Java Code Examples for org.eclipse.jetty.security.UserStore#addUser()
The following examples show how to use
org.eclipse.jetty.security.UserStore#addUser() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: GatewayMicroService.java From apiman with Apache License 2.0 | 6 votes |
/** * Creates a basic auth security handler. */ protected SecurityHandler createSecurityHandler() throws Exception { HashLoginService l = new HashLoginService(); UserStore userStore = new UserStore(); l.setUserStore(userStore); for (User user : Users.getUsers()) { userStore.addUser(user.getId(), Credential.getCredential(user.getPassword()), user.getRolesAsArray()); } l.setName("apimanrealm"); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new BasicAuthenticator()); csh.setRealmName("apimanrealm"); csh.setLoginService(l); return csh; }
Example 2
Source File: ManagerApiTestServer.java From apiman with Apache License 2.0 | 6 votes |
/** * Creates a basic auth security handler. */ private SecurityHandler createSecurityHandler() { HashLoginService l = new HashLoginService(); UserStore userStore = new UserStore(); l.setUserStore(userStore); for (String [] userInfo : TestUsers.USERS) { String user = userInfo[0]; String pwd = userInfo[1]; String[] roles = new String[] { "apiuser" }; if (user.startsWith("admin")) { roles = new String[] { "apiuser", "apiadmin"}; } userStore.addUser(user, Credential.getCredential(pwd), roles); } l.setName("apimanrealm"); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new BasicAuthenticator()); csh.setRealmName("apimanrealm"); csh.setLoginService(l); return csh; }
Example 3
Source File: ManagerApiMicroService.java From apiman with Apache License 2.0 | 6 votes |
/** * Creates a basic auth security handler. * @throws Exception */ protected SecurityHandler createSecurityHandler() throws Exception { HashLoginService l = new HashLoginService(); // UserStore is now separate store entity and must be added to HashLoginService UserStore userStore = new UserStore(); l.setUserStore(userStore); for (User user : Users.getUsers()) { userStore.addUser(user.getId(), Credential.getCredential(user.getPassword()), user.getRolesAsArray()); } l.setName("apimanrealm"); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new BasicAuthenticator()); csh.setRealmName("apimanrealm"); csh.setLoginService(l); return csh; }
Example 4
Source File: SpnegoUserStoreAuthorizationServiceTest.java From cruise-control with BSD 2-Clause "Simplified" License | 6 votes |
@Test public void testPrincipalNames() { UserStore users = new UserStore(); users.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { DefaultRoleSecurityProvider.ADMIN }); UserStoreAuthorizationService usas = new SpnegoUserStoreAuthorizationService(users); UserIdentity result = usas.getUserIdentity(null, TEST_USER + "/host@REALM"); assertNotNull(result); assertEquals(TEST_USER, result.getUserPrincipal().getName()); result = usas.getUserIdentity(null, TEST_USER + "@REALM"); assertNotNull(result); assertEquals(TEST_USER, result.getUserPrincipal().getName()); result = usas.getUserIdentity(null, TEST_USER + "/host"); assertNotNull(result); assertEquals(TEST_USER, result.getUserPrincipal().getName()); result = usas.getUserIdentity(null, TEST_USER); assertNotNull(result); assertEquals(TEST_USER, result.getUserPrincipal().getName()); }
Example 5
Source File: JwtLoginServiceTest.java From cruise-control with BSD 2-Clause "Simplified" License | 6 votes |
@Test public void testRevalidateTokenFails() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"}); Instant now = Instant.now(); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, now.plusSeconds(10).toEpochMilli()); Clock fixedClock = Clock.fixed(now, ZoneOffset.UTC); JwtLoginService loginService = new JwtLoginService( new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null, fixedClock); SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token()); HttpServletRequest request = mock(HttpServletRequest.class); expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token()); replay(request); UserIdentity identity = loginService.login(TEST_USER, jwtToken, request); verify(request); assertNotNull(identity); assertEquals(TEST_USER, identity.getUserPrincipal().getName()); loginService.setClock(Clock.offset(fixedClock, Duration.ofSeconds(20))); assertFalse(loginService.validate(identity)); }
Example 6
Source File: JwtLoginServiceTest.java From cruise-control with BSD 2-Clause "Simplified" License | 6 votes |
@Test public void testRevalidateTokenPasses() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER); JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null); SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token()); HttpServletRequest request = mock(HttpServletRequest.class); expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token()); replay(request); UserIdentity identity = loginService.login(TEST_USER, jwtToken, request); verify(request); assertNotNull(identity); assertEquals(TEST_USER, identity.getUserPrincipal().getName()); assertTrue(loginService.validate(identity)); }
