View Javadoc

1   /*
2    * $Id: HttpFilterFunctionalTestCase.java 10662 2008-02-01 13:10:14Z romikk $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.spring.security;
12  
13  import org.mule.tck.FunctionalTestCase;
14  import org.mule.transport.http.HttpConstants;
15  
16  import org.apache.commons.httpclient.HttpClient;
17  import org.apache.commons.httpclient.UsernamePasswordCredentials;
18  import org.apache.commons.httpclient.auth.AuthScope;
19  import org.apache.commons.httpclient.methods.GetMethod;
20  
21  public class HttpFilterFunctionalTestCase extends FunctionalTestCase
22  {
23  
24      protected String getConfigResources()
25      {
26          return "http-filter-test.xml";
27      }
28  
29      public void testAuthenticationFailureNoContext() throws Exception
30      {
31          HttpClient client = new HttpClient();
32          client.getParams().setAuthenticationPreemptive(true);
33          GetMethod get = new GetMethod(getUrl());
34  
35          get.setDoAuthentication(false);
36  
37          try
38          {
39              int status = client.executeMethod(get);
40              assertEquals(HttpConstants.SC_UNAUTHORIZED, status);
41              assertTrue(get.getResponseBodyAsString().contains("no security context on the session. Authentication denied on endpoint"));
42          }
43          finally
44          {
45              get.releaseConnection();
46          }
47      }
48  
49      public void testAuthenticationFailureBadCredentials() throws Exception
50      {
51          doRequest(null, "localhost", "anonX", "anonX", getUrl(), true, false, 401);
52      }
53  
54      protected String getUrl()
55      {
56          return "http://localhost:4567/index.html";
57      }
58  
59      public void testAuthenticationAuthorised() throws Exception
60      {
61          doRequest(null, "localhost", "anon", "anon", getUrl(), false, true, 200);
62      }
63  
64      public void testAuthenticationAuthorisedWithHandshake() throws Exception
65      {
66          doRequest(null, "localhost", "anon", "anon", getUrl(), true, false, 200);
67      }
68  
69      public void testAuthenticationAuthorisedWithHandshakeAndBadRealm() throws Exception
70      {
71          doRequest("blah", "localhost", "anon", "anon", getUrl(), true, false, 401);
72      }
73  
74      public void testAuthenticationAuthorisedWithHandshakeAndRealm() throws Exception
75      {
76          doRequest("mule-realm", "localhost", "ross", "ross", getUrl(), true, false, 200);
77      }
78  
79      private void doRequest(String realm,
80                             String host,
81                             String user,
82                             String pass,
83                             String url,
84                             boolean handshake,
85                             boolean preemtive,
86                             int result) throws Exception
87      {
88          HttpClient client = new HttpClient();
89          client.getParams().setAuthenticationPreemptive(preemtive);
90          client.getState().setCredentials(new AuthScope(host, -1, realm),
91              new UsernamePasswordCredentials(user, pass));
92          GetMethod get = new GetMethod(url);
93          get.setDoAuthentication(handshake);
94  
95          try
96          {
97              int status = client.executeMethod(get);
98              assertEquals(result, status);
99          }
100         finally
101         {
102             get.releaseConnection();
103         }
104     }
105 
106 }