| /** |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package org.apache.hadoop.gateway.provider.federation; |
| |
| import static org.junit.Assert.fail; |
| |
| import java.io.IOException; |
| import java.security.AccessController; |
| import java.security.KeyPair; |
| import java.security.KeyPairGenerator; |
| import java.security.NoSuchAlgorithmException; |
| import java.security.Principal; |
| import java.security.interfaces.RSAPrivateKey; |
| import java.security.interfaces.RSAPublicKey; |
| import java.util.Enumeration; |
| import java.util.List; |
| import java.util.ArrayList; |
| import java.util.Properties; |
| import java.util.Date; |
| import java.util.Set; |
| |
| import javax.security.auth.Subject; |
| import javax.servlet.FilterChain; |
| import javax.servlet.FilterConfig; |
| import javax.servlet.ServletContext; |
| import javax.servlet.ServletException; |
| import javax.servlet.ServletRequest; |
| import javax.servlet.ServletResponse; |
| import javax.servlet.http.Cookie; |
| import javax.servlet.http.HttpServletRequest; |
| import javax.servlet.http.HttpServletResponse; |
| |
| import org.apache.hadoop.gateway.provider.federation.jwt.filter.SSOCookieFederationFilter; |
| import org.apache.hadoop.gateway.security.PrimaryPrincipal; |
| import org.apache.hadoop.gateway.services.security.token.JWTokenAuthority; |
| import org.apache.hadoop.gateway.services.security.token.TokenServiceException; |
| import org.apache.hadoop.gateway.services.security.token.impl.JWT; |
| import org.apache.hadoop.gateway.services.security.token.impl.JWTToken; |
| import org.easymock.EasyMock; |
| import org.junit.After; |
| import org.junit.Assert; |
| import org.junit.Before; |
| import org.junit.Test; |
| |
| import com.nimbusds.jose.*; |
| import com.nimbusds.jwt.JWTClaimsSet; |
| import com.nimbusds.jwt.SignedJWT; |
| import com.nimbusds.jose.crypto.RSASSASigner; |
| import com.nimbusds.jose.util.Base64URL; |
| |
| public class SSOCookieProviderTest { |
| private static final String SERVICE_URL = "https://localhost:8888/resource"; |
| private static final String REDIRECT_LOCATION = |
| "https://localhost:8443/authserver?originalUrl=" + SERVICE_URL; |
| RSAPublicKey publicKey = null; |
| RSAPrivateKey privateKey = null; |
| SSOCookieFederationFilter handler = null; |
| |
| @Test |
| public void testCustomCookieNameJWT() throws Exception { |
| try { |
| Properties props = getProperties(); |
| props.put("sso.cookie.name", "jowt"); |
| handler.init(new TestFilterConfig(props)); |
| |
| SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000), |
| privateKey); |
| |
| Cookie cookie = new Cookie("jowt", jwt.serialize()); |
| HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class); |
| EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie }); |
| EasyMock.expect(request.getRequestURL()).andReturn( |
| new StringBuffer(SERVICE_URL)); |
| EasyMock.expect(request.getQueryString()).andReturn(null); |
| HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class); |
| EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn( |
| SERVICE_URL); |
| EasyMock.replay(request); |
| |
| ((TestSSOCookieFederationProvider) handler).setTokenService(new TestJWTokenAuthority()); |
| TestFilterChain chain = new TestFilterChain(); |
| handler.doFilter(request, response, chain); |
| Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled == true); |
| Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class); |
| Assert.assertTrue("No PrimaryPrincipal returned.", principals.size() > 0); |
| Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName()); |
| } catch (ServletException se) { |
| fail("Should NOT have thrown a ServletException."); |
| } |
| } |
| |
| @Test |
| public void testNoProviderURLJWT() throws Exception { |
| try { |
| Properties props = getProperties(); |
| props |
| .remove("sso.authentication.provider.url"); |
| handler.init(new TestFilterConfig(props)); |
| |
| fail("Servlet exception should have been thrown."); |
| |
| } catch (ServletException se) { |
| // expected - let's ensure it mentions the missing authenticaiton provider URL |
| se.getMessage().contains("authentication provider URL is missing"); |
| } |
| } |
| /* |
| @Test |
| public void testUnableToParseJWT() throws Exception { |
| try { |
| KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); |
| kpg.initialize(2048); |
| |
| KeyPair kp = kpg.genKeyPair(); |
| RSAPublicKey publicKey = (RSAPublicKey) kp.getPublic(); |
| |
| handler.setPublicKey(publicKey); |
| |
| Properties props = getProperties(); |
| handler.init(props); |
| |
| SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), |
| privateKey); |
| |
| Cookie cookie = new Cookie("hadoop-jwt", "ljm" + jwt.serialize()); |
| HttpServletRequest request = Mockito.mock(HttpServletRequest.class); |
| Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie }); |
| Mockito.when(request.getRequestURL()).thenReturn( |
| new StringBuffer(SERVICE_URL)); |
| HttpServletResponse response = Mockito.mock(HttpServletResponse.class); |
| Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn( |
| SERVICE_URL); |
| |
| AuthenticationToken token = handler.alternateAuthenticate(request, |
| response); |
| Mockito.verify(response).sendRedirect(REDIRECT_LOCATION); |
| } catch (ServletException se) { |
| fail("alternateAuthentication should NOT have thrown a ServletException"); |
| } catch (AuthenticationException ae) { |
| fail("alternateAuthentication should NOT have thrown a AuthenticationException"); |
| } |
| } |
| |
| @Test |
| public void testFailedSignatureValidationJWT() throws Exception { |
| try { |
| |
| // Create a public key that doesn't match the one needed to |
| // verify the signature - in order to make it fail verification... |
| KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); |
| kpg.initialize(2048); |
| |
| KeyPair kp = kpg.genKeyPair(); |
| RSAPublicKey publicKey = (RSAPublicKey) kp.getPublic(); |
| |
| handler.setPublicKey(publicKey); |
| |
| Properties props = getProperties(); |
| handler.init(props); |
| |
| SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), |
| privateKey); |
| |
| Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize()); |
| HttpServletRequest request = Mockito.mock(HttpServletRequest.class); |
| Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie }); |
| Mockito.when(request.getRequestURL()).thenReturn( |
| new StringBuffer(SERVICE_URL)); |
| HttpServletResponse response = Mockito.mock(HttpServletResponse.class); |
| Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn( |
| SERVICE_URL); |
| |
| AuthenticationToken token = handler.alternateAuthenticate(request, |
| response); |
| Mockito.verify(response).sendRedirect(REDIRECT_LOCATION); |
| } catch (ServletException se) { |
| fail("alternateAuthentication should NOT have thrown a ServletException"); |
| } catch (AuthenticationException ae) { |
| fail("alternateAuthentication should NOT have thrown a AuthenticationException"); |
| } |
| } |
| */ |
| @Test |
| public void testExpiredJWT() throws Exception { |
| try { |
| ((TestSSOCookieFederationProvider) handler).setPublicKey(publicKey); |
| |
| Properties props = getProperties(); |
| handler.init(new TestFilterConfig(props)); |
| |
| SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() - 1000), |
| privateKey); |
| |
| Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize()); |
| HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class); |
| EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie }); |
| EasyMock.expect(request.getRequestURL()).andReturn( |
| new StringBuffer(SERVICE_URL)); |
| EasyMock.expect(request.getQueryString()).andReturn(null); |
| HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class); |
| EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn( |
| SERVICE_URL); |
| EasyMock.replay(request); |
| |
| ((TestSSOCookieFederationProvider) handler).setTokenService(new TestJWTokenAuthority()); |
| TestFilterChain chain = new TestFilterChain(); |
| handler.doFilter(request, response, chain); |
| Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled == false); |
| // Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class); |
| // Assert.assertTrue("No PrimaryPrincipal", principals.size() > 0); |
| // Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName()); |
| // Assert.assertEquals("alice", token.getUserName()); |
| } catch (ServletException se) { |
| fail("Should NOT have thrown a ServletException."); |
| } |
| } |
| |
| |
| @Test |
| public void testInvalidAudienceJWT() throws Exception { |
| try { |
| Properties props = getProperties(); |