Example 7
Source File: JwtLoginServiceTest.java From cruise-control with BSD 2-Clause "Simplified" License | 6 votes |
@Test public void testValidateTokenSuccessfully() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER); JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null); SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token()); HttpServletRequest request = mock(HttpServletRequest.class); expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token()); replay(request); UserIdentity identity = loginService.login(TEST_USER, jwtToken, request); verify(request); assertNotNull(identity); assertEquals(TEST_USER, identity.getUserPrincipal().getName()); }
Example 8
Source File: JwtLoginServiceTest.java From cruise-control with BSD 2-Clause "Simplified" License | 5 votes |
@Test public void testFailExpirationValidation() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, 1L); JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null); SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token()); HttpServletRequest request = mock(HttpServletRequest.class); UserIdentity identity = loginService.login(TEST_USER, jwtToken, request); assertNull(identity); }
Example 9
Source File: JwtLoginServiceTest.java From cruise-control with BSD 2-Clause "Simplified" License | 5 votes |
@Test public void testFailAudienceValidation() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, Arrays.asList("A", "B")); JwtLoginService loginService = new JwtLoginService( new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), Arrays.asList("C", "D")); SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token()); HttpServletRequest request = mock(HttpServletRequest.class); UserIdentity identity = loginService.login(TEST_USER, jwtToken, request); assertNull(identity); }
Example 10
Source File: JwtLoginServiceTest.java From cruise-control with BSD 2-Clause "Simplified" License | 5 votes |
@Test public void testFailSignatureValidation() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER); TokenGenerator.TokenAndKeys tokenAndKeys2 = TokenGenerator.generateToken(TEST_USER); // this will be signed with a different key JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys2.publicKey(), null); SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token()); HttpServletRequest request = mock(HttpServletRequest.class); UserIdentity identity = loginService.login(TEST_USER, jwtToken, request); assertNull(identity); }
Example 11
Source File: JwtAuthenticatorTest.java From cruise-control with BSD 2-Clause "Simplified" License | 5 votes |
@Test public void testSuccessfulLogin() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[]{USER_ROLE}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER); JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null); Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class); expect(configuration.getLoginService()).andReturn(loginService); expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService()); expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true); Request request = niceMock(Request.class); expect(request.getMethod()).andReturn(HttpMethod.GET.asString()); expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null); request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token()); expectLastCall().andVoid(); expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys.token())}); expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token()); HttpServletResponse response = mock(HttpServletResponse.class); replay(configuration, request, response); JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN); authenticator.setConfiguration(configuration); UserAuthentication authentication = (UserAuthentication) authenticator.validateRequest(request, response, true); verify(configuration, request, response); assertNotNull(authentication); assertTrue(authentication.getUserIdentity().getUserPrincipal() instanceof JwtUserPrincipal); JwtUserPrincipal userPrincipal = (JwtUserPrincipal) authentication.getUserIdentity().getUserPrincipal(); assertEquals(TEST_USER, userPrincipal.getName()); assertEquals(tokenAndKeys.token(), userPrincipal.getSerializedToken()); }
Example 12
Source File: JenkinsRule.java From jenkins-test-harness with MIT License | 5 votes |
/** * Creates a {@link HashLoginService} with three users: alice, bob and charlie * * The password is same as the username * @return a new login service * @since 2.50 */ public static LoginService _configureUserRealm() { HashLoginService realm = new HashLoginService(); realm.setName("default"); // this is the magic realm name to make it effective on everywhere UserStore userStore = new UserStore(); realm.setUserStore( userStore ); userStore.addUser("alice", new Password("alice"), new String[]{"user","female"}); userStore.addUser("bob", new Password("bob"), new String[]{"user","male"}); userStore.addUser("charlie", new Password("charlie"), new String[]{"user","male"}); return realm; }
