Package org.geoserver.security.impl

Examples of org.geoserver.security.impl.GeoServerRole


        assertEquals(0, roleService.getRolesForGroup("g_wfs").size());
        assertEquals(1, roleService.getRolesForGroup("g_all").size());
        assertTrue(roleService.getRolesForGroup("g_all").contains(role_wms));
    }
    protected void checkValuesModified(GeoServerRoleService roleService) throws IOException {
        GeoServerRole role_auth = roleService.getRoleByName("ROLE_AUTHENTICATED");
        GeoServerRole role_wms = roleService.getRoleByName("ROLE_WMS");
        GeoServerRole role_wfs = roleService.getRoleByName("ROLE_WFS");
       
        assertEquals(1,role_auth.getProperties().size());
        assertEquals("4711", role_auth.getProperties().get("employee"));
        assertEquals(1,role_wms.getProperties().size());
        assertEquals("10 10 20 20", role_wms.getProperties().get("envelope"));
        assertEquals(0,role_wfs.getProperties().size());
       
        for (GeoServerRole role : roleService.getRoles()) {
            if ("ROLE_AUTHENTICATED".equals(role.getAuthority())) {
                assertEquals(1,role.getProperties().size());
                assertEquals("4711", role.getProperties().get("employee"));               
            }
            else if ("ROLE_WMS".equals(role.getAuthority())) {
                assertEquals(1,role.getProperties().size());
                assertEquals("10 10 20 20", role.getProperties().get("envelope"));
            } else {
                assertEquals(0,role.getProperties().size());
            }
               
        }
        assertEquals(1,roleService.getGroupNamesForRole(role_wfs).size());
        assertTrue(roleService.getGroupNamesForRole(role_wfs).contains("g_wfs"));
        assertEquals(0,roleService.getUserNamesForRole(role_wfs).size());
       
        assertEquals(1,roleService.getRolesForGroup("g_all").size());
        assertTrue(roleService.getRolesForGroup("g_all").contains(role_wms));
        GeoServerRole role = roleService.getRolesForGroup("g_all").iterator().next();
        assertEquals(1,role.getProperties().size());
        assertEquals("10 10 20 20", role.getProperties().get("envelope"));
       
        assertEquals(1,roleService.getRolesForUser("user1").size());
        assertTrue(roleService.getRolesForUser("user1").contains(role_wms));
        role = roleService.getRolesForUser("user1").iterator().next();
        assertEquals(1,role.getProperties().size());
        assertEquals("10 10 20 20", role.getProperties().get("envelope"));
       
        assertNull(roleService.getParentRole(role_wms));
        assertEquals(role_wms,roleService.getParentRole(role_wfs));
    }
View Full Code Here


        assertNull(roleService.getParentRole(role_wms));
        assertEquals(role_wms,roleService.getParentRole(role_wfs));
    }
    protected void checkValuesInserted(GeoServerRoleService roleService) throws IOException {
   
        GeoServerRole role_auth = roleService.getRoleByName("ROLE_AUTHENTICATED");
        GeoServerRole role_wfs = roleService.getRoleByName("ROLE_WFS");
        GeoServerRole role_wms = roleService.getRoleByName("ROLE_WMS");
        GeoServerRole role_admin = roleService.getRoleByName(
                GeoServerRole.ADMIN_ROLE.getAuthority());
   
       
        assertEquals(4, roleService.getRoles().size());
        assertEquals(4, roleService.getRoleCount());
        assertTrue(roleService.getRoles().contains(role_admin));
        assertTrue(roleService.getRoles().contains(role_auth));
        assertTrue(roleService.getRoles().contains(role_wfs));
        assertTrue(roleService.getRoles().contains(role_wms));
               
       
        assertNull (roleService.getRoleByName("xxx"));
       
        for (GeoServerRole role : roleService.getRoles() ) {
            if (role_auth.getAuthority().equals(role.getAuthority())) {
                assertEquals(2,role.getProperties().size());
                assertEquals(role.getProperties().getProperty("employee"),"");
                assertEquals(role.getProperties().getProperty("bbox"),"lookupAtRuntime");
            } else {
                assertEquals(0,role.getProperties().size());
            }
           
