@Test(expected = UserAlreadyLoggedInException.class) public void failUserAlreadyLoggedIn() { DefaultLoginCredentials credentials = getCredentials(); credentials.setUserId(USER_NAME); credentials.setPassword(USER_PASSWORD); Identity identity = getIdentity(); identity.login(); // should throw the exception. user is already authenticated. identity.login(); }
protected void performAuthentication() { DefaultLoginCredentials credentials = this.credentials; credentials.setPassword(USER_PASSWORD); credentials.setUserId(USER_NAME); Identity identity = this.identity; Identity.AuthenticationResult status = identity.login(); assertEquals(Identity.AuthenticationResult.SUCCESS, status); assertTrue(identity.isLoggedIn()); assertEquals(this.identity.getAccount(), identity.getAccount()); }
@Test public void testUnsuccessfulPasswordBasedAuthentication() throws Exception { DefaultLoginCredentials credentials = getCredentials(); credentials.setUserId(USER_NAME); credentials.setPassword("badpasswd"); Identity identity = getIdentity(); AuthenticationResult status = identity.login(); assertEquals(AuthenticationResult.FAILED, status); assertFalse(identity.isLoggedIn()); assertNull(identity.getAccount()); }
@Test public void testSuccessfulPasswordBasedAuthentication() throws Exception { DefaultLoginCredentials credentials = getCredentials(); credentials.setPassword(USER_PASSWORD); credentials.setUserId(USER_NAME); Identity identity = getIdentity(); AuthenticationResult status = identity.login(); assertEquals(AuthenticationResult.SUCCESS, status); assertTrue(identity.isLoggedIn()); assertEquals(getAccount(), identity.getAccount()); }
@Test(expected = LockedAccountException.class) public void failLockedAccount() { Account account = getAccount(); account.setEnabled(false); getIdentityManager().update(account); DefaultLoginCredentials credentials = getCredentials(); credentials.setPassword(USER_PASSWORD); credentials.setUserId(USER_NAME); // should throw the exception. user is disabled/locked. Identity identity = getIdentity(); identity.login(); }
@Produces @PicketLink public Partition getDefaultPartition() { if (credentials.getCredential() instanceof TokenCredential) { return partitionManager.getPartition(Realm.class, "token"); } return partitionManager.getPartition(Realm.class, Realm.DEFAULT_REALM); }
@Override public void authenticate() { if (credentials.getCredential() == null) { return; } Credentials creds; if (isUsernamePasswordCredential()) { creds = new UsernamePasswordCredentials( credentials.getUserId(), (Password) credentials.getCredential()); } else if (isDigestCredential()) { creds = new DigestCredentials((Digest) credentials.getCredential()); } else if (isCustomCredential()) { creds = (Credentials) credentials.getCredential(); } else { throw new UnexpectedCredentialException( "Unsupported credential type [" + credentials.getCredential() + "]."); } if (AUTHENTICATION_LOGGER.isDebugEnabled()) { AUTHENTICATION_LOGGER.debugf("Validating credentials [%s] using PicketLink IDM.", creds); } identityManager.get().validateCredentials(creds); this.credentials.setStatus(creds.getStatus()); this.credentials.setValidatedAccount(creds.getValidatedAccount()); if (AUTHENTICATION_LOGGER.isDebugEnabled()) { AUTHENTICATION_LOGGER.debugf( "Credential status is [%s] and validated account [%s]", this.credentials.getStatus(), this.credentials.getValidatedAccount()); } if (Credentials.Status.VALID.equals(creds.getStatus())) { setStatus(AuthenticationStatus.SUCCESS); setAccount(creds.getValidatedAccount()); } else if (Credentials.Status.ACCOUNT_DISABLED.equals(creds.getStatus())) { throw new LockedAccountException( "Account [" + this.credentials.getUserId() + "] is disabled."); } else if (Credentials.Status.EXPIRED.equals(creds.getStatus())) { throw new CredentialExpiredException( "Credential is expired for Account [" + this.credentials.getUserId() + "]."); } }
private boolean isUsernamePasswordCredential() { return Password.class.equals(credentials.getCredential().getClass()) && credentials.getUserId() != null; }
private boolean isDigestCredential() { return Digest.class.equals(credentials.getCredential().getClass()); }
private boolean isCustomCredential() { return Credentials.class.isInstance(credentials.getCredential()); }