| props |
| .put("sso.expected.audiences", "foo"); |
| handler.init(new TestFilterConfig(props)); |
| |
| SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000), |
| privateKey); |
| |
| Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize()); |
| HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class); |
| EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie }); |
| EasyMock.expect(request.getRequestURL()).andReturn( |
| new StringBuffer(SERVICE_URL)); |
| EasyMock.expect(request.getQueryString()).andReturn(null); |
| HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class); |
| EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn( |
| SERVICE_URL); |
| EasyMock.replay(request); |
| |
| ((TestSSOCookieFederationProvider) handler).setTokenService(new TestJWTokenAuthority()); |
| TestFilterChain chain = new TestFilterChain(); |
| handler.doFilter(request, response, chain); |
| Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled == false); |
| Assert.assertTrue("No Subject should be returned.", chain.subject == null); |
| // Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName()); |
| // Assert.assertEquals("alice", token.getUserName()); |
| } catch (ServletException se) { |
| fail("Should NOT have thrown a ServletException."); |
| } |
| } |
| |
| @Test |
| public void testValidAudienceJWT() throws Exception { |
| try { |
| Properties props = getProperties(); |
| props |
| .put("sso.expected.audiences", "bar"); |
| handler.init(new TestFilterConfig(props)); |
| |
| SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000), |
| privateKey); |
| |
| Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize()); |
| HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class); |
| EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie }); |
| EasyMock.expect(request.getRequestURL()).andReturn( |
| new StringBuffer(SERVICE_URL)); |
| EasyMock.expect(request.getQueryString()).andReturn(null); |
| HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class); |
| EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn( |
| SERVICE_URL); |
| EasyMock.replay(request); |
| |
| ((TestSSOCookieFederationProvider) handler).setTokenService(new TestJWTokenAuthority()); |
| TestFilterChain chain = new TestFilterChain(); |
| handler.doFilter(request, response, chain); |
| Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled == true); |
| Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class); |
| Assert.assertTrue("No PrimaryPrincipal", principals.size() > 0); |
| Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName()); |
| // Assert.assertEquals("alice", token.getUserName()); |
| } catch (ServletException se) { |
| fail("Should NOT have thrown a ServletException."); |
| } |
| } |
| |
| @Test |
| public void testValidJWT() throws Exception { |
| try { |
| ((TestSSOCookieFederationProvider) handler).setPublicKey(publicKey); |
| |
| Properties props = getProperties(); |
| handler.init(new TestFilterConfig(props)); |
| |
| SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000), |
| privateKey); |
| |
| Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize()); |
| HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class); |
| EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie }); |
| EasyMock.expect(request.getRequestURL()).andReturn( |
| new StringBuffer(SERVICE_URL)); |
| EasyMock.expect(request.getQueryString()).andReturn(null); |
| HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class); |
| EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn( |
| SERVICE_URL); |
| EasyMock.replay(request); |
| |
| ((TestSSOCookieFederationProvider) handler).setTokenService(new TestJWTokenAuthority()); |
| TestFilterChain chain = new TestFilterChain(); |
| handler.doFilter(request, response, chain); |
| Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled == true); |
| Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class); |
| Assert.assertTrue("No PrimaryPrincipal", principals.size() > 0); |
| Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName()); |
| // Assert.assertEquals("alice", token.getUserName()); |
| } catch (ServletException se) { |
| fail("Should NOT have thrown a ServletException."); |
| } |
| } |
| |
| @Test |
| public void testValidJWTNoExpiration() throws Exception { |
