Package net.officefloor.web.security.scheme

Class MockChallengeHttpSecuritySource

java.lang.Object

net.officefloor.web.spi.security.impl.AbstractHttpSecuritySource<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

net.officefloor.web.security.scheme.MockChallengeHttpSecuritySource

All Implemented Interfaces:

HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None>, HttpSecuritySource<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

@TestSource
public class MockChallengeHttpSecuritySource
extends AbstractHttpSecuritySource<MockAuthentication,MockAccessControl,java.lang.Void,None,None>
implements HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Mock HttpSecuritySource to use for testing with challenges.

It provides a MockAuthentication and MockAccessControl by the following Basic authentication scheme, except that:

• authentication is obtained by user name and password being the same
• the MockAccessControl is provided the user name as a role (allows logging in with various roles for testing). Multiple roles can be specified by the user name being a comma separate list.

Author:

Daniel Sagenschneider

Nested Class Summary

Nested classes/interfaces inherited from class net.officefloor.web.spi.security.impl.AbstractHttpSecuritySource

AbstractHttpSecuritySource.DependencyLabeller, AbstractHttpSecuritySource.Labeller, AbstractHttpSecuritySource.MetaDataContext<A,AC extends java.io.Serializable,C,O extends java.lang.Enum<O>,F extends java.lang.Enum<F>>, AbstractHttpSecuritySource.SpecificationContext

Field Summary

Fields

Modifier and Type	Field	Description
static java.lang.String	AUTHENTICATION_SCHEME	Authentication scheme reported to the application via the HttpAccessControl.
static java.lang.String	PROPERTY_REALM	Name of Property to configure the realm.

Fields inherited from class net.officefloor.web.spi.security.impl.AbstractHttpSecuritySource

UTF_8

Constructor Summary

Constructors

Constructor	Description
MockChallengeHttpSecuritySource()	Default constructor.
MockChallengeHttpSecuritySource(java.lang.String realm)	Instantiate with the realm.

Method Summary

Modifier and Type	Method	Description
void	authenticate(java.lang.Void credentials, AuthenticateContext<MockAccessControl,None,None> context)	Undertakes authentication.
void	challenge(ChallengeContext<None,None> context)	Triggers the authentication challenge to the client.
MockAuthentication	createAuthentication(AuthenticationContext<MockAccessControl,java.lang.Void> context)	Creates the custom authentication.
static java.lang.String	getHeaderChallengeValue(java.lang.String realm)	Obtains the WWW-Authenticate HttpHeader value.
protected void	loadMetaData(AbstractHttpSecuritySource.MetaDataContext<MockAuthentication,MockAccessControl,java.lang.Void,None,None> context)	Overridden to load meta-data.
protected void	loadSpecification(AbstractHttpSecuritySource.SpecificationContext context)	Overridden to load specifications.
void	logout(LogoutContext<None,None> context)	Logs out.
boolean	ratify(java.lang.Void credentials, RatifyContext<MockAccessControl> context)	Ratifies whether enough information is available to undertake authentication.
HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None>	sourceHttpSecurity(HttpSecurityContext context)	Sources the HttpSecurity.

Methods inherited from class net.officefloor.web.spi.security.impl.AbstractHttpSecuritySource

getSpecification, init, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PROPERTY_REALM

public static final java.lang.String PROPERTY_REALM

Name of Property to configure the realm.

See Also:

Constant Field Values

AUTHENTICATION_SCHEME

public static final java.lang.String AUTHENTICATION_SCHEME

Authentication scheme reported to the application via the HttpAccessControl.

See Also:

Constant Field Values

Constructor Detail

MockChallengeHttpSecuritySource

public MockChallengeHttpSecuritySource(java.lang.String realm)

Instantiate with the realm.

Parameters:

realm - Realm.

MockChallengeHttpSecuritySource

public MockChallengeHttpSecuritySource()

Default constructor.

Method Detail

getHeaderChallengeValue

public static java.lang.String getHeaderChallengeValue(java.lang.String realm)

Obtains the WWW-Authenticate HttpHeader value.

Parameters:

realm - Realm.

Returns:

WWW-Authenticate HttpHeader value.

loadSpecification

protected void loadSpecification(AbstractHttpSecuritySource.SpecificationContext context)

Description copied from class: AbstractHttpSecuritySource

Overridden to load specifications.

Specified by:

loadSpecification in class AbstractHttpSecuritySource<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Parameters:

context - Specifications.

loadMetaData

protected void loadMetaData(AbstractHttpSecuritySource.MetaDataContext<MockAuthentication,MockAccessControl,java.lang.Void,None,None> context)
                     throws java.lang.Exception

Description copied from class: AbstractHttpSecuritySource

Overridden to load meta-data.

Specified by:

loadMetaData in class AbstractHttpSecuritySource<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Parameters:

context - Meta-data.

Throws:

java.lang.Exception - If fails to load the meta-data.

sourceHttpSecurity

public HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None> sourceHttpSecurity(HttpSecurityContext context)
                                                                                                                       throws HttpException

Description copied from interface: HttpSecuritySource

Sources the HttpSecurity.

Specified by:

sourceHttpSecurity in interface HttpSecuritySource<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Parameters:

context - HttpSecurity.

Returns:

HttpSecurity.

Throws:

HttpException - If fails to source the HttpSecurity.

createAuthentication

public MockAuthentication createAuthentication(AuthenticationContext<MockAccessControl,java.lang.Void> context)

Description copied from interface: HttpSecurity

Creates the custom authentication.

Specified by:

createAuthentication in interface HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Parameters:

context - AuthenticateContext.

Returns:

Custom authentication.

ratify

public boolean ratify(java.lang.Void credentials,
                      RatifyContext<MockAccessControl> context)

Description copied from interface: HttpSecurity

Ratifies whether enough information is available to undertake authentication.

As authentication will likely require communication with external services (LDAP store, database, etc), this method allows checking whether enough information is available to undertake the authentication. The purpose is to avoid the ManagedFunction depending on dependencies of authentication subsequently causing execution by different Team. This is especially as the majority of HttpRequest servicing will use the HttpSession to cache details and not require the authentication dependencies causing the swap in Team.

Specified by:

ratify in interface HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Parameters:

credentials - Credentials.

context - RatifyContext.

Returns:

true should enough information be available to undertake authentication. false if not enough information is available for authentication.

authenticate

public void authenticate(java.lang.Void credentials,
                         AuthenticateContext<MockAccessControl,None,None> context)
                  throws HttpException

Description copied from interface: HttpSecurity

Undertakes authentication.

Specified by:

authenticate in interface HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Parameters:

credentials - Credentials.

context - AuthenticateContext.

Throws:

HttpException - If failure in communicating to necessary security services.

challenge

public void challenge(ChallengeContext<None,None> context)
               throws HttpException

Description copied from interface: HttpSecurity

Triggers the authentication challenge to the client.

Specified by:

challenge in interface HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Parameters:

context - ChallengeContext.

Throws:

HttpException - If failure in communicating to necessary security services.

logout

public void logout(LogoutContext<None,None> context)
            throws HttpException

Description copied from interface: HttpSecurity

Logs out.

Specified by:

logout in interface HttpSecurity<MockAuthentication,MockAccessControl,java.lang.Void,None,None>

Parameters:

context - LogoutContext.

Throws:

HttpException - If failure in communicating to necessary security services.