Example 13
Source File: HudsonTestCase.java From jenkins-test-harness with MIT License | 5 votes |
/** * Configures a security realm for a test. */ protected LoginService configureUserRealm() { HashLoginService realm = new HashLoginService(); realm.setName("default"); // this is the magic realm name to make it effective on everywhere UserStore userStore = new UserStore(); realm.setUserStore( userStore ); userStore.addUser("alice", new Password("alice"), new String[]{"user","female"}); userStore.addUser("bob", new Password("bob"), new String[]{"user","male"}); userStore.addUser("charlie", new Password("charlie"), new String[]{"user","male"}); return realm; }
Example 14
Source File: BaleenWebApi.java From baleen with Apache License 2.0 | 5 votes |
private void configureServer(Server server, WebAuthConfig authConfig, Handler servletHandler) throws BaleenException { Handler serverHandler; if (authConfig == null || authConfig.getType() == AuthType.NONE) { LOGGER.warn("No security applied to API"); // No security serverHandler = servletHandler; } else if (authConfig.getType() == AuthType.BASIC) { // Basic authentication LOGGER.info("Using Basic HTTP authentication for API"); HashLoginService loginService = new HashLoginService(authConfig.getName()); UserStore userStore = new UserStore(); for (WebUser user : authConfig.getUsers()) { Credential credential = Credential.getCredential(user.getPassword()); userStore.addUser(user.getUsername(), credential, user.getRolesAsArray()); } loginService.setUserStore(userStore); server.addBean(loginService); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.setHandler(servletHandler); securityHandler.setConstraintMappings(constraintMappings); securityHandler.setAuthenticator(new BasicAuthenticator()); securityHandler.setLoginService(loginService); serverHandler = securityHandler; } else { throw new InvalidParameterException("Configuration of authentication failed"); } server.setHandler(serverHandler); }
Example 15
Source File: HttpReceiverServerPush.java From datacollector with Apache License 2.0 | 5 votes |
public static SecurityHandler getBasicAuthHandler(HttpSourceConfigs httpCourceConf) { List<CredentialValueUserPassBean> basicAuthUsers = httpCourceConf.getBasicAuthUsers(); HashLoginService loginService = new HashLoginService(); UserStore userStore = new UserStore(); boolean empty = true; for (CredentialValueUserPassBean userPassBean : basicAuthUsers) { String username = userPassBean.getUsername(); String password = userPassBean.get(); if(StringUtils.isNotEmpty(username) && StringUtils.isNotEmpty(password)) { userStore.addUser(username, new Password(password), new String[]{"sdc"}); empty = false; } } if(empty) { return null; } loginService.setUserStore(userStore); Constraint constraint = new Constraint(Constraint.__BASIC_AUTH,"sdc"); constraint.setAuthenticate(true); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setPathSpec("/*"); ConstraintSecurityHandler handler = new ConstraintSecurityHandler(); handler.setAuthenticator(new BasicAuthenticator()); handler.addConstraintMapping(mapping); handler.setLoginService(loginService); return handler; }
Example 16
Source File: DigestAuthSupplierJettyTest.java From cxf with Apache License 2.0 | 5 votes |
@Override protected void run() { server = new Server(PORT); HashLoginService loginService = new HashLoginService(); loginService.setName("My Realm"); UserStore userStore = new UserStore(); String[] roles = new String[] {"user"}; userStore.addUser(USER, Credential.getCredential(PWD), roles); loginService.setUserStore(userStore); Constraint constraint = new Constraint(); constraint.setName(Constraint.__DIGEST_AUTH); constraint.setRoles(roles); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new DigestAuthenticator()); csh.addConstraintMapping(cm); csh.setLoginService(loginService); ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS); context.setSecurityHandler(csh); context.setContextPath("/"); server.setHandler(context); context.addServlet(new ServletHolder(new TestServlet()), "/*"); try { server.start(); } catch (Exception e) { throw new RuntimeException(e); } }
Example 17
Source File: JwtAuthenticatorTest.java From cruise-control with BSD 2-Clause "Simplified" License | 5 votes |