        }
       
       
        assertEquals(0,role_admin.getProperties().size());
        assertEquals(0,role_wfs.getProperties().size());
        assertEquals(0,role_wms.getProperties().size());
       
        assertEquals(2,role_auth.getProperties().size());
        assertEquals(role_auth.getProperties().getProperty("employee"),"");
View Full Code Here

        Authentication auth = getAuth(testFilterName, testUserName,null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // check wrong password
//        request= createRequest("/foo/bar");
//        response= new MockHttpServletResponse();
//        chain = new MockFilterChain();
//
//        request.addHeader("Authorization",  "Basic " +
//                new String(Base64.encodeBytes((testUserName+":wrongpass").getBytes())));
//        getProxy().doFilter(request, response, chain);
//        tmp = response.getHeader("WWW-Authenticate");
//        assertNotNull(tmp);
//        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
//        assert(tmp.indexOf("Basic") !=-1 );
//        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
//        assertNull(SecurityContextHolder.getContext().getAuthentication());
//        auth = getAuth(testFilterName, testUserName,null,null);
//        assertNull(auth);

       
        // check unknown user
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();

        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes(("unknwon:"+testPassword).getBytes())));
        getProxy().doFilter(request, response, chain);
        tmp = response.getHeader("WWW-Authenticate");
        assertNotNull(tmp);
        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
        assert(tmp.indexOf("Basic") !=-1 );
        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
        auth = getAuth("unknow", testPassword,null,null);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());

        // check root user
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       
       
        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes((GeoServerUser.ROOT_USERNAME+":"+getMasterPassword()).getBytes())));
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(GeoServerUser.ROOT_USERNAME, "geoserver",null,null);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
       

       
        // check disabled user       
        updateUser("ug1", testUserName, false);
       
        // since the cache is working, disabling has no effect
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();
        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes((testUserName+":"+testPassword).getBytes())));
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName, testUserName,null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));

        // clear cache, user should be disabled
        getCache().removeAll();

        request= createRequest("/foo/bar");
View Full Code Here

        Authentication auth = getAuth(testFilterName3, testUserName,null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, auth.getPrincipal());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // test root               
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();               
        request.setUserPrincipal(new Principal() {           
            @Override
            public String getName() {
                return GeoServerUser.ROOT_USERNAME;
            }
        });
        getProxy().doFilter(request, response, chain);
       
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName3, GeoServerUser.ROOT_USERNAME,null,null);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        //checkForAuthenticatedRole(auth);

        config.setRoleServiceName(null);
        getSecurityManager().saveFilter(config);
       
        // test preauthenticated with active role service               
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();               
        request.setUserPrincipal(new Principal() {           
            @Override
            public String getName() {
                return testUserName;
            }
        });
        request.setUserInRole(derivedRole,true);
        request.setUserInRole(rootRole,false);
        getProxy().doFilter(request, response, chain);
       
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName3, testUserName,null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, auth.getPrincipal());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // Test anonymous
        insertAnonymousFilter();
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
View Full Code Here

            }
            assertNotNull(auth);
            assertNull(SecurityContextHolder.getContext().getAuthentication());
            checkForAuthenticatedRole(auth);
            assertEquals(testUserName, auth.getPrincipal());
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));       
        }

        // unknown user
        for (PreAuthenticatedUserNameRoleSource rs : PreAuthenticatedUserNameRoleSource.values()) {
            getCache().removeAll();           
View Full Code Here

        Authentication auth = getAuth(testFilterName2, testUserName,300,300);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
       
        // check wrong password
//        request= createRequest("/foo/bar");
//        response= new MockHttpServletResponse();
//        chain = new MockFilterChain();
//       
//        headerValue=clientDigestString(tmp, testUserName, "wrongpass", request.getMethod());
//        request.addHeader("Authorization",  headerValue);       
//        getProxy().doFilter(request, response, chain);
//        tmp = response.getHeader("WWW-Authenticate");
//        assertNotNull(tmp);
//        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
//        assert(tmp.indexOf("Digest") !=-1 );
//        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
//        auth = getAuth(testFilterName2, testUserName,300,300);
//        assertNull(auth);
//        assertNull(SecurityContextHolder.getContext().getAuthentication());
       
