本文整理汇总了Java中org.eclipse.jetty.server.Authentication类的典型用法代码示例。如果您正苦于以下问题:Java Authentication类的具体用法?Java Authentication怎么用?Java Authentication使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
Authentication类属于org.eclipse.jetty.server包,在下文中一共展示了Authentication类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: sendChallengeIfNecessary
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
/**
* Jetty has a bug in which if there is an Authorization header sent by a client which is
* not of the Negotiate type, Jetty does not send the challenge to negotiate. This works
* around that issue, forcing the challenge to be sent. Will require investigation on
* upgrade to a newer version of Jetty.
*/
Authentication sendChallengeIfNecessary(Authentication computedAuth, ServletRequest request,
ServletResponse response) throws IOException {
if (computedAuth == Authentication.UNAUTHENTICATED) {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String header = req.getHeader(HttpHeader.AUTHORIZATION.asString());
// We have an authorization header, but it's not Negotiate
if (header != null && !header.startsWith(HttpHeader.NEGOTIATE.asString())) {
LOG.debug("Client sent Authorization header that was not for Negotiate,"
+ " sending challenge anyways.");
if (DeferredAuthentication.isDeferred(res)) {
return Authentication.UNAUTHENTICATED;
}
res.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return Authentication.SEND_CONTINUE;
}
}
return computedAuth;
}
示例2: testNewSessionReqForSpnegoLogin
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
/**
* Test to verify response when request is sent for {@link WebServerConstants#SPENGO_LOGIN_RESOURCE_PATH} from
* unauthenticated session. Expectation is client will receive response with Negotiate header.
* @throws Exception
*/
@Test
public void testNewSessionReqForSpnegoLogin() throws Exception {
final HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
final HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
final HttpSession session = Mockito.mock(HttpSession.class);
Mockito.when(request.getSession(true)).thenReturn(session);
Mockito.when(request.getRequestURI()).thenReturn(WebServerConstants.SPENGO_LOGIN_RESOURCE_PATH);
final Authentication authentication = spnegoAuthenticator.validateRequest(request, response, false);
assertEquals(authentication, Authentication.SEND_CONTINUE);
verify(response).sendError(401);
verify(response).setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
}
示例3: testAuthClientRequestForSpnegoLoginResource
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
/**
* Test to verify response when request is sent for {@link WebServerConstants#SPENGO_LOGIN_RESOURCE_PATH} from
* authenticated session. Expectation is server will find the authenticated UserIdentity.
* @throws Exception
*/
@Test
public void testAuthClientRequestForSpnegoLoginResource() throws Exception {
final HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
final HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
final HttpSession session = Mockito.mock(HttpSession.class);
final Authentication authentication = Mockito.mock(UserAuthentication.class);
Mockito.when(request.getSession(true)).thenReturn(session);
Mockito.when(request.getRequestURI()).thenReturn(WebServerConstants.SPENGO_LOGIN_RESOURCE_PATH);
Mockito.when(session.getAttribute(SessionAuthentication.__J_AUTHENTICATED)).thenReturn(authentication);
final UserAuthentication returnedAuthentication = (UserAuthentication) spnegoAuthenticator.validateRequest
(request, response, false);
assertEquals(authentication, returnedAuthentication);
verify(response, never()).sendError(401);
verify(response, never()).setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
}
示例4: testAuthClientRequestForOtherPage
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
/**
* Test to verify response when request is sent for any other resource other than
* {@link WebServerConstants#SPENGO_LOGIN_RESOURCE_PATH} from authenticated session. Expectation is server will
* find the authenticated UserIdentity and will not perform the authentication again for new resource.
* @throws Exception
*/
@Test
public void testAuthClientRequestForOtherPage() throws Exception {
final HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
final HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
final HttpSession session = Mockito.mock(HttpSession.class);
final Authentication authentication = Mockito.mock(UserAuthentication.class);
Mockito.when(request.getSession(true)).thenReturn(session);
Mockito.when(request.getRequestURI()).thenReturn(WebServerConstants.WEBSERVER_ROOT_PATH);
Mockito.when(session.getAttribute(SessionAuthentication.__J_AUTHENTICATED)).thenReturn(authentication);
final UserAuthentication returnedAuthentication = (UserAuthentication) spnegoAuthenticator.validateRequest
(request, response, false);
assertEquals(authentication, returnedAuthentication);
verify(response, never()).sendError(401);
verify(response, never()).setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
}
示例5: testAuthClientRequestForLogOut
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
/**
* Test to verify that when request is sent for {@link WebServerConstants#LOGOUT_RESOURCE_PATH} then the UserIdentity
* will be removed from the session and returned authentication will be null from
* {@link DrillSpnegoAuthenticator#validateRequest(ServletRequest, ServletResponse, boolean)}
* @throws Exception
*/
@Test
public void testAuthClientRequestForLogOut() throws Exception {
final HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
final HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
final HttpSession session = Mockito.mock(HttpSession.class);
final Authentication authentication = Mockito.mock(UserAuthentication.class);
Mockito.when(request.getSession(true)).thenReturn(session);
Mockito.when(request.getRequestURI()).thenReturn(WebServerConstants.LOGOUT_RESOURCE_PATH);
Mockito.when(session.getAttribute(SessionAuthentication.__J_AUTHENTICATED)).thenReturn(authentication);
final UserAuthentication returnedAuthentication = (UserAuthentication) spnegoAuthenticator.validateRequest
(request, response, false);
assertNull(returnedAuthentication);
verify(session).removeAttribute(SessionAuthentication.__J_AUTHENTICATED);
verify(response, never()).sendError(401);
verify(response, never()).setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
}
示例6: validateRequest
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
@Override
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException {
Authentication result = super.validateRequest(request, response, mandatory);
if ((result == Authentication.UNAUTHENTICATED) &&
mandatory &&
!DeferredAuthentication.isDeferred((HttpServletResponse)response)) {
LOG.debug("SpengoAuthenticatorEx: unauthenticated -> forbidden");
try {
((HttpServletResponse)response).sendError(Response.SC_FORBIDDEN,
"negotiation failure");
}
catch (IOException ex) {
throw new ServerAuthException(ex);
}
result = Authentication.SEND_FAILURE;
}
return result;
}
示例7: validateRequestDelegation
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
Authentication validateRequestDelegation(ServletRequest request, ServletResponse response, boolean mandatory)
throws ServerAuthException {
Authenticator auth = userAuthenticator;
HttpServletRequest httpReq = (HttpServletRequest) request;
boolean isRestCall = httpReq.getHeader(SSOConstants.X_REST_CALL) != null;
boolean isAppCall = httpReq.getHeader(SSOConstants.X_APP_AUTH_TOKEN) != null ||
httpReq.getHeader(SSOConstants.X_APP_COMPONENT_ID) != null;
if (isAppCall && isRestCall) {
auth = appAuthenticator;
if (getLog().isTraceEnabled()) {
getLog().trace("App request '{}'", getRequestInfoForLogging(httpReq, "?"));
}
} else {
if (getLog().isTraceEnabled()) {
getLog().trace("User request '{}'", getRequestInfoForLogging(httpReq, "?"));
}
}
return auth.validateRequest(request, response, mandatory);
}
示例8: returnUnauthorized
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
protected Authentication returnUnauthorized(
HttpServletRequest httpReq,
HttpServletResponse httpRes,
Map errorReason,
String principalId,
String logMessageTemplate
) throws ServerAuthException {
