1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.spring.security;
12
13 import org.mule.tck.FunctionalTestCase;
14 import org.mule.transport.http.HttpConstants;
15
16 import org.apache.commons.httpclient.HttpClient;
17 import org.apache.commons.httpclient.UsernamePasswordCredentials;
18 import org.apache.commons.httpclient.auth.AuthScope;
19 import org.apache.commons.httpclient.methods.GetMethod;
20
21 public class HttpFilterFunctionalTestCase extends FunctionalTestCase
22 {
23
24 protected String getConfigResources()
25 {
26 return "http-filter-test.xml";
27 }
28
29 public void testAuthenticationFailureNoContext() throws Exception
30 {
31 HttpClient client = new HttpClient();
32 client.getParams().setAuthenticationPreemptive(true);
33 GetMethod get = new GetMethod(getUrl());
34
35 get.setDoAuthentication(false);
36
37 try
38 {
39 int status = client.executeMethod(get);
40 assertEquals(HttpConstants.SC_UNAUTHORIZED, status);
41 assertTrue(get.getResponseBodyAsString().contains("no security context on the session. Authentication denied on endpoint"));
42 }
43 finally
44 {
45 get.releaseConnection();
46 }
47 }
48
49 public void testAuthenticationFailureBadCredentials() throws Exception
50 {
51 doRequest(null, "localhost", "anonX", "anonX", getUrl(), true, false, 401);
52 }
53
54 protected String getUrl()
55 {
56 return "http://localhost:4567/index.html";
57 }
58
59 public void testAuthenticationAuthorised() throws Exception
60 {
61 doRequest(null, "localhost", "anon", "anon", getUrl(), false, true, 200);
62 }
63
64 public void testAuthenticationAuthorisedWithHandshake() throws Exception
65 {
66 doRequest(null, "localhost", