@Override public void start(Future<Void> startFuture) throws Exception { ShellService service = ShellService.create(vertx, new ShellServiceOptions(). setHttpOptions( new HttpTermOptions(). setHost("localhost"). setPort(8080). setAuthOptions(new ShiroAuthOptions(). setConfig(new JsonObject().put("properties_path", "auth.properties"))))); service.start(ar -> { if (ar.succeeded()) { startFuture.succeeded(); } else { startFuture.fail(ar.cause()); } }); } }
@Override public void setUp() throws Exception { super.setUp(); JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); usernameParam = FormLoginHandler.DEFAULT_USERNAME_PARAM; passwordParam = FormLoginHandler.DEFAULT_PASSWORD_PARAM; }
AuthProvider authProvider = ShiroAuth.create(vertx, ShiroAuthRealmType.PROPERTIES, new JsonObject());
public static io.vertx.ext.auth.shiro.ShiroAuth create(io.vertx.ext.auth.shiro.ShiroAuth j_receiver, io.vertx.core.Vertx vertx, java.util.Map<String, Object> options) { return io.vertx.core.impl.ConversionHelper.fromObject(io.vertx.ext.auth.shiro.ShiroAuth.create(vertx, options != null ? new io.vertx.ext.auth.shiro.ShiroAuthOptions(io.vertx.core.impl.ConversionHelper.toJsonObject(options)) : null)); } }
/** * Set the role prefix to distinguish from permissions when checking for isPermitted requests. * @param rolePrefix a Prefix e.g.: "role:" * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.shiro.ShiroAuth setRolePrefix(String rolePrefix) { io.vertx.rxjava.ext.auth.shiro.ShiroAuth ret = io.vertx.rxjava.ext.auth.shiro.ShiroAuth.newInstance(delegate.setRolePrefix(rolePrefix)); return ret; }
@Test public void testSecurityBypass() throws Exception { Handler<RoutingContext> handler = rc -> { fail("should not get here"); rc.response().end("Welcome to the protected resource!"); }; JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); router.route().pathRegex("/api/.*").handler(BasicAuthHandler.create(authProvider)); router.route("/api/v1/standard-job-profiles").handler(handler); testRequest(HttpMethod.GET, "//api/v1/standard-job-profiles", 401, "Unauthorized"); } }
@Override public void start(Future<Void> startFuture) throws Exception { ShellService service = ShellService.create(vertx, new ShellServiceOptions(). setSSHOptions( new SSHTermOptions(). setHost("localhost"). setPort(3000). setKeyPairOptions(new JksOptions(). setPath("keystore.jks"). setPassword("wibble")). setAuthOptions(new ShiroAuthOptions(). setConfig(new JsonObject().put("properties_path", "auth.properties"))))); service.start(ar -> { if (ar.succeeded()) { startFuture.succeeded(); } else { startFuture.fail(ar.cause()); } }); } }
AuthProvider authProvider = ShiroAuth.create(vertx, ShiroAuthRealmType.PROPERTIES, new JsonObject());
/** * Set the role prefix to distinguish from permissions when checking for isPermitted requests. * @param rolePrefix a Prefix e.g.: "role:" * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.shiro.ShiroAuth setRolePrefix(String rolePrefix) { io.vertx.rxjava.ext.auth.shiro.ShiroAuth ret = io.vertx.rxjava.ext.auth.shiro.ShiroAuth.newInstance(delegate.setRolePrefix(rolePrefix)); return ret; }
@Test public void testSendRequiresAuthorityHasnotAuthority() throws Exception { sockJSHandler.bridge(defaultOptions.addInboundPermitted(new PermittedOptions().setAddress(addr).setRequiredAuthority("pick_nose"))); router.clear(); router.route().handler(CookieHandler.create()); SessionStore store = LocalSessionStore.create(vertx); router.route().handler(SessionHandler.create(store)); JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); addLoginHandler(router, authProvider); router.route("/eventbus/*").handler(sockJSHandler); testError(new JsonObject().put("type", "send").put("address", addr).put("body", "foo"), "access_denied"); }
public static io.vertx.ext.auth.shiro.ShiroAuth create(io.vertx.ext.auth.shiro.ShiroAuth j_receiver, io.vertx.core.Vertx vertx, io.vertx.ext.auth.shiro.ShiroAuthRealmType realmType, java.util.Map<String, Object> config) { return io.vertx.core.impl.ConversionHelper.fromObject(io.vertx.ext.auth.shiro.ShiroAuth.create(vertx, realmType, config != null ? io.vertx.core.impl.ConversionHelper.toJsonObject(config) : null)); } public static io.vertx.ext.auth.shiro.ShiroAuth create(io.vertx.ext.auth.shiro.ShiroAuth j_receiver, io.vertx.core.Vertx vertx, java.util.Map<String, Object> options) {
