java类org.springframework.security.AuthenticationManager的实例源码

/**
 * Ensure that we have an authentication manager to work with. If one has not been
 * specifically wired in, then look for beans to "auto-wire" in. Look for a bean of
 * one of the following types (in order): {@link ProviderManager},
 * {@link AuthenticationProvider}, and {@link AuthenticationManager}.
 * 
 * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
 */
public void afterPropertiesSet() {
    // Ensure that we have our authentication manager
    if( authenticationManager == null ) {
        if( logger.isDebugEnabled() ) {
            logger.debug( "No AuthenticationManager defined, look for one" );
        }

        // Try the class types in sequence
        Class[] types = new Class[] { ProviderManager.class, AuthenticationProvider.class,
                AuthenticationManager.class };

        for( int i = 0; i < types.length; i++ ) {
            if( tryToWire( types[i] ) ) {
                break;
            }
        }
    }

    // If we still don't have one, then that's it
    if( authenticationManager == null ) {
        throw new IllegalArgumentException( "authenticationManager must be defined" );
    }
}

@Test
public void shouldConvey_itsBasicProcessingFilter() throws IOException, ServletException {
    BasicAuthenticationFilter filter = new BasicAuthenticationFilter(localizer);
    final Boolean[] hadBasicMarkOnInsideAuthenticationManager = new Boolean[]{false};

    filter.setAuthenticationManager(new AuthenticationManager() {
        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            hadBasicMarkOnInsideAuthenticationManager[0] = BasicAuthenticationFilter.isProcessingBasicAuth();
            return new UsernamePasswordAuthenticationToken("school-principal", "u can be principal if you know this!");
        }
    });
    assertThat(BasicAuthenticationFilter.isProcessingBasicAuth(), is(false));
    MockHttpServletRequest httpRequest = new MockHttpServletRequest();
    httpRequest.addHeader("Authorization", "Basic " + Base64.getEncoder().encodeToString("loser:boozer".getBytes()));
    filter.doFilterHttp(httpRequest, new MockHttpServletResponse(), new FilterChain() {
        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {

        }
    });
    assertThat(BasicAuthenticationFilter.isProcessingBasicAuth(), is(false));

    assertThat(hadBasicMarkOnInsideAuthenticationManager[0], is(true));
}

@Before
public void setUp() throws Exception {
    request = mock(HttpServletRequest.class);
    response = mock(HttpServletResponse.class);
    filterChain = mock(FilterChain.class);
    authenticationManager = mock(AuthenticationManager.class);
    authorizationExtension = mock(AuthorizationExtension.class);
    configService = mock(GoConfigService.class);
    filter = new PreAuthenticatedRequestsProcessingFilter(authorizationExtension, configService);
    securityConfig = new SecurityConfig();

    filter.setAuthenticationManager(authenticationManager);
    filter.setFilterProcessesUrl("^/go/plugin/([\\w\\-.]+)/authenticate$");
    stub(configService.security()).toReturn(securityConfig);
    stub(request.getHeaderNames()).toReturn(Collections.emptyEnumeration());
}

/**
 * Ensure that we have an authentication manager to work with. If one has not been
 * specifically wired in, then look for beans to "auto-wire" in. Look for a bean of
 * one of the following types (in order): {@link ProviderManager},
 * {@link AuthenticationProvider}, and {@link AuthenticationManager}.
 * 
 * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
 */
public void afterPropertiesSet() {
    // Ensure that we have our authentication manager
    if( authenticationManager == null ) {
        if( logger.isDebugEnabled() ) {
            logger.debug( "No AuthenticationManager defined, look for one" );
        }

        // Try the class types in sequence
        Class[] types = new Class[] { ProviderManager.class, AuthenticationProvider.class,
                AuthenticationManager.class };

        for( int i = 0; i < types.length; i++ ) {
            if( tryToWire( types[i] ) ) {
                break;
            }
        }
    }

    // If we still don't have one, then that's it
    if( authenticationManager == null ) {
        throw new IllegalArgumentException( "authenticationManager must be defined" );
    }
}

