コード例 #1
0
        public void TestSimplePrincipal()
        {
            string     name         = "CN=Manager,OU=MyUnit";
            IIdentity  identity     = new GenericIdentity(name, "POF");
            IPrincipal principalOne = new GenericPrincipal(identity, null);
            IPrincipal principalTwo = new GenericPrincipal(identity, null);

            Assert.IsFalse(principalOne.Equals(principalTwo));
            Assert.IsFalse(Object.Equals(principalOne, principalTwo));

            principalOne = new SimplePrincipal(identity, null);
            principalTwo = new SimplePrincipal(identity, null);

            Assert.IsTrue(principalOne.Equals(principalTwo));
            Assert.IsTrue(Object.Equals(principalOne, principalTwo));
        }
コード例 #2
0
        /// <summary>
        /// Deserialize a user type instance from a POF stream by reading its
        /// state using the specified <see cref="IPofReader"/> object.
        /// </summary>
        /// <remarks>
        /// An implementation of <b>IPofSerializer</b> is required to follow
        /// the following steps in sequence for reading in an object of a
        /// user type:
        /// <list type="number">
        /// <item>
        /// <description>
        /// If the object is evolvable, the implementation must get the
        /// version by calling <see cref="IPofWriter.VersionId"/>.
        /// </description>
        /// </item>
        /// <item>
        /// <description>
        /// The implementation may read any combination of the
        /// properties of the user type by using "read" methods of the
        /// <b>IPofReader</b>, but it must do so in the order of the property
        /// indexes.
        /// </description>
        /// </item>
        /// <item>
        /// <description>
        /// After all desired properties of the user type have been read,
        /// the implementation must terminate the reading of the user type by
        /// calling <see cref="IPofReader.ReadRemainder"/>.
        /// </description>
        /// </item>
        /// </list>
        /// </remarks>
        /// <param name="reader">
        /// The <b>IPofReader</b> with which to read the object's state.
        /// </param>
        /// <returns>
        /// The deserialized user type instance.
        /// </returns>
        /// <exception cref="IOException">
        /// If an I/O error occurs.
        /// </exception>
        public object Deserialize(IPofReader reader)
        {
            IList identities = (IList)reader.ReadCollection(0, new ArrayList(1));

            reader.ReadRemainder();

            IPrincipal principal = null;

            if (identities.Count > 0)
            {
                IIdentity identity = (IIdentity)identities[0];
                principal = new SimplePrincipal(identity, null);
                reader.RegisterIdentity(principal);
            }

            return(principal);
        }
コード例 #3
0
        public void TestSimpleIdentityPassing()
        {
            string     name         = "CN=Manager,OU=MyUnit";
            IIdentity  identity     = new GenericIdentity(name, "POF");
            IPrincipal principalNew = new SimplePrincipal(identity, null);
            IPrincipal principalOld = Thread.CurrentPrincipal;

            INamedCache cache00;

            Thread.CurrentPrincipal = principalNew;
            try
            {
                cache00 = CacheFactory.GetCache(CacheName);
                Assert.IsNotNull(cache00);
            }
            finally
            {
                Thread.CurrentPrincipal = principalOld;
            }

            INamedCache cache01;

            name         = "CN=CEO,OU=MyUnit";
            identity     = new GenericIdentity(name, "POF");
            principalNew = new SimplePrincipal(identity, null);
            principalOld = Thread.CurrentPrincipal;

            Thread.CurrentPrincipal = principalNew;
            try
            {
                cache01 = CacheFactory.GetCache(CacheName);
                Assert.IsNotNull(cache01);
            }
            finally
            {
                Thread.CurrentPrincipal = principalOld;
            }
            Assert.IsFalse(cache00.Equals(cache01));
        }
コード例 #4
0
        public void TestSimpleIdentityServiceScoping()
        {
            string     name         = "CN=Manager,OU=MyUnit";
            IIdentity  identity     = new GenericIdentity(name, "POF");
            IPrincipal principalNew = new SimplePrincipal(identity, null);
            IPrincipal principalOld = Thread.CurrentPrincipal;
            IService   service00;

            Thread.CurrentPrincipal = principalNew;
            try
            {
                service00 = CacheFactory.GetService("RemoteInvocationService");
                Assert.IsNotNull(service00);
            }
            finally
            {
                Thread.CurrentPrincipal = principalOld;
            }

            IService service01;

            name         = "CN=Admin,OU=MyUnit";
            identity     = new GenericIdentity(name, "POF");
            principalNew = new SimplePrincipal(identity, null);
            principalOld = Thread.CurrentPrincipal;

            Thread.CurrentPrincipal = principalNew;
            try
            {
                service01 = CacheFactory.GetService("RemoteInvocationService");
                Assert.IsNotNull(service01);
            }
            finally
            {
                Thread.CurrentPrincipal = principalOld;
            }
            Assert.AreNotEqual(service00, service01);
        }
コード例 #5
0
        /**
         * @throws IllegalArgumentException if the ServiceTicketId or the Service
         * are null.
         */
        //@Audit(
        //    action="SERVICE_TICKET_VALIDATE",
        //    actionResolverName="VALIDATE_SERVICE_TICKET_RESOLVER",
        //    resourceResolverName="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER")
        //@Profiled(tag="VALIDATE_SERVICE_TICKET",logFailuresSeparately = false)
        //@Transactional(readOnly = false)
        public Assertion validateServiceTicket(string serviceTicketId, Service service)
        {
            //Assert.notNull(serviceTicketId, "serviceTicketId cannot be null");
            //Assert.notNull(service, "service cannot be null");

            ServiceTicket serviceTicket = (ServiceTicket)this.serviceTicketRegistry.getTicket(serviceTicketId, typeof(ServiceTicket));