        // check unknown user
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();

        headerValue=clientDigestString(tmp, "unknown", testPassword, request.getMethod());
        request.addHeader("Authorization",  headerValue);       
        getProxy().doFilter(request, response, chain);
        tmp = response.getHeader("WWW-Authenticate");
        assertNotNull(tmp);
        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
        assert(tmp.indexOf("Digest") !=-1 );
        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
        auth = getAuth(testFilterName2, "unknown",300,300);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());

        // check root user
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       
       
        headerValue=clientDigestString(tmp, GeoServerUser.ROOT_USERNAME, getMasterPassword(), request.getMethod());
        request.addHeader("Authorization",  headerValue);       
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName2, GeoServerUser.ROOT_USERNAME,300,300);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
       
        // check root user with wrong password
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       
       
        headerValue=clientDigestString(tmp, GeoServerUser.ROOT_USERNAME, "geoserver1", request.getMethod());
        request.addHeader("Authorization",  headerValue);       
        getProxy().doFilter(request, response, chain);
        tmp = response.getHeader("WWW-Authenticate");
        assertNotNull(tmp);
        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
        assert(tmp.indexOf("Digest") !=-1 );
        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode());
        auth = getAuth(testFilterName2, GeoServerUser.ROOT_USERNAME,300,300);
        assertNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());


       
        // check disabled user, should not work becaus of cache
        updateUser("ug1", testUserName, false);
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       

        headerValue=clientDigestString(tmp, testUserName, testPassword, request.getMethod());
        request.addHeader("Authorization",  headerValue);
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName2, testUserName,300,300);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));

        // clear cache, now disabling should work
        getCache().removeAll();
       
        request= createRequest("/foo/bar");
View Full Code Here

            Authentication auth = getAuth(testFilterName8, testUserName,null,null);
            assertNotNull(auth);
            assertNull(SecurityContextHolder.getContext().getAuthentication());
            checkForAuthenticatedRole(auth);
            assertEquals(testUserName, auth.getPrincipal());
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));       
        }

        // unknown user
        for (PreAuthenticatedUserNameRoleSource rs :
            PreAuthenticatedUserNameRoleSource.values()) {
View Full Code Here

        Authentication auth = getAuth(testFilterName2, testUserName, 300,300);       
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // check success for basic authentication
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       

        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes((testUserName+":"+testPassword).getBytes())));
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        auth = getAuth(testFilterName, testUserName, null,null);
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));

    }
View Full Code Here

        if (roles != null && !roles.isEmpty()) {
            GeoServerRoleService roleService = secMgr.getActiveRoleService();
            GeoServerRoleStore roleStore = roleService.createStore();
            for (String roleName : roles) {
                GeoServerRole role = roleStore.getRoleByName(roleName);
                if (role == null) {
                    role = roleStore.createRoleObject(roleName);
                    roleStore.addRole(role);
                }
View Full Code Here

        GeoServerRoleStore roleStore = createNiceMock(GeoServerRoleStore.class);
        expect(roleStore.getSecurityManager()).andReturn(secMgr).anyTimes();
        expect(roleStore.getName()).andReturn(name).anyTimes();
   
        for (String roleName : roleNames) {
            expect(roleStore.getRoleByName(roleName)).andReturn(new GeoServerRole(roleName)).anyTimes();
        }
   
        for (GeoServerRole role : GeoServerRole.SystemRoles) {
            String roleName = role.getAuthority();
            expect(roleStore.createRoleObject(roleName)).andReturn(new GeoServerRole(roleName)).anyTimes();
        }
   
        expect(secMgr.loadRoleService(name)).andReturn(roleStore).anyTimes();
        return roleStore;
    }
View Full Code Here

TOP

Related Classes of org.geoserver.security.impl.GeoServerRole

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.