| try { |
| ((TestSSOCookieFederationProvider) handler).setPublicKey(publicKey); |
| |
| Properties props = getProperties(); |
| handler.init(new TestFilterConfig(props)); |
| |
| SignedJWT jwt = getJWT("alice", null, |
| privateKey); |
| |
| Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize()); |
| HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class); |
| EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie }); |
| EasyMock.expect(request.getRequestURL()).andReturn( |
| new StringBuffer(SERVICE_URL)); |
| EasyMock.expect(request.getQueryString()).andReturn(null); |
| HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class); |
| EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn( |
| SERVICE_URL); |
| EasyMock.replay(request); |
| |
| ((TestSSOCookieFederationProvider) handler).setTokenService(new TestJWTokenAuthority()); |
| TestFilterChain chain = new TestFilterChain(); |
| handler.doFilter(request, response, chain); |
| Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled == true); |
| Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class); |
| Assert.assertTrue("No PrimaryPrincipal", principals.size() > 0); |
| Assert.assertEquals("Not the expected principal", "alice", ((Principal)principals.toArray()[0]).getName()); |
| // Assert.assertEquals("alice", token.getUserName()); |
| } catch (ServletException se) { |
| fail("Should NOT have thrown a ServletException."); |
| } |
| } |
| |
| @Test |
| public void testOrigURLWithQueryString() throws Exception { |
| Properties props = getProperties(); |
| handler.init(new TestFilterConfig(props)); |
| |
| HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class); |
| EasyMock.expect(request.getRequestURL()).andReturn( |
| new StringBuffer(SERVICE_URL)); |
| EasyMock.expect(request.getQueryString()).andReturn("name=value"); |
| EasyMock.replay(request); |
| |
| String loginURL = ((TestSSOCookieFederationProvider)handler).testConstructLoginURL(request); |
| Assert.assertNotNull("loginURL should not be null.", loginURL); |
| Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL + "?name=value", loginURL); |
| } |
| |
| @Test |
| public void testOrigURLNoQueryString() throws Exception { |
| Properties props = getProperties(); |
| handler.init(new TestFilterConfig(props)); |
| |
| HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class); |
| EasyMock.expect(request.getRequestURL()).andReturn( |
| new StringBuffer(SERVICE_URL)); |
| EasyMock.expect(request.getQueryString()).andReturn(null); |
| EasyMock.replay(request); |
| |
| String loginURL = ((TestSSOCookieFederationProvider)handler).testConstructLoginURL(request); |
| Assert.assertNotNull("LoginURL should not be null.", loginURL); |
| Assert.assertEquals("https://localhost:8443/authserver?originalUrl=" + SERVICE_URL, loginURL); |
| } |
| |
| @Before |
| public void setup() throws Exception, NoSuchAlgorithmException { |
| KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); |
| kpg.initialize(2048); |
| |
| KeyPair kp = kpg.genKeyPair(); |
| publicKey = (RSAPublicKey) kp.getPublic(); |
| privateKey = (RSAPrivateKey) kp.getPrivate(); |
| |
| handler = new TestSSOCookieFederationProvider(); |
| } |
| |
| @After |
| public void teardown() throws Exception { |
| handler.destroy(); |
| } |
| |
| protected Properties getProperties() { |
| Properties props = new Properties(); |
| props.setProperty( |
| TestSSOCookieFederationProvider.SSO_AUTHENTICATION_PROVIDER_URL, |
| "https://localhost:8443/authserver"); |
| return props; |
| } |
| |
| protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey) |
| throws Exception { |
| List<String> aud = new ArrayList<String>(); |
| aud.add("bar"); |
| |
| JWTClaimsSet claims = new JWTClaimsSet.Builder() |
| .issuer("https://c2id.com") |
| .subject(sub) |
| .audience(aud) |
| .expirationTime(expires) |
| .claim("scope", "openid") |
| .build(); |
| |
| JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).build(); |
| |
| SignedJWT signedJWT = new SignedJWT(header, claims); |
| Base64URL sigInput = Base64URL.encode(signedJWT.getSigningInput()); |
| JWSSigner signer = new RSASSASigner(privateKey); |
| |
| signedJWT.sign(signer); |
| |
| return signedJWT; |
| } |
| |
| class TestSSOCookieFederationProvider extends SSOCookieFederationFilter { |
