@Before
public void setUp() {
interceptor = new ClaimsAuthorizingInterceptor();
interceptor.setNameAliases(Collections.singletonMap("authentication", "http://authentication"));
interceptor.setFormatAliases(Collections.singletonMap("claims", "http://claims"));
interceptor.setSecuredObject(new TestService());
}
@Test
public void testUserInRoleAndClaims() throws Exception {
SecureAnnotationsInterceptor in = new SecureAnnotationsInterceptor();
in.setAnnotationClassName(SecureRole.class.getName());
in.setSecuredObject(new TestService2());
Message m =
prepareMessage(
TestService2.class, "test", createDefaultClaim("admin"), createClaim("a", "b", "c"));
in.handleMessage(m);
ClaimsAuthorizingInterceptor in2 = new ClaimsAuthorizingInterceptor();
org.apache.cxf.rt.security.claims.SAMLClaim claim =
new org.apache.cxf.rt.security.claims.SAMLClaim();
claim.setNameFormat("a");
claim.setName("b");
claim.addValue("c");
in2.setClaims(
Collections.singletonMap("test", Collections.singletonList(new ClaimBean(claim))));
in2.handleMessage(m);
try {
in.handleMessage(prepareMessage(TestService2.class, "test", createDefaultClaim("user")));
fail("AccessDeniedException expected");
} catch (AccessDeniedException ex) {
// expected
}
}
private void doTestClaims(String methodName, org.apache.cxf.rt.security.claims.Claim... claim)
throws Exception {
Message m = prepareMessage(TestService.class, methodName, claim);
interceptor.handleMessage(m);
}