if (getLog().isDebugEnabled()) {
getLog().debug(logMessageTemplate, getRequestInfoForLogging(httpReq, principalId));
}
try {
httpRes.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "dpm");
httpRes.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
httpRes.setContentType("application/json");
OBJECT_MAPPER.writeValue(httpRes.getWriter(), errorReason);
return Authentication.SEND_FAILURE;
} catch (IOException ex) {
throw new ServerAuthException(Utils.format("Could send a Unauthorized (401) response: {}", ex.toString(), ex));
}
}
示例9: testReturnForbidden
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
@Test
public void testReturnForbidden() throws Exception {
SSOService ssoService = Mockito.mock(SSOService.class);
AbstractSSOAuthenticator authenticator = new ForTestSSOAuthenticator(ssoService);
HttpServletRequest req = Mockito.mock(HttpServletRequest.class);
Mockito.when(req.getRequestURL()).thenReturn(new StringBuffer("url"));
Mockito.when(req.getRemoteAddr()).thenReturn("remoteAddress");
Mockito.when(req.getMethod()).thenReturn("method");
Mockito.when(req.getQueryString()).thenReturn("QS");
HttpServletResponse res = Mockito.mock(HttpServletResponse.class);
StringWriter writer = new StringWriter();
PrintWriter printWriter = new PrintWriter(writer);
Mockito.when(res.getWriter()).thenReturn(printWriter);
Assert.assertEquals(Authentication.SEND_FAILURE, authenticator.returnUnauthorized(req, res, "principal", "template"));
ArgumentCaptor<Integer> error = ArgumentCaptor.forClass(Integer.class);
Mockito.verify(res).setStatus(error.capture());
Assert.assertEquals(
SSOUserAuthenticator.UNAUTHORIZED_JSON,
new ObjectMapper().readValue(writer.toString().trim(), Map.class)
);
Mockito.verify(res).setContentType(Mockito.eq("application/json"));
}
示例10: testRedirectToSelf
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
@Test
public void testRedirectToSelf() throws Exception {
SSOService ssoService = Mockito.mock(SSOService.class);
SSOUserAuthenticator authenticator = new SSOUserAuthenticator(ssoService, null);
HttpServletRequest req = Mockito.mock(HttpServletRequest.class);
Mockito.when(req.getRequestURL()).thenReturn(new StringBuffer("http://foo/bar"));
Mockito.when(req.getQueryString()).thenReturn("a=A&b=B&" + SSOConstants.USER_AUTH_TOKEN_PARAM + "=token");
HttpServletResponse res = Mockito.mock(HttpServletResponse.class);
Assert.assertEquals(Authentication.SEND_CONTINUE, authenticator.redirectToSelf(req, res));
ArgumentCaptor<String> redirect = ArgumentCaptor.forClass(String.class);
Mockito.verify(res).sendRedirect(redirect.capture());
Assert.assertEquals("http://foo/bar?a=A&b=B", redirect.getValue());
}
示例11: testreturnUnauthorized
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
@Test
public void testreturnUnauthorized() throws Exception {
SSOService ssoService = Mockito.mock(SSOService.class);
ssoService.setConfiguration(new Configuration());
SSOUserAuthenticator authenticator = Mockito.spy(new SSOUserAuthenticator(ssoService, null));
Mockito
.doReturn("http://foo")
.when(authenticator)
.getLoginUrl(Mockito.any(HttpServletRequest.class), Mockito.anyBoolean());
HttpServletRequest req = Mockito.mock(HttpServletRequest.class);
Mockito.when(req.getServerPort()).thenReturn(1000);
HttpServletResponse res = Mockito.mock(HttpServletResponse.class);
Mockito.when(res.getWriter()).thenReturn(new PrintWriter(new StringWriter()));
Assert.assertEquals(Authentication.SEND_FAILURE, authenticator.returnUnauthorized(req, res, "principal", "template"));
Mockito.verify(authenticator).redirectToLogin(Mockito.eq(req), Mockito.eq(res));
ArgumentCaptor<Cookie> cookieCaptor = ArgumentCaptor.forClass(Cookie.class);
Mockito.verify(authenticator, Mockito.times(1)).createAuthCookie(Mockito.eq(req), Mockito.eq(""), Mockito.eq(0L));
Mockito.verify(res, Mockito.times(1)).addCookie(cookieCaptor.capture());
Assert.assertEquals(authenticator.getAuthCookieName(req), cookieCaptor.getValue().getName());
Assert.assertEquals("", cookieCaptor.getValue().getValue());
Assert.assertEquals("/", cookieCaptor.getValue().getPath());
Assert.assertEquals(0, cookieCaptor.getValue().getMaxAge());
