Authentication auth = createAuthentication( singleTenantAdmin ); //$NON-NLS-1$ SecurityContextHolder.getContext().setAuthentication( auth );
@Test public void createAnonimousAuthentificationTest() { Authentication auth = getAuthorizedSecurityHelper().createAuthentication( ANONIMOUS_USER ); boolean roleWasFound = false; for ( GrantedAuthority authElem : auth.getAuthorities() ) { if ( authElem != null && ANONIMOUS_ROLE.equals( authElem.getAuthority() ) ) { roleWasFound = true; break; } } assertTrue( "not granted access for anonimous user", roleWasFound ); }
@Test public void createAuthentificationTest() { Authentication authentication = getAuthorizedSecurityHelper().createAuthentication( DEF_USERNAME ); Collection<? extends GrantedAuthority> autorities = authentication.getAuthorities(); // check for the all inner roles from ALL_ROLES_ARRAY that they are present in authentication authorities for ( String sourceRole : ALL_ROLES_ARRAY ) { boolean roleWasFound = false; for ( GrantedAuthority authRole : autorities ) { if ( sourceRole.equals( authRole.getAuthority() ) ) { roleWasFound = true; break; } } if ( !roleWasFound ) { fail( "not whole of required roles are present in created authentication authorities" ); return; } } }
/** * Hi-jacks the system for the named user. <p/> <p> This is for unit tests only. </p> */ @Override public void becomeUser( final String principalName, final IParameterProvider paramProvider ) { UserSession session = null; tenantedUserNameUtils = getTenantedUserNameUtils(); if ( tenantedUserNameUtils != null ) { session = new UserSession( principalName, null, false, paramProvider ); ITenant tenant = tenantedUserNameUtils.getTenant( principalName ); session.setAttribute( IPentahoSession.TENANT_ID_KEY, tenant.getId() ); session.setAuthenticated( tenant.getId(), principalName ); } else { session = new UserSession( principalName, null, false, paramProvider ); session.setAuthenticated( principalName ); } PentahoSessionHolder.setSession( session ); Authentication auth = createAuthentication( principalName ); // TODO We need to figure out how to inject this // Get the tenant id from the principle name and set it as an attribute of the pentaho session // Clearing the SecurityContext to force the subsequent call to getContext() to generate a new SecurityContext. // This prevents us from modifying the Authentication on a SecurityContext isntance which may be shared between // threads. PentahoSessionHolder.getSession().setAttribute( IPentahoSession.SESSION_ROLES, auth.getAuthorities() ); SecurityContextHolder.clearContext(); SecurityContextHolder.getContext().setAuthentication( auth ); PentahoSystem.sessionStartup( PentahoSessionHolder.getSession(), paramProvider ); }