Override
                public GeoServerDigestPasswordEncoder answer() throws Throwable {
                    return createDigestPasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoder("digestPasswordEncoder")).andAnswer(
            new IAnswer<GeoServerPasswordEncoder>() {
                @Override
                public GeoServerPasswordEncoder answer() throws Throwable {
                    return createDigestPasswordEncoder(secMgr);
                }
            }).anyTimes();
        expect(secMgr.loadPasswordEncoders()).andAnswer(
            new IAnswer<List<GeoServerPasswordEncoder>>() {
                @Override
                public List<GeoServerPasswordEncoder> answer()
                        throws Throwable {
                    return (List) Arrays.asList(
                        createEmptyPasswordEncoder(secMgr),
                        createPlainTextPasswordEncoder(secMgr), createPbePasswordEncoder(secMgr), 
                        createStrongPbePasswordEncoder(secMgr), createDigestPasswordEncoder(secMgr));
                }
            }).anyTimes();
    
        //keystore provider
        KeyStoreProvider keyStoreProvider = createNiceMock(KeyStoreProvider.class);
        expect(keyStoreProvider.isKeyStorePassword(aryEq("geoserver".toCharArray())))
            .andReturn(true).anyTimes();
        expect(keyStoreProvider.containsAlias(KeyStoreProviderImpl.CONFIGPASSWORDKEY))
            .andReturn(true).anyTimes();;
        expect(keyStoreProvider.getSecretKey(KeyStoreProviderImpl.CONFIGPASSWORDKEY))
            .andReturn(new SecretKeySpec(toBytes("geoserver".toCharArray()),"PBE")).anyTimes();
        expect(keyStoreProvider.hasUserGroupKey(XMLUserGroupService.DEFAULT_NAME))
            .andReturn(true).anyTimes();
    
        String alias = "ugServiceAlias";
        expect(keyStoreProvider.aliasForGroupService(XMLUserGroupService.DEFAULT_NAME))
            .andReturn(alias).anyTimes();
        expect(keyStoreProvider.containsAlias(alias)).andReturn(true).anyTimes();;
        expect(keyStoreProvider.getSecretKey(alias)).andReturn(
                new SecretKeySpec(toBytes("geoserver".toCharArray()),"PBE")).anyTimes();
        expect(secMgr.getKeyStoreProvider()).andReturn(keyStoreProvider).anyTimes();
        
        replay(keyStoreProvider, masterPasswdProvider, ugStore, ugConfig, roleStore, authProvider, 
            authProviderConfig, filterConfig, passwdValidator, masterPasswdPolicyConfig, appContext, 
            secMgr,roleFilter,formFilter,authFilter,basicFilter);
        return secMgr;

View Full Code Here

        SecurityContextHolder.getContext().setAuthentication(
            new UsernamePasswordAuthenticationToken(username,password,l));
    }


    protected void addUser(String username, String password, List<String> groups, List<String> roles) throws Exception {
        GeoServerSecurityManager secMgr = getSecurityManager();
        GeoServerUserGroupService ugService = secMgr.loadUserGroupService("default");


        GeoServerUserGroupStore ugStore = ugService.createStore();
        GeoServerUser user = ugStore.createUserObject(username, password, true);
        ugStore.addUser(user);


        if (groups != null && !groups.isEmpty()) {
            for (String groupName : groups) {
                GeoServerUserGroup group = ugStore.getGroupByGroupname(groupName);
                if (group == null) {
                    group = ugStore.createGroupObject(groupName, true);
                    ugStore.addGroup(group);
                }
    
                ugStore.associateUserToGroup(user, group);
            }
        }
        ugStore.store();


        if (roles != null && !roles.isEmpty()) {
            GeoServerRoleService roleService = secMgr.getActiveRoleService();
            GeoServerRoleStore roleStore = roleService.createStore();
            for (String roleName : roles) {
                GeoServerRole role = roleStore.getRoleByName(roleName);
                if (role == null) {
                    role = roleStore.createRoleObject(roleName);

View Full Code Here

        executor.shutdown();
    }


    private GeoServerBasicAuthenticationFilter createAuthenticationFilter() {
        GeoServerBasicAuthenticationFilter authenticationFilter = new GeoServerBasicAuthenticationFilter();
        GeoServerSecurityManager sm = null;
        try {
            sm = new GeoServerSecurityManager(new GeoServerDataDirectory(new File("target")));
            authenticationFilter.setSecurityManager(sm);
            BasicAuthenticationFilterConfig config = new BasicAuthenticationFilterConfig();
            authenticationFilter.initializeFromConfig(config);
        } catch (Exception e) {
            throw new RuntimeException("Failed to initialize authentication authenticationFilter.");

View Full Code Here

        // we don't show the node id to all users, only to the admin
        Authentication auth = ((GeoServerSession) parent.getSession()).getAuthentication();
        if (auth == null || !auth.isAuthenticated() || auth instanceof AnonymousAuthenticationToken) {
            return false;
        } else {
            GeoServerSecurityManager securityManager = GeoServerApplication.get()
                    .getSecurityManager();
            return securityManager.checkAuthenticationForAdminRole(auth);
        }
    }

View Full Code Here

0 1 2 3 4

TOP

Related Classes of org.geoserver.security.GeoServerSecurityManager$AuthProviderHelper

com.thoughtworks.xstream.converters.Converter

org.geoserver.cluster.impl.web.ClusterHomePageContentProvider

org.geoserver.config.util.XStreamPersister

org.geoserver.config.util.XStreamPersister$BreifMapConverter

org.geoserver.config.util.XStreamPersister$StoreInfoConverter

org.geoserver.jdbcconfig.web.JDBCConfigStatusProvider

org.geoserver.platform.resource.Resource

org.geoserver.script.rest.FinderSupport

org.geoserver.script.ScriptIntTestSupport

org.geoserver.security.concurrent.LockingRoleService

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.