public void testAuthorization() throws Exception { SecuritySystem security = lookup(SecuritySystem.class); security.start(); // LDAP user SimplePrincipalCollection principals = new SimplePrincipalCollection(); principals.add("cstamas", new NexusLdapAuthenticationRealm().getName()); Assert.assertTrue(security.hasRole(principals, "developer")); Assert.assertFalse(security.hasRole(principals, "JUNK")); // xml user principals = new SimplePrincipalCollection(); // users must be from the correct realm now! principals.add("deployment", new XmlAuthenticatingRealm().getName()); Assert.assertTrue(security.hasRole(principals, "deployment")); Assert.assertFalse(security.hasRole(principals, "JUNK")); }
public void testAuthorizationPriv() throws Exception { SecuritySystem security = lookup(SecuritySystem.class); security.start(); // LDAP SimplePrincipalCollection principals = new SimplePrincipalCollection(); principals.add("cstamas", new NexusLdapAuthenticationRealm().getName()); Assert.assertTrue(security.isPermitted(principals, "security:usersforgotpw:create")); Assert.assertFalse(security.isPermitted(principals, "security:usersforgotpw:delete")); // XML principals = new SimplePrincipalCollection(); principals.add("test-user", new XmlAuthenticatingRealm().getName()); Assert.assertTrue(security.isPermitted(principals, "security:usersforgotpw:create")); Assert.assertFalse(security.isPermitted(principals, "security:usersforgotpw:delete")); Assert.assertTrue(security.isPermitted(principals, "nexus:target:1:*:delete")); }
@Test public void testAuthorizationPriv() throws Exception { SecuritySystem security = lookup(SecuritySystem.class); security.start(); // LDAP SimplePrincipalCollection principals = new SimplePrincipalCollection(); principals.add("cstamas", new NexusLdapAuthenticationRealm().getName()); // if realm is not configured, the user should not be able to be authorized Assert.assertFalse(security.isPermitted(principals, "security:usersforgotpw:create")); // XML principals = new SimplePrincipalCollection(); // TODO: bdemers or dbradicich, this "fix" is wrong, it relies on imple details! // was: principals.add( "test-user", new XmlAuthenticatingRealm().getName() ); principals.add("test-user", XmlAuthenticatingRealm.ROLE); Assert.assertTrue(security.isPermitted(principals, "security:usersforgotpw:create")); Assert.assertFalse(security.isPermitted(principals, "security:usersforgotpw:delete")); Assert.assertTrue(security.isPermitted(principals, "nexus:target:1:*:delete")); }
@Test public void testAuthorization() throws Exception { SecuritySystem security = lookup(SecuritySystem.class); security.start(); // LDAP should fail SimplePrincipalCollection principals = new SimplePrincipalCollection(); principals.add("cstamas", new NexusLdapAuthenticationRealm().getName()); // if realm is not configured, the user should not be able to be authorized Assert.assertFalse(security.hasRole(principals, "nx-developer")); Assert.assertFalse(security.hasRole(principals, "JUNK")); // xml user principals = new SimplePrincipalCollection(); // TODO: bdemers or dbradicich, this "fix" is wrong, it relies on imple details! // was: principals.add( "deployment", new XmlAuthenticatingRealm().getName() ); principals.add("deployment", XmlAuthenticatingRealm.ROLE); Assert.assertTrue(security.hasRole(principals, "nx-deployment")); Assert.assertFalse(security.hasRole(principals, "JUNK")); }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { User user = (User) token.getPrincipal(); if (user == null) { throw new UnknownAccountException( ConstantsUtility.ERROR_MESSAGES.getString("userDoesNotExist")); } else if (!user.isActive()) { throw new LockedAccountException(ConstantsUtility.ERROR_MESSAGES.getString("userInactive")); } else if (user.isLocked()) { throw new LockedAccountException(ConstantsUtility.ERROR_MESSAGES.getString("userLocked")); } SimplePrincipalCollection principles = new SimplePrincipalCollection(); principles.add(user, ConstantsUtility.OAUTH_REALM_NAME); return new SimpleAuthenticationInfo(principles, token.getCredentials()); }
public IkanowV1AuthenticationInfo(AuthenticationBean ab) { this.authenticationBean = ab; String realmName = IkanowV1Realm.class.getSimpleName(); this.principalCollection = new SimplePrincipalCollection(ab.getProfileId(), realmName); principalCollection.add(ab.get_id(), realmName); }
public void removeUserAuthorizationInfoCache(String username) { SimplePrincipalCollection pc = new SimplePrincipalCollection(); pc.add(username, super.getName()); super.clearCachedAuthorizationInfo(pc); }
private boolean doesUserHaveAllRoles(String username, String... roles) { SimplePrincipalCollection principals = new SimplePrincipalCollection(); principals.add(username, this.realm.getName()); return this.realm.hasAllRoles(principals, Arrays.asList(roles)); }