/**
* Verifies that authentication requests without subjects are not accepted.
*
* @throws Exception if an error occurs.
*/
@Test
public void shouldNotAuthenticateWithoutSubject() throws Exception {
logger.debug("Verifying that an authentication request without a subject is rejected...");
AssertionBuilder assertionBuilder = new AssertionBuilder();
Saml2AuthenticationToken authentication =
new Saml2AuthenticationToken(assertionBuilder.getAssertion());
assertNull(authnProvider.authenticate(authentication));
assertFalse(authentication.isAuthenticated());
}
/**
* Verifies that the authentication provider throws an exception when authentication fails if we
* request it to.
*
* @throws Exception if an error occurs.
*/
@Test(expected = BadCredentialsException.class)
public void shouldThrowExceptionOnAuthenticaitonFailureIfAsked() throws Exception {
logger.debug(
"Verifying that the authentication provider can throw an exception when authentication fails...");
AssertionBuilder assertionBuilder = new AssertionBuilder();
Saml2AuthenticationToken authentication =
new Saml2AuthenticationToken(assertionBuilder.getAssertion());
authnProvider.setThrowExceptionWhenTokenRejected(true);
authnProvider.authenticate(authentication);
}
/**
* Verifies that valid authentication requests are accepted.
*
* @throws Exception if an error occurs.
*/
@Test
public void shouldAuthenticate() throws Exception {
logger.debug("Verifying that a valid authentication request is accepted...");
AssertionBuilder assertionBuilder = new AssertionBuilder();
assertionBuilder.setSubject("*****@*****.**");
Saml2AuthenticationToken authentication =
new Saml2AuthenticationToken(assertionBuilder.getAssertion());
assertNotNull(authnProvider.authenticate(authentication));
assertTrue(authentication.isAuthenticated());
}