You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by co...@apache.org on 2019/01/25 17:40:20 UTC

[camel] branch camel-2.23.x updated: Fixing Camel Spring Security test logic. It was skipping authentication and taking roles from the Subject instead of using the config file

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch camel-2.23.x
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/camel-2.23.x by this push:
     new c7efdae  Fixing Camel Spring Security test logic. It was skipping authentication and taking roles from the Subject instead of using the config file
c7efdae is described below

commit c7efdae0f2d27fc630ed6f1d21c1fa172a1fd509
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Fri Jan 25 17:21:36 2019 +0000

    Fixing Camel Spring Security test logic. It was skipping authentication and taking roles from the Subject instead of using the config file
---
 .../SpringSecurityAuthorizationPolicyTest.java     | 51 ++++++++++++----------
 .../component/spring/security/commonSecurity.xml   |  4 +-
 2 files changed, 31 insertions(+), 24 deletions(-)

diff --git a/components/camel-spring-security/src/test/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicyTest.java b/components/camel-spring-security/src/test/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicyTest.java
index 981e0ac..2e2802a 100644
--- a/components/camel-spring-security/src/test/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicyTest.java
+++ b/components/camel-spring-security/src/test/java/org/apache/camel/component/spring/security/SpringSecurityAuthorizationPolicyTest.java
@@ -16,7 +16,8 @@
  */
 package org.apache.camel.component.spring.security;
 
-import java.util.ArrayList;
+
+import java.util.Collections;
 import java.util.List;
 
 import javax.security.auth.Subject;
@@ -40,16 +41,16 @@ public class SpringSecurityAuthorizationPolicyTest extends CamelSpringTestSuppor
     public void testAuthorizationPassed() throws Exception {
         MockEndpoint end = getMockEndpoint("mock:end");
         end.expectedBodiesReceived("hello world");
-        sendMessageWithAuthentication("jim", "jimspassword", "ROLE_USER", "ROLE_ADMIN");
+        sendMessageWithAuthentication("jim", "jimspassword");
         end.assertIsSatisfied();
     }
 
     @Test
-    public void testAuthorizationFailed() throws Exception {
+    public void testAuthenticationFailed() throws Exception {
         MockEndpoint end = getMockEndpoint("mock:end");
         end.expectedMessageCount(0);
         try {
-            sendMessageWithAuthentication("bob", "bobspassword", "ROLE_USER");
+            sendMessageWithAuthentication("jim", "jimspassword2");
             fail("we should get the access deny exception here");
         } catch (Exception exception) {
             // the exception should be caused by CamelAuthorizationException
@@ -57,18 +58,17 @@ public class SpringSecurityAuthorizationPolicyTest extends CamelSpringTestSuppor
         }
         end.assertIsSatisfied();
     }
-    
+
     @Test
-    public void testAuthenticationFailed() throws Exception {
+    public void testAuthorizationFailed() throws Exception {
         MockEndpoint end = getMockEndpoint("mock:end");
         end.expectedMessageCount(0);
         try {
-            sendMessageWithAuthentication("bob", "jimspassword");
+            sendMessageWithAuthentication("bob", "bobspassword");
             fail("we should get the access deny exception here");
         } catch (Exception exception) {
             // the exception should be caused by CamelAuthorizationException
             assertTrue("Expect CamelAuthorizationException here", exception.getCause() instanceof CamelAuthorizationException);
-            assertEquals("admin", ((CamelAuthorizationException) exception.getCause()).getPolicyId());
         }
         end.assertIsSatisfied();
     }
@@ -77,7 +77,7 @@ public class SpringSecurityAuthorizationPolicyTest extends CamelSpringTestSuppor
     public void testGetAuthorizationTokenFromSecurityContextHolder() throws Exception {
         MockEndpoint end = getMockEndpoint("mock:end");
         end.expectedBodiesReceived("hello world");
-        Authentication authToken = createAuthenticationToken("jim", "jimspassword", "ROLE_USER", "ROLE_ADMIN");
+        Authentication authToken = new UsernamePasswordAuthenticationToken("jim", "jimspassword");
         SecurityContextHolder.getContext().setAuthentication(authToken);
         template.sendBody("direct:start", "hello world");
         end.assertIsSatisfied();
@@ -85,23 +85,30 @@ public class SpringSecurityAuthorizationPolicyTest extends CamelSpringTestSuppor
         
     }
     
-    private Authentication createAuthenticationToken(String username, String password, String... roles) {
-        Authentication authToken;
-        if (roles != null && roles.length > 0) {
-            List<GrantedAuthority> authorities = new ArrayList<>(roles.length);
-            for (String role : roles) {
-                authorities.add(new SimpleGrantedAuthority(role));
-            }
-            authToken = new UsernamePasswordAuthenticationToken(username, password, authorities);
-        } else {
-            authToken = new UsernamePasswordAuthenticationToken(username, password);
+    @Test
+    public void testAuthorizationFailedWithWrongExplicitRole() throws Exception {
+        MockEndpoint end = getMockEndpoint("mock:end");
+        end.expectedMessageCount(0);
+        try {
+            List<GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_BAD"));
+
+            Authentication authToken = new UsernamePasswordAuthenticationToken("jim", "jimspassword", authorities);
+            
+            Subject subject = new Subject();
+            subject.getPrincipals().add(authToken);
+
+            template.sendBodyAndHeader("direct:start", "hello world", Exchange.AUTHENTICATION, subject);
+            fail("we should get the access deny exception here");
+        } catch (Exception exception) {
+            // the exception should be caused by CamelAuthorizationException
+            assertTrue("Expect CamelAuthorizationException here", exception.getCause() instanceof CamelAuthorizationException);
         }
-        return authToken;
+        end.assertIsSatisfied();
     }
 
-    private void sendMessageWithAuthentication(String username, String password, String... roles) {
+    private void sendMessageWithAuthentication(String username, String password) {
 
-        Authentication authToken = createAuthenticationToken(username, password, roles);
+        Authentication authToken = new UsernamePasswordAuthenticationToken(username, password);
         
         Subject subject = new Subject();
         subject.getPrincipals().add(authToken);
diff --git a/components/camel-spring-security/src/test/resources/org/apache/camel/component/spring/security/commonSecurity.xml b/components/camel-spring-security/src/test/resources/org/apache/camel/component/spring/security/commonSecurity.xml
index a6e2cfe..74286a0 100644
--- a/components/camel-spring-security/src/test/resources/org/apache/camel/component/spring/security/commonSecurity.xml
+++ b/components/camel-spring-security/src/test/resources/org/apache/camel/component/spring/security/commonSecurity.xml
@@ -38,8 +38,8 @@
     </spring-security:authentication-manager>
    
     <spring-security:user-service id="userDetailsService">
-        <spring-security:user name="jim" password="jimspassword" authorities="ROLE_USER, ROLE_ADMIN"/>
-        <spring-security:user name="bob" password="bobspassword" authorities="ROLE_USER"/>
+        <spring-security:user name="jim" password="{noop}jimspassword" authorities="ROLE_USER, ROLE_ADMIN"/>
+        <spring-security:user name="bob" password="{noop}bobspassword" authorities="ROLE_USER"/>
     </spring-security:user-service>
 
 </beans>