test/org/jsecurity/ActiveDirectoryRealmTest.java - jsecurity - Git at Google

 /*
  * Copyright 2005-2008 Tim Veil
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.jsecurity;

 import org.jsecurity.authc.*;
 import org.jsecurity.authc.credential.CredentialsMatcher;
 import org.jsecurity.authz.AuthorizingAccount;
 import org.jsecurity.authz.SimpleAuthorizingAccount;
 import org.jsecurity.mgt.DefaultSecurityManager;
 import org.jsecurity.realm.AuthorizingRealm;
 import org.jsecurity.realm.activedirectory.ActiveDirectoryRealm;
 import org.jsecurity.realm.ldap.LdapContextFactory;
 import org.jsecurity.subject.PrincipalCollection;
 import org.jsecurity.subject.SimplePrincipalCollection;
 import org.jsecurity.subject.Subject;
 import org.junit.After;
 import static org.junit.Assert.assertTrue;
 import org.junit.Before;
 import org.junit.Test;

 import javax.naming.NamingException;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
 import java.util.HashSet;
 import java.util.Set;

 /**
  * Simple test case for ActiveDirectoryRealm.
  *
  * todo:  While the original incarnation of this test case does not actually test the
  * heart of ActiveDirectoryRealm (no meaningful implemenation of queryForLdapAccount, etc) it obviously should.
  * This version was intended to mimic my current usage scenario in an effort to debug upgrade issues which were not related
  * to LDAP connectivity.
  *
  * @author Tim Veil
  */
 public class ActiveDirectoryRealmTest {

     DefaultSecurityManager securityManager = null;
     AuthorizingRealm realm;

     private static final String USERNAME = "testuser";
     private static final String PASSWORD = "password";
     private static final int USER_ID = 12345;
     private static final String ROLE = "admin";

     @Before
     public void setup() {
         realm = new TestActiveDirectoryRealm();
         securityManager = new DefaultSecurityManager(realm);

     }

     @After
     public void tearDown() {
         securityManager.destroy();
     }

     @Test
     public void testDefaultConfig() {
         securityManager.init();
         InetAddress localhost = null;
         try {
             localhost = InetAddress.getLocalHost();
         } catch (UnknownHostException e) {
             e.printStackTrace();
         }
         Subject subject = securityManager.login(new UsernamePasswordToken(USERNAME, PASSWORD, localhost));
         assertTrue(subject.isAuthenticated());
         assertTrue(subject.hasRole(ROLE));


         UsernamePrincipal usernamePrincipal = subject.getPrincipals().oneByType(UsernamePrincipal.class);
         assertTrue(usernamePrincipal.getUsername().equals(USERNAME));

         UserIdPrincipal userIdPrincipal = subject.getPrincipals().oneByType(UserIdPrincipal.class);
         assertTrue(userIdPrincipal.getUserId() == USER_ID);

         Object principals = subject.getPrincipal();

         assertTrue(realm.hasRole(subject.getPrincipals(), ROLE));

         subject.logout();
     }

     public class TestActiveDirectoryRealm extends ActiveDirectoryRealm {

         /*--------------------------------------------
         |         C O N S T R U C T O R S           |
             ============================================*/
         CredentialsMatcher credentialsMatcher;

         public TestActiveDirectoryRealm() {
             super();


             credentialsMatcher = new CredentialsMatcher() {
                 public boolean doCredentialsMatch(AuthenticationToken object, Account object1) {
                     return true;
                 }
             };

             setCredentialsMatcher(credentialsMatcher);
         }


         protected Account doGetAccount(AuthenticationToken token) throws AuthenticationException {
             SimpleAccount account = (SimpleAccount) super.doGetAccount(token);

             if (account != null) {
                 SimplePrincipalCollection principals = new SimplePrincipalCollection();
                 principals.add( getName(), new UserIdPrincipal(USER_ID));
                 principals.add( getName(), new UsernamePrincipal(USERNAME));
                 account.setPrincipals( principals );
             }

             return account;

         }

         protected AuthorizingAccount doGetAccount(PrincipalCollection principals) {
             Set<String> roles = new HashSet<String>();
             roles.add(ROLE);
             return new SimpleAuthorizingAccount(principals.fromRealm(getName()), null, getName(), roles, null);
         }

         // override ldap query because i don't care about testing that piece in this case
         protected Account queryForLdapAccount(AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
             return new SimpleAccount(token.getPrincipal(), token.getCredentials(), getName());
         }