}
示例12: testreturnUnauthorizedREST
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
@Test
public void testreturnUnauthorizedREST() throws Exception {
SSOService ssoService = Mockito.mock(SSOService.class);
SSOUserAuthenticator authenticator = Mockito.spy(new SSOUserAuthenticator(ssoService, null));
Mockito
.doReturn("http://foo")
.when(authenticator)
.getLoginUrl(Mockito.any(HttpServletRequest.class), Mockito.anyBoolean());
HttpServletRequest req = Mockito.mock(HttpServletRequest.class);
Mockito.when(req.getHeader(Mockito.eq(SSOConstants.X_REST_CALL))).thenReturn("foo");
HttpServletResponse res = Mockito.mock(HttpServletResponse.class);
Mockito.when(res.getWriter()).thenReturn(new PrintWriter(new StringWriter()));
Assert.assertEquals(Authentication.SEND_FAILURE, authenticator.returnUnauthorized(req, res, "principal", "template"));
Mockito.verify(res).setContentType(Mockito.eq("application/json"));
}
示例13: testValidateRequestMandatoryInvalidAuthToken
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
@Test
public void testValidateRequestMandatoryInvalidAuthToken() throws Exception {
SSOService ssoService = Mockito.mock(SSOService.class);
SSOUserAuthenticator authenticator = Mockito.spy(new SSOUserAuthenticator(ssoService, null));
HttpServletRequest req = Mockito.mock(HttpServletRequest.class);
HttpServletResponse res = Mockito.mock(HttpServletResponse.class);
Mockito.doReturn("token").when(authenticator).getAuthTokenFromRequest(Mockito.eq(req));
Mockito.doReturn(Authentication.SEND_FAILURE).when(authenticator).returnUnauthorized(Mockito.eq(req), Mockito.eq
(res), Mockito.anyString(), Mockito.anyString());
Assert.assertEquals(Authentication.SEND_FAILURE, authenticator.validateRequest(req, res, true));
Mockito
.verify(authenticator)
.returnUnauthorized(Mockito.eq(req), Mockito.eq(res), Mockito.anyString(), Mockito.anyString());
Mockito.verify(ssoService).validateUserToken(Mockito.eq("token"));
Mockito.verifyNoMoreInteractions(ssoService);
}
示例14: testValidateRequestMandatoryNoRESTCall
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
@Test
public void testValidateRequestMandatoryNoRESTCall() throws Exception {
SSOService ssoService = Mockito.mock(SSOService.class);
SSOAppAuthenticator authenticator = Mockito.spy(new SSOAppAuthenticator(ssoService));
HttpServletRequest req = Mockito.mock(HttpServletRequest.class);
HttpServletResponse res = Mockito.mock(HttpServletResponse.class);
Mockito.when(req.getHeader(Mockito.eq(SSOConstants.X_APP_COMPONENT_ID))).thenReturn("componentId");
Mockito.when(req.getHeader(Mockito.eq(SSOConstants.X_REST_CALL))).thenReturn(null);
Mockito
.doReturn(Authentication.SEND_FAILURE)
.when(authenticator)
.returnUnauthorized(Mockito.eq(req), Mockito.eq(res), Mockito.eq("componentId"), Mockito.anyString());
Assert.assertEquals(Authentication.SEND_FAILURE, authenticator.validateRequest(req, res, true));
Mockito
.verify(authenticator)
.returnUnauthorized(Mockito.eq(req), Mockito.eq(res), Mockito.eq("componentId"), Mockito.anyString());
}
示例15: testValidateRequestMandatoryNoAuthToken
import org.eclipse.jetty.server.Authentication; //导入依赖的package包/类
@Test
public void testValidateRequestMandatoryNoAuthToken() throws Exception {
SSOService ssoService = Mockito.mock(SSOService.class);
SSOAppAuthenticator authenticator = Mockito.spy(new SSOAppAuthenticator(ssoService));
HttpServletRequest req = Mockito.mock(HttpServletRequest.class);
HttpServletResponse res = Mockito.mock(HttpServletResponse.class);
Mockito.when(req.getHeader(Mockito.eq(SSOConstants.X_APP_COMPONENT_ID))).thenReturn("componentId");
Mockito.when(req.getHeader(Mockito.eq(SSOConstants.X_REST_CALL))).thenReturn("foo");
Mockito
.doReturn(Authentication.SEND_FAILURE)
.when(authenticator)
.returnUnauthorized(Mockito.eq(req), Mockito.eq(res), Mockito.eq("componentId"), Mockito.anyString());
Assert.assertEquals(Authentication.SEND_FAILURE, authenticator.validateRequest(req, res, true));
Mockito
.verify(authenticator)
.returnUnauthorized(Mockito.eq(req), Mockito.eq(res), Mockito.eq("componentId"), Mockito.anyString());
}