@Test public void configureWhenAddFilterCasAuthenticationFilterThenFilterAdded() throws Exception { CasAuthenticationFilterConfig.CAS_AUTHENTICATION_FILTER = spy(new CasAuthenticationFilter()); this.spring.register(CasAuthenticationFilterConfig.class).autowire(); this.mockMvc.perform(get("/")); verify(CasAuthenticationFilterConfig.CAS_AUTHENTICATION_FILTER).doFilter( any(ServletRequest.class), any(ServletResponse.class), any(FilterChain.class)); }
filter.afterPropertiesSet(); filter.doFilter(request, response, chain); assertThat(SecurityContextHolder .getContext().getAuthentication()).isNotNull().withFailMessage("Authentication should not be null"); filter.doFilter(request, response, chain); verifyNoMoreInteractions(chain); verify(successHandler).onAuthenticationSuccess(request, response, authentication);
@Test public void testChainNotInvokedForProxyReceptor() throws Exception { CasAuthenticationFilter filter = new CasAuthenticationFilter(); MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); FilterChain chain = mock(FilterChain.class); request.setServletPath("/pgtCallback"); filter.setProxyGrantingTicketStorage(mock(ProxyGrantingTicketStorage.class)); filter.setProxyReceptorUrl(request.getServletPath()); filter.doFilter(request, response, chain); verifyZeroInteractions(chain); } }
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) req; HttpServletResponse httpResponse = (HttpServletResponse) res; if (serviceSecurityContextManager.isSecurityEnabled()) { try { checkIfTicketExists(httpRequest); super.doFilter(req, res, chain); } catch (Throwable e) { Throwable[] causeChain = throwableAnalyzer.determineCauseChain(e); RuntimeException sse = (ServiceSecurityException) throwableAnalyzer.getFirstThrowableOfType(ServiceSecurityException.class, causeChain); if (sse != null) { logger.error(e.getMessage() + " Request came from remote address '{}'", httpRequest.getRemoteAddr()); httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, sse.getMessage()); } } finally { logger.debug("Clearing client authentication token."); serviceSecurityContextManager.clearClientToken(); } } else { chain.doFilter(req, res); } }