/**
 * Try to locate and "wire in" a suitable authentication manager.
 * @param type The type of bean to look for
 * @return true if we found and wired a suitable bean
 */
protected boolean tryToWire(Class type) {
    boolean success = false;
    String className = type.getName();
    Map map = Application.instance().getApplicationContext().getBeansOfType( type );
    if( logger.isDebugEnabled() ) {
        logger.debug( "Search for '" + className + "' found: " + map );
    }

    if( map.size() == 1 ) {
        // Got one - wire it in
        Map.Entry entry = (Map.Entry) map.entrySet().iterator().next();
        String name = (String) entry.getKey();
        AuthenticationManager am = (AuthenticationManager) entry.getValue();

        setAuthenticationManager( am );
        success = true;

        if( logger.isInfoEnabled() ) {
            logger.info( "Auto-configuration using '" + name + "' as authenticationManager" );
        }
    } else if( map.size() > 1 ) {
        if( logger.isInfoEnabled() ) {
            logger.info( "Need a single '" + className + "', found: " + map.keySet() );
        }
    } else {
        // Size 0, no potentials
        if( logger.isInfoEnabled() ) {
            logger.info( "Auto-configuration did not find a suitable authenticationManager of type " + type );
        }
    }

    return success;
}

public void testConfiguration() {
    Object asm = applicationContext.getBean( "applicationSecurityManager" );
    Object am = applicationContext.getBean( "authenticationManager" );
    Object sc = applicationContext.getBean( "securityConfigurer" );

    assertTrue( "securityManager must implement ApplicationSecurityManager",
        asm instanceof ApplicationSecurityManager );
    assertTrue( "securityManager must be instance of DefaultApplicationSecurityManager",
        asm instanceof DefaultApplicationSecurityManager );
    assertTrue( "authenticationManager must implement AuthenticationManager", am instanceof AuthenticationManager );
    assertTrue( "authenticationManager must be instance of TestAuthenticationManager",
        am instanceof TestAuthenticationManager );
    assertEquals( asm, ApplicationServicesLocator.services().getService(ApplicationSecurityManager.class) );
    assertTrue( "securityConfigurer must implement SecurityAwareConfigurer", sc instanceof SecurityAwareConfigurer );
}

public void testConfiguration() {
    prepareApplication( "security-test-ctx.xml" );

    Object asm = ac.getBean( "applicationSecurityManager" );
    Object am = ac.getBean( "authenticationManager" );

    assertTrue( "securityManager must implement ApplicationSecurityManager",
        asm instanceof ApplicationSecurityManager );
    assertTrue( "securityManager must be instance of DefaultApplicationSecurityManager",
        asm instanceof DefaultApplicationSecurityManager );
    assertTrue( "authenticationManager must implement AuthenticationManager", am instanceof AuthenticationManager );
    assertTrue( "authenticationManager must be instance of TestAuthenticationManager",
        am instanceof TestAuthenticationManager );
    assertEquals( asm, ApplicationServicesLocator.services().getService(ApplicationSecurityManager.class) );
}

@Before
public void setUp() throws Exception {
    securityContext = mock(SecurityContext.class);
    SecurityContextHolder.setContext(securityContext);
    authenticationManager = mock(AuthenticationManager.class);
    filter = new OauthAuthenticationFilter(authenticationManager);
    req = mock(HttpServletRequest.class);
    res = mock(HttpServletResponse.class);
    chain = mock(FilterChain.class);
}

/**
 * Try to locate and "wire in" a suitable authentication manager.
 * @param type The type of bean to look for
 * @return true if we found and wired a suitable bean
 */
protected boolean tryToWire(Class type) {
    boolean success = false;
    String className = type.getName();
    Map map = Application.instance().getApplicationContext().getBeansOfType( type );
    if( logger.isDebugEnabled() ) {
        logger.debug( "Search for '" + className + "' found: " + map );
    }

    if( map.size() == 1 ) {
        // Got one - wire it in
        Map.Entry entry = (Map.Entry) map.entrySet().iterator().next();
        String name = (String) entry.getKey();
        AuthenticationManager am = (AuthenticationManager) entry.getValue();

        setAuthenticationManager( am );
        success = true;

        if( logger.isInfoEnabled() ) {
            logger.info( "Auto-configuration using '" + name + "' as authenticationManager" );
        }
    } else if( map.size() > 1 ) {
        if( logger.isInfoEnabled() ) {
            logger.info( "Need a single '" + className + "', found: " + map.keySet() );
        }
    } else {
        // Size 0, no potentials
        if( logger.isInfoEnabled() ) {
            logger.info( "Auto-configuration did not find a suitable authenticationManager of type " + type );
        }
    }