@Test public void testFailedLoginWithInvalidToken() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER_2, SecurityUtils.NO_CREDENTIAL, new String[] {USER_ROLE}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER); TokenGenerator.TokenAndKeys tokenAndKeys2 = TokenGenerator.generateToken(TEST_USER); JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null); Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class); expect(configuration.getLoginService()).andReturn(loginService); expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService()); expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true); Request request = niceMock(Request.class); expect(request.getMethod()).andReturn(HttpMethod.GET.asString()); expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null); request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys2.token()); expectLastCall().andVoid(); expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys2.token())}); HttpServletResponse response = mock(HttpServletResponse.class); response.setStatus(HttpStatus.UNAUTHORIZED_401); expectLastCall().andVoid(); replay(configuration, request, response); JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN); authenticator.setConfiguration(configuration); Authentication authentication = authenticator.validateRequest(request, response, true); verify(configuration, request, response); assertNotNull(authentication); assertEquals(Authentication.SEND_FAILURE, authentication); }
Example 18
Source File: JwtAuthenticatorTest.java From cruise-control with BSD 2-Clause "Simplified" License | 5 votes |
@Test public void testFailedLoginWithUserNotFound() throws Exception { UserStore testUserStore = new UserStore(); testUserStore.addUser(TEST_USER_2, SecurityUtils.NO_CREDENTIAL, new String[] {USER_ROLE}); TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER); JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null); Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class); expect(configuration.getLoginService()).andReturn(loginService); expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService()); expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true); Request request = niceMock(Request.class); expect(request.getMethod()).andReturn(HttpMethod.GET.asString()); expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null); request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token()); expectLastCall().andVoid(); expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys.token())}); expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token()); HttpServletResponse response = mock(HttpServletResponse.class); response.setStatus(HttpStatus.UNAUTHORIZED_401); expectLastCall().andVoid(); replay(configuration, request, response); JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN); authenticator.setConfiguration(configuration); Authentication authentication = authenticator.validateRequest(request, response, true); verify(configuration, request, response); assertNotNull(authentication); assertEquals(Authentication.SEND_FAILURE, authentication); }
Example 19
Source File: HttpProtocolServer.java From gitflow-incremental-builder with MIT License | 4 votes |
private UserStore buildUserStore() { UserStore userStore = new UserStore(); userStore.addUser(username, new Password(password), ROLES); return userStore; }
Example 20
Source File: JettyHttpServer.java From everrest with Eclipse Public License 2.0 | 4 votes |
public void start() throws Exception { RequestLogHandler handler = new RequestLogHandler(); if (context == null) { context = new ServletContextHandler(handler, "/", ServletContextHandler.SESSIONS); } context.setEventListeners(new EventListener[]{new EverrestInitializedListener()}); ServletHolder servletHolder = new ServletHolder(new EverrestServlet()); context.addServlet(servletHolder, UNSECURE_PATH_SPEC); context.addServlet(servletHolder, SECURE_PATH_SPEC); //set up security Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(new String[]{"cloud-admin", "users", "user", "temp_user"}); constraint.setAuthenticate(true); ConstraintMapping constraintMapping = new ConstraintMapping(); constraintMapping.setConstraint(constraint); constraintMapping.setPathSpec(SECURE_PATH_SPEC); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.addConstraintMapping(constraintMapping); HashLoginService loginService = new HashLoginService(); UserStore userStore = new UserStore(); userStore.addUser(ADMIN_USER_NAME, new Password(ADMIN_USER_PASSWORD), new String[]{"cloud-admin", "users", "user", "temp_user", "developer", "admin", "workspace/developer", "workspace/admin", "account/owner", "account/member", "system/admin", "system/manager" }); userStore.addUser(MANAGER_USER_NAME, new Password(MANAGER_USER_PASSWORD), new String[]{"cloud-admin", "user", "temp_user", "users"}); loginService.setUserStore(userStore); securityHandler.setLoginService(loginService); securityHandler.setAuthenticator(new BasicAuthenticator()); context.setSecurityHandler(securityHandler); server.setHandler(handler); server.start(); ResourceBinder binder = (ResourceBinder)context.getServletContext().getAttribute(ResourceBinder.class.getName()); DependencySupplier dependencies = (DependencySupplier)context.getServletContext().getAttribute(DependencySupplier.class.getName()); GroovyResourcePublisher groovyPublisher = new GroovyResourcePublisher(binder, dependencies); context.getServletContext().setAttribute(GroovyResourcePublisher.class.getName(), groovyPublisher); }