@Test public void testSendRequiresAuthorityHasAuthority() throws Exception { sockJSHandler.bridge(defaultOptions.addInboundPermitted(new PermittedOptions().setAddress(addr).setRequiredAuthority("bang_sticks"))); router.clear(); router.route().handler(CookieHandler.create()); SessionStore store = LocalSessionStore.create(vertx); router.route().handler(SessionHandler.create(store)); JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); addLoginHandler(router, authProvider); router.route("/eventbus/*").handler(sockJSHandler); testSend("foo"); }
@Override public void setUp() throws Exception { super.setUp(); JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); // create a chain chain = ChainAuthHandler.create(); chain .append(JWTAuthHandler.create(null)) .append(BasicAuthHandler.create(authProvider)) .append(RedirectAuthHandler.create(authProvider)); router.route().handler(SessionHandler.create(LocalSessionStore.create(vertx))); router.route().handler(chain); router.route().handler(ctx -> ctx.response().end()); }
@Test public void testLoginFail() throws Exception { String realm = "vertx-web"; Handler<RoutingContext> handler = rc -> { fail("should not get here"); rc.response().end("Welcome to the protected resource!"); }; JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); router.route("/protected/*").handler(BasicAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> { String wwwAuth = resp.headers().get("WWW-Authenticate"); assertNotNull(wwwAuth); assertEquals("Basic realm=\"" + realm + "\"", wwwAuth); }, 401, "Unauthorized", null); // Now try again with bad credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic dGltOn5hdXdhZ2Vz"), resp -> { String wwwAuth = resp.headers().get("WWW-Authenticate"); assertNotNull(wwwAuth); assertEquals("Basic realm=\"" + realm + "\"", wwwAuth); }, 401, "Unauthorized", null); }
private void doLogin(String realm) throws Exception { Handler<RoutingContext> handler = rc -> { assertNotNull(rc.user()); assertEquals("tim", rc.user().principal().getString("username")); rc.response().end("Welcome to the protected resource!"); }; JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); router.route("/protected/*").handler(BasicAuthHandler.create(authProvider, realm)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> { String wwwAuth = resp.headers().get("WWW-Authenticate"); assertNotNull(wwwAuth); assertEquals("Basic realm=\"" + realm + "\"", wwwAuth); }, 401, "Unauthorized", null); // Now try again with credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic dGltOmRlbGljaW91czpzYXVzYWdlcw=="), resp -> { String wwwAuth = resp.headers().get("WWW-Authenticate"); assertNull(wwwAuth); }, 200, "OK", "Welcome to the protected resource!"); }
AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); AuthHandler authHandler = createAuthHandler(authProvider); if (authorities != null) {
@Override public void setUp() throws Exception { super.setUp(); JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); usernameParam = FormLoginHandler.DEFAULT_USERNAME_PARAM; passwordParam = FormLoginHandler.DEFAULT_PASSWORD_PARAM; }
@Override public void setUp() throws Exception { super.setUp(); authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(getConfig())); }
private void assertResolve(File cwd, String path) { try { System.setProperty("vertx.cwd", cwd.getAbsolutePath()); ShiroAuth.create(vertx, new ShiroAuthOptions().setType( ShiroAuthRealmType.PROPERTIES ).setConfig( new JsonObject().put(PropertiesProviderConstants.PROPERTIES_PROPS_PATH_FIELD, path) ) ); } finally { System.clearProperty("vertx.cwd"); } } }
AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); router.route().handler(UserSessionHandler.create(authProvider)); router.route("/protected/*").handler(BasicAuthHandler.create(authProvider));