    return success;
}

public void testConfiguration() {
    Object asm = applicationContext.getBean( "applicationSecurityManager" );
    Object am = applicationContext.getBean( "authenticationManager" );
    Object sc = applicationContext.getBean( "securityConfigurer" );

    assertTrue( "securityManager must implement ApplicationSecurityManager",
        asm instanceof ApplicationSecurityManager );
    assertTrue( "securityManager must be instance of DefaultApplicationSecurityManager",
        asm instanceof DefaultApplicationSecurityManager );
    assertTrue( "authenticationManager must implement AuthenticationManager", am instanceof AuthenticationManager );
    assertTrue( "authenticationManager must be instance of TestAuthenticationManager",
        am instanceof TestAuthenticationManager );
    assertEquals( asm, ApplicationServicesLocator.services().getService(ApplicationSecurityManager.class) );
    assertTrue( "securityConfigurer must implement SecurityAwareConfigurer", sc instanceof SecurityAwareConfigurer );
}

public void testConfiguration() {
    prepareApplication( "security-test-ctx.xml" );

    Object asm = ac.getBean( "applicationSecurityManager" );
    Object am = ac.getBean( "authenticationManager" );

    assertTrue( "securityManager must implement ApplicationSecurityManager",
        asm instanceof ApplicationSecurityManager );
    assertTrue( "securityManager must be instance of DefaultApplicationSecurityManager",
        asm instanceof DefaultApplicationSecurityManager );
    assertTrue( "authenticationManager must implement AuthenticationManager", am instanceof AuthenticationManager );
    assertTrue( "authenticationManager must be instance of TestAuthenticationManager",
        am instanceof TestAuthenticationManager );
    assertEquals( asm, ApplicationServicesLocator.services().getService(ApplicationSecurityManager.class) );
}

/**
 * DB에 등록된 사용자의 인증 실패 테스트
 * @throws Exception
 */
@Test
@ExpectedException(BadCredentialsException.class)
public void testRejectAccessForUnauthorizedUser() throws Exception {

   UsernamePasswordAuthenticationToken login = new UsernamePasswordAuthenticationToken("jimi", "wrongpw");
   AuthenticationManager authManager =
    (AuthenticationManager) context.getBean(BeanIds.AUTHENTICATION_MANAGER);

   log.debug("### jimi's password is wrong!!");
   SecurityContextHolder.getContext().setAuthentication(authManager.authenticate(login));

}

public AuthenticationManager getAuthenticationManager()
{
    return authenticationManager;
}

public void setAuthenticationManager(AuthenticationManager authenticationManager)
{
    this.authenticationManager = authenticationManager;
}

public AuthenticationManager getAuthenticationManager()
{
    return authenticationManager;
}

public void setAuthenticationManager(AuthenticationManager authenticationManager)
{
    this.authenticationManager = authenticationManager;
}

public void setAuthenticationManager(AuthenticationManager manager) {
    this.authenticationManager = manager;
}

public OauthAuthenticationFilter(AuthenticationManager authenticationManager) {
    this.authenticationManager = authenticationManager;
}

public void setAuthenticationManager(AuthenticationManager manager) {
    this.authenticationManager = manager;
}

/**
 * Set the authentication manager to use.
 * @param authenticationManager instance to use for authentication requests
 */
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
    this.authenticationManager = authenticationManager;
}

/**
 * Get the authentication manager in use.
 * @return authenticationManager instance used for authentication requests
 */
public AuthenticationManager getAuthenticationManager() {
    return authenticationManager;
}

/**
 * Set the authentication manager to use.
 * @param authenticationManager instance to use for authentication requests
 */
public void setAuthenticationManager(AuthenticationManager authenticationManager);

/**
 * Get the authentication manager in use.
 * @return authenticationManager instance used for authentication requests
 */
public AuthenticationManager getAuthenticationManager();

/**
 * Set the authentication manager to use.
 * @param authenticationManager instance to use for authentication requests
 */
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
    this.authenticationManager = authenticationManager;
}

/**
 * Get the authentication manager in use.
 * @return authenticationManager instance used for authentication requests
 */
public AuthenticationManager getAuthenticationManager() {
    return authenticationManager;
}

/**
 * Set the authentication manager to use.
 * @param authenticationManager instance to use for authentication requests
 */
public void setAuthenticationManager(AuthenticationManager authenticationManager);

/**
 * Get the authentication manager in use.
 * @return authenticationManager instance used for authentication requests
 */
public AuthenticationManager getAuthenticationManager();