Updated Branches: refs/heads/camel-2.10.x db91e7c9f -> 4fe2323d1
CAMEL-6352: camel-shiro - Should detect new username if always reauthenticate is false Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/4fe2323d Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/4fe2323d Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/4fe2323d Branch: refs/heads/camel-2.10.x Commit: 4fe2323d1432ed5b5205c83749101e3c8c344706 Parents: db91e7c Author: Claus Ibsen <davscl...@apache.org> Authored: Sun May 12 10:34:42 2013 +0200 Committer: Claus Ibsen <davscl...@apache.org> Committed: Sun May 12 10:34:42 2013 +0200 ---------------------------------------------------------------------- .../shiro/security/ShiroSecurityPolicy.java | 6 +- ...nticationReauthenticateFalseAndNewUserTest.java | 93 +++++++++++++++ .../shiro/security/ShiroAuthenticationTest.java | 1 - 3 files changed, 98 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/4fe2323d/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityPolicy.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityPolicy.java b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityPolicy.java index 5c4926c..9b13e03 100644 --- a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityPolicy.java +++ b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityPolicy.java @@ -192,7 +192,11 @@ public class ShiroSecurityPolicy implements AuthorizationPolicy { } private void authenticateUser(Subject currentUser, ShiroSecurityToken securityToken) { - if (!currentUser.isAuthenticated()) { + boolean authenticated = currentUser.isAuthenticated(); + boolean sameUser = securityToken.getUsername().equals(currentUser.getPrincipal()); + LOG.debug("Authenticated: {}, same Username: {}", authenticated, sameUser); + + if (!authenticated || !sameUser) { UsernamePasswordToken token = new UsernamePasswordToken(securityToken.getUsername(), securityToken.getPassword()); if (alwaysReauthenticate) { token.setRememberMe(false); http://git-wip-us.apache.org/repos/asf/camel/blob/4fe2323d/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java new file mode 100644 index 0000000..66dcc68 --- /dev/null +++ b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java @@ -0,0 +1,93 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.shiro.security; + +import org.apache.camel.EndpointInject; +import org.apache.camel.Exchange; +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.component.mock.MockEndpoint; +import org.apache.camel.test.junit4.CamelTestSupport; +import org.apache.shiro.authc.AuthenticationException; +import org.apache.shiro.authc.IncorrectCredentialsException; +import org.apache.shiro.authc.LockedAccountException; +import org.apache.shiro.authc.UnknownAccountException; +import org.junit.Test; + +public class ShiroAuthenticationReauthenticateFalseAndNewUserTest extends CamelTestSupport { + + @EndpointInject(uri = "mock:success") + protected MockEndpoint successEndpoint; + + @EndpointInject(uri = "mock:authenticationException") + protected MockEndpoint failureEndpoint; + + private byte[] passPhrase = { + (byte) 0x08, (byte) 0x09, (byte) 0x0A, (byte) 0x0B, + (byte) 0x0C, (byte) 0x0D, (byte) 0x0E, (byte) 0x0F, + (byte) 0x10, (byte) 0x11, (byte) 0x12, (byte) 0x13, + (byte) 0x14, (byte) 0x15, (byte) 0x16, (byte) 0x17}; + + @Test + public void testSuccessfulShiroAuthenticationWithNoAuthorization() throws Exception { + ShiroSecurityToken shiroSecurityToken = new ShiroSecurityToken("ringo", "starr"); + TestShiroSecurityTokenInjector shiroSecurityTokenInjector = new TestShiroSecurityTokenInjector(shiroSecurityToken, passPhrase); + + ShiroSecurityToken shiroSecurityToken2 = new ShiroSecurityToken("george", "harrison"); + TestShiroSecurityTokenInjector shiroSecurityTokenInjector2 = new TestShiroSecurityTokenInjector(shiroSecurityToken2, passPhrase); + + successEndpoint.expectedMessageCount(2); + failureEndpoint.expectedMessageCount(0); + + template.send("direct:secureEndpoint", shiroSecurityTokenInjector); + template.send("direct:secureEndpoint", shiroSecurityTokenInjector2); + + successEndpoint.assertIsSatisfied(); + failureEndpoint.assertIsSatisfied(); + } + + protected RouteBuilder createRouteBuilder() throws Exception { + final ShiroSecurityPolicy securityPolicy = new ShiroSecurityPolicy("./src/test/resources/securityconfig.ini", passPhrase, false); + + return new RouteBuilder() { + @SuppressWarnings("unchecked") + public void configure() { + onException(UnknownAccountException.class, IncorrectCredentialsException.class, + LockedAccountException.class, AuthenticationException.class). + to("mock:authenticationException"); + + from("direct:secureEndpoint"). + policy(securityPolicy). + to("log:incoming payload"). + to("mock:success"); + } + }; + } + + + private static class TestShiroSecurityTokenInjector extends ShiroSecurityTokenInjector { + + public TestShiroSecurityTokenInjector(ShiroSecurityToken shiroSecurityToken, byte[] bytes) { + super(shiroSecurityToken, bytes); + } + + public void process(Exchange exchange) throws Exception { + exchange.getIn().setHeader("SHIRO_SECURITY_TOKEN", encrypt()); + exchange.getIn().setBody("Beatle Mania"); + } + } + +} http://git-wip-us.apache.org/repos/asf/camel/blob/4fe2323d/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java index 93146e6..e00689b 100644 --- a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java +++ b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java @@ -58,7 +58,6 @@ public class ShiroAuthenticationTest extends CamelTestSupport { @Test public void testSuccessfulShiroAuthenticationWithNoAuthorization() throws Exception { - //Incorrect password ShiroSecurityToken shiroSecurityToken = new ShiroSecurityToken("ringo", "starr"); TestShiroSecurityTokenInjector shiroSecurityTokenInjector = new TestShiroSecurityTokenInjector(shiroSecurityToken, passPhrase);