| public String testConstructLoginURL(HttpServletRequest req) { |
| return constructLoginURL(req); |
| } |
| |
| public void setPublicKey(RSAPublicKey key) { |
| publicKey = key; |
| } |
| |
| public void setTokenService(JWTokenAuthority ts) { |
| authority = ts; |
| } |
| }; |
| |
| class TestFilterConfig implements FilterConfig { |
| Properties props = null; |
| |
| public TestFilterConfig(Properties props) { |
| this.props = props; |
| } |
| |
| @Override |
| public String getFilterName() { |
| return null; |
| } |
| |
| /* (non-Javadoc) |
| * @see javax.servlet.FilterConfig#getServletContext() |
| */ |
| @Override |
| public ServletContext getServletContext() { |
| // JWTokenAuthority authority = EasyMock.createNiceMock(JWTokenAuthority.class); |
| // GatewayServices services = EasyMock.createNiceMock(GatewayServices.class); |
| // EasyMock.expect(services.getService("TokenService").andReturn(authority)); |
| // ServletContext context = EasyMock.createNiceMock(ServletContext.class); |
| // EasyMock.expect(context.getAttribute(GatewayServices.GATEWAY_SERVICES_ATTRIBUTE).andReturn(new DefaultGatewayServices())); |
| return null; |
| } |
| |
| /* (non-Javadoc) |
| * @see javax.servlet.FilterConfig#getInitParameter(java.lang.String) |
| */ |
| @Override |
| public String getInitParameter(String name) { |
| return props.getProperty(name, null); |
| } |
| |
| /* (non-Javadoc) |
| * @see javax.servlet.FilterConfig#getInitParameterNames() |
| */ |
| @Override |
| public Enumeration<String> getInitParameterNames() { |
| return null; |
| } |
| |
| } |
| |
| class TestJWTokenAuthority implements JWTokenAuthority { |
| |
| /* (non-Javadoc) |
| * @see org.apache.hadoop.gateway.services.security.token.JWTokenAuthority#issueToken(javax.security.auth.Subject, java.lang.String) |
| */ |
| @Override |
| public JWTToken issueToken(Subject subject, String algorithm) |
| throws TokenServiceException { |
| // TODO Auto-generated method stub |
| return null; |
| } |
| |
| /* (non-Javadoc) |
| * @see org.apache.hadoop.gateway.services.security.token.JWTokenAuthority#issueToken(java.security.Principal, java.lang.String) |
| */ |
| @Override |
| public JWTToken issueToken(Principal p, String algorithm) |
| throws TokenServiceException { |
| // TODO Auto-generated method stub |
| return null; |
| } |
| |
| /* (non-Javadoc) |
| * @see org.apache.hadoop.gateway.services.security.token.JWTokenAuthority#issueToken(java.security.Principal, java.lang.String, java.lang.String) |
| */ |
| @Override |
| public JWTToken issueToken(Principal p, String audience, String algorithm) |
| throws TokenServiceException { |
| return null; |
| } |
| |
| /* (non-Javadoc) |
| * @see org.apache.hadoop.gateway.services.security.token.JWTokenAuthority#verifyToken(org.apache.hadoop.gateway.services.security.token.impl.JWTToken) |
| */ |
| @Override |
| public boolean verifyToken(JWTToken token) throws TokenServiceException { |
| return true; |
| } |
| |
| /* (non-Javadoc) |
| * @see org.apache.hadoop.gateway.services.security.token.JWTokenAuthority#issueToken(java.security.Principal, java.lang.String, java.lang.String, long) |
| */ |
| @Override |
| public JWTToken issueToken(Principal p, String audience, String algorithm, |
| long expires) throws TokenServiceException { |
| return null; |
| } |
| |
| @Override |
| public JWTToken issueToken(Principal p, List<String> audiences, String algorithm, |
| long expires) throws TokenServiceException { |
| return null; |
| } |
| |
| /* (non-Javadoc) |
| * @see org.apache.hadoop.gateway.services.security.token.JWTokenAuthority#issueToken(java.security.Principal, java.lang.String, long) |
| */ |
| @Override |
| public JWT issueToken(Principal p, String audience, long l) |
| throws TokenServiceException { |
| // TODO Auto-generated method stub |
| return null; |
| } |
| |
| } |
| |
| class TestFilterChain implements FilterChain { |
| boolean doFilterCalled = false; |
| Subject subject = null; |
| |
| /* (non-Javadoc) |
| * @see javax.servlet.FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse) |
| */ |
| @Override |
| public void doFilter(ServletRequest request, ServletResponse response) |
| throws IOException, ServletException { |
| doFilterCalled = true; |
| |
| subject = Subject.getSubject( AccessController.getContext() ); |
| } |
| |
| } |
| } |