/** * converts an 2.3.x security configuration to 2.4.x * * @return <code>true</code> if migration has taken place */ boolean migrateFrom23() throws Exception { SecurityManagerConfig config = loadSecurityConfig(); RequestFilterChain webChain = config.getFilterChain() .getRequestChainByName(GeoServerSecurityFilterChain.WEB_CHAIN_NAME); boolean migrated = false; List<String> patterns = webChain.getPatterns(); if (patterns.contains("/") == false) { patterns.add("/"); saveSecurityConfig(config); migrated |= true; } return migrated; }
protected void prepareAuthProviders(String... authProviderNames) throws Exception { SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); config.getAuthProviderNames().clear(); for (String n : authProviderNames) config.getAuthProviderNames().add(n); getSecurityManager().saveSecurityConfig(config); }
protected void insertAnonymousFilter() throws Exception { SecurityManagerConfig mconfig = getSecurityManager().loadSecurityConfig(); mconfig.getFilterChain() .find(pattern) .getFilterNames() .add(GeoServerSecurityFilterChain.ANONYMOUS_FILTER); getSecurityManager().saveSecurityConfig(mconfig); }
protected void removeAnonymousFilter() throws Exception { SecurityManagerConfig mconfig = getSecurityManager().loadSecurityConfig(); mconfig.getFilterChain() .find(pattern) .getFilterNames() .remove(GeoServerSecurityFilterChain.ANONYMOUS_FILTER); getSecurityManager().saveSecurityConfig(mconfig); }
protected void prepareFilterChain(Class filterChainClass, String pattern, String... filterNames) throws Exception { SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); GeoServerSecurityFilterChain filterChain = config.getFilterChain(); filterChain.removeForPattern(pattern); Constructor<?> cons = filterChainClass.getConstructor(new Class[] {String[].class}); String[] args = new String[] {pattern}; RequestFilterChain requestChain = (RequestFilterChain) cons.newInstance(new Object[] {args}); requestChain = new HtmlLoginFilterChain(pattern); requestChain.setName("testChain"); requestChain.setFilterNames(filterNames); // insert before default filterChain.getRequestChains().add(filterChain.getRequestChains().size() - 2, requestChain); getSecurityManager().saveSecurityConfig(config); }
protected void modifyChain( String pattern, boolean disabled, boolean allowSessionCreation, String roleFilterName) throws Exception { SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); RequestFilterChain chain = config.getFilterChain().find(pattern); chain.setDisabled(disabled); chain.setAllowSessionCreation(allowSessionCreation); chain.setRoleFilterName(roleFilterName); getSecurityManager().saveSecurityConfig(config); return; }
protected void createServices() throws Exception { GeoServerRoleService rservice = createRoleService("rs1"); GeoServerRoleStore rstore = rservice.createStore(); GeoServerRole root, derived; rstore.addRole(root = rstore.createRoleObject(rootRole)); rstore.addRole(derived = rstore.createRoleObject(derivedRole)); rstore.setParentRole(derived, root); rstore.associateRoleToUser(derived, testUserName); rstore.associateRoleToUser(derived, "castest"); rstore.store(); SecurityManagerConfig mconfig = getSecurityManager().loadSecurityConfig(); mconfig.setRoleServiceName("rs1"); getSecurityManager().saveSecurityConfig(mconfig); GeoServerUserGroupService ugservice = createUserGroupService("ug1"); GeoServerUserGroupStore ugstore = ugservice.createStore(); GeoServerUser u1 = ugstore.createUserObject(testUserName, testPassword, true); ugstore.addUser(u1); GeoServerUser u2 = ugstore.createUserObject("abc@xyz.com", "abc", true); ugstore.addUser(u2); GeoServerUser u3 = ugstore.createUserObject("castest", "castest", true); ugstore.addUser(u3); ugstore.store(); GeoServerAuthenticationProvider prov = createAuthProvider(testProviderName, ugservice.getName()); prepareAuthProviders(prov.getName()); }
@Override public void onSubmit() { try { getSecurityManager() .saveSecurityConfig((SecurityManagerConfig) getForm().getModelObject()); doReturn(); } catch (Exception e) { LOGGER.log(Level.WARNING, "Error saving authentication config", e); error(e); } } });
@Override public void onSubmit() { SecurityManagerConfig config = (SecurityManagerConfig) getForm().getModelObject(); try { getSecurityManager().saveSecurityConfig(config); doReturn(); } catch (Exception e) { error(e); } } });
@Override public void onSubmit() { SecurityManagerConfig config = (SecurityManagerConfig) getForm().getModelObject(); try { getSecurityManager().saveSecurityConfig(config); doReturn(); } catch (Exception e) { error(e); } } });
@Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); // disable url parameter encoding for these tests SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); config.setEncryptingUrlParams(false); getSecurityManager().saveSecurityConfig(config); }
@Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); // disable url parameter encoding for these tests SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); config.setEncryptingUrlParams(false); getSecurityManager().saveSecurityConfig(config); }
@Override protected void setUpInternal() throws Exception { super.setUpInternal(); // disable url parameter encoding for these tests SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); config.setEncryptingUrlParams(false); getSecurityManager().saveSecurityConfig(config); }
@Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); // disable url parameter encoding for these tests SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); config.setEncryptingUrlParams(false); getSecurityManager().saveSecurityConfig(config); }
@Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); // disable url parameter encoding for these tests SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); config.setEncryptingUrlParams(false); getSecurityManager().saveSecurityConfig(config); }
@Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); // disable url parameter encoding for these tests SecurityManagerConfig config = getSecurityManager().getSecurityConfig(); config.setEncryptingUrlParams(false); getSecurityManager().saveSecurityConfig(config); }
@Test public void testTooManyBlockedThreads() throws Exception { // configure it to allow only one thread in the wait list GeoServerSecurityManager manager = applicationContext.getBean(GeoServerSecurityManager.class); final SecurityManagerConfig securityConfig = manager.getSecurityConfig(); BruteForcePreventionConfig bruteForceConfig = securityConfig.getBruteForcePrevention(); bruteForceConfig.setMaxBlockedThreads(1); manager.saveSecurityConfig(securityConfig); // hit with many different users testParallelLogin("Too many failed logins waiting on delay", i -> "foo" + i); }
@After public void removeCustomFilterConfig() throws Exception { GeoServerSecurityManager secMgr = getSecurityManager(); if (secMgr.listFilters().contains("custom")) { secMgr.removeFilter(secMgr.loadFilterConfig("custom")); } secMgr.getSecurityConfig().getFilterChain().remove("custom"); SecurityManagerConfig mgrConfig = secMgr.getSecurityConfig(); secMgr.saveSecurityConfig(mgrConfig); }