     }


 }
	/*
	* Copyright 2005-2008 Tim Veil
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.jsecurity;

	import org.jsecurity.authc.*;
	import org.jsecurity.authc.credential.CredentialsMatcher;
	import org.jsecurity.authz.AuthorizingAccount;
	import org.jsecurity.authz.SimpleAuthorizingAccount;
	import org.jsecurity.mgt.DefaultSecurityManager;
	import org.jsecurity.realm.AuthorizingRealm;
	import org.jsecurity.realm.activedirectory.ActiveDirectoryRealm;
	import org.jsecurity.realm.ldap.LdapContextFactory;
	import org.jsecurity.subject.PrincipalCollection;
	import org.jsecurity.subject.SimplePrincipalCollection;
	import org.jsecurity.subject.Subject;
	import org.junit.After;
	import static org.junit.Assert.assertTrue;
	import org.junit.Before;
	import org.junit.Test;

	import javax.naming.NamingException;
	import java.net.InetAddress;
	import java.net.UnknownHostException;
	import java.util.HashSet;
	import java.util.Set;

	/**
	* Simple test case for ActiveDirectoryRealm.
	*
	* todo: While the original incarnation of this test case does not actually test the
	* heart of ActiveDirectoryRealm (no meaningful implemenation of queryForLdapAccount, etc) it obviously should.
	* This version was intended to mimic my current usage scenario in an effort to debug upgrade issues which were not related
	* to LDAP connectivity.
	*
	* @author Tim Veil
	*/
	public class ActiveDirectoryRealmTest {

	DefaultSecurityManager securityManager = null;
	AuthorizingRealm realm;

	private static final String USERNAME = "testuser";
	private static final String PASSWORD = "password";
	private static final int USER_ID = 12345;
	private static final String ROLE = "admin";

	@Before
	public void setup() {
	realm = new TestActiveDirectoryRealm();
	securityManager = new DefaultSecurityManager(realm);

	}

	@After
	public void tearDown() {
	securityManager.destroy();
	}

	@Test
	public void testDefaultConfig() {
	securityManager.init();
	InetAddress localhost = null;
	try {
	localhost = InetAddress.getLocalHost();
	} catch (UnknownHostException e) {
	e.printStackTrace();
	}
	Subject subject = securityManager.login(new UsernamePasswordToken(USERNAME, PASSWORD, localhost));
	assertTrue(subject.isAuthenticated());
	assertTrue(subject.hasRole(ROLE));



	UsernamePrincipal usernamePrincipal = subject.getPrincipals().oneByType(UsernamePrincipal.class);
	assertTrue(usernamePrincipal.getUsername().equals(USERNAME));

	UserIdPrincipal userIdPrincipal = subject.getPrincipals().oneByType(UserIdPrincipal.class);
	assertTrue(userIdPrincipal.getUserId() == USER_ID);

	Object principals = subject.getPrincipal();

	assertTrue(realm.hasRole(subject.getPrincipals(), ROLE));

	subject.logout();
	}

	public class TestActiveDirectoryRealm extends ActiveDirectoryRealm {

	/*--------------------------------------------
	\| C O N S T R U C T O R S \|
	============================================*/
	CredentialsMatcher credentialsMatcher;

	public TestActiveDirectoryRealm() {
	super();


	credentialsMatcher = new CredentialsMatcher() {
	public boolean doCredentialsMatch(AuthenticationToken object, Account object1) {
	return true;
	}
	};

	setCredentialsMatcher(credentialsMatcher);
	}


	protected Account doGetAccount(AuthenticationToken token) throws AuthenticationException {
	SimpleAccount account = (SimpleAccount) super.doGetAccount(token);

	if (account != null) {
	SimplePrincipalCollection principals = new SimplePrincipalCollection();
	principals.add( getName(), new UserIdPrincipal(USER_ID));
	principals.add( getName(), new UsernamePrincipal(USERNAME));
	account.setPrincipals( principals );
	}

	return account;

	}

	protected AuthorizingAccount doGetAccount(PrincipalCollection principals) {
	Set<String> roles = new HashSet<String>();
	roles.add(ROLE);
	return new SimpleAuthorizingAccount(principals.fromRealm(getName()), null, getName(), roles, null);
	}

	// override ldap query because i don't care about testing that piece in this case
	protected Account queryForLdapAccount(AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
	return new SimpleAccount(token.getPrincipal(), token.getCredentials(), getName());
	}

	}


	}