            RegisteredService registeredService = this.servicesManager.findServiceBy(service);

            if (registeredService == null || !registeredService.isEnabled())
            {
                //log.warn("ServiceManagement: Service does not exist is not enabled, and thus not allowed to validate tickets.   Service: [" + service.getId() + "]");
                throw new UnauthorizedServiceException("Service not allowed to validate tickets.");
            }

            if (serviceTicket == null)
            {
                //log.info("ServiceTicket [" + serviceTicketId + "] does not exist.");
                throw new InvalidTicketException();
            }

            try
            {
                lock (serviceTicket)
                {
                    if (serviceTicket.isExpired())
                    {
                        //log.info("ServiceTicket [" + serviceTicketId + "] has expired.");
                        throw new InvalidTicketException();
                    }

                    if (!serviceTicket.isValidFor(service))
                    {
                        //log.error("ServiceTicket [" + serviceTicketId + "] with service [" + serviceTicket.getService().getId() + " does not match supplied service [" + service + "]");
                        throw new TicketValidationException(serviceTicket.getService());
                    }
                }

                List <Authentication> chainedAuthenticationsList = serviceTicket.getGrantingTicket().getChainedAuthentications();
                Authentication        authentication             = chainedAuthenticationsList.ElementAt(chainedAuthenticationsList.Count() - 1);
                Principal             principal = authentication.getPrincipal();

                string         principalId = this.determinePrincipalIdForRegisteredService(principal, registeredService, serviceTicket);
                Authentication authToUse;

                if (!registeredService.isIgnoreAttributes())
                {
                    Dictionary <string, Object> attributes = new Dictionary <string, Object>();

                    foreach (string attribute in registeredService.getAllowedAttributes())
                    {
                        Object value = principal.getAttributes().FirstOrDefault(x => x.Key == attribute).Value;

                        if (value != null)
                        {
                            attributes.Add(attribute, value);
                        }
                    }

                    Principal             modifiedPrincipal     = new SimplePrincipal(principalId, attributes);
                    MutableAuthentication mutableAuthentication = new MutableAuthentication(modifiedPrincipal, authentication.getAuthenticatedDate());

                    var mutableAuthenticationattributes = mutableAuthentication.getAttributes();

                    var U = mutableAuthentication.getAttributes().Concat(authentication.getAttributes());



                    mutableAuthentication.Attributes = U.ToDictionary(x => x.Key, x => x.Value);

                    mutableAuthentication.AuthenticatedDate = authentication.getAuthenticatedDate();
                    //mutableAuthentication.getAuthenticatedDate() = authentication.getAuthenticatedDate();

                    authToUse = mutableAuthentication;
                }
                else
                {
                    Principal modifiedPrincipal = new SimplePrincipal(principalId, principal.getAttributes());
                    authToUse = new MutableAuthentication(modifiedPrincipal, authentication.getAuthenticatedDate());
                }

                List <Authentication> authentications = new List <Authentication>();

                for (int i = 0; i < chainedAuthenticationsList.Count() - 1; i++)
                {
                    authentications.Add(serviceTicket.getGrantingTicket().getChainedAuthentications().ElementAt(i));
                }
                authentications.Add(authToUse);

                return(new ImmutableAssertionImpl(authentications, serviceTicket.getService(), serviceTicket.isFromNewLogin()));
            }

            finally
            {
                if (serviceTicket.isExpired())
                {
                    this.serviceTicketRegistry.deleteTicket(serviceTicketId);
                }
            }
        }
コード例 #6
0
        public void TestSimpleIdentityCacheScoping()
        {
            // Test two caches are not equal when different principals
            // have different identity
            string      name         = "CN=Manager,OU=MyUnit";
            IIdentity   identity     = new GenericIdentity(name, "POF");
            IPrincipal  principalNew = new SimplePrincipal(identity, null);
            IPrincipal  principalOld = Thread.CurrentPrincipal;
            INamedCache cache00;

            Thread.CurrentPrincipal = principalNew;
            try
            {
                cache00 = CacheFactory.GetCache(CacheName);
                Assert.IsNotNull(cache00);
            }
            finally
            {
                Thread.CurrentPrincipal = principalOld;
            }

            INamedCache cache01;

            name         = "CN=CEO,OU=MyUnit";
            identity     = new GenericIdentity(name, "POF");
            principalNew = new SimplePrincipal(identity, null);
            principalOld = Thread.CurrentPrincipal;

            Thread.CurrentPrincipal = principalNew;
            try
            {
                cache01 = CacheFactory.GetCache(CacheName);
                Assert.IsNotNull(cache01);
            }
            finally
            {
                Thread.CurrentPrincipal = principalOld;
            }
            Assert.IsFalse(cache00.Equals(cache01));


            // Test two caches are equal when different principals
            // have same identity
            name         = "CN=Manager,OU=MyUnit";
            identity     = new GenericIdentity(name, "POF");
            principalNew = new SimplePrincipal(identity, null);
            principalOld = Thread.CurrentPrincipal;

            Thread.CurrentPrincipal = principalNew;
            try
            {
                cache00 = CacheFactory.GetCache(CacheName);
                Assert.IsNotNull(cache00);
            }
            finally
            {
                Thread.CurrentPrincipal = principalOld;
            }

            identity     = new GenericIdentity(name, "POF");
            principalNew = new SimplePrincipal(identity, null);
            principalOld = Thread.CurrentPrincipal;

            Thread.CurrentPrincipal = principalNew;
            try
            {
                cache01 = CacheFactory.GetCache(CacheName);
                Assert.IsNotNull(cache01);
            }
            finally
            {
                Thread.CurrentPrincipal = principalOld;
            }
            Assert.AreEqual(cache00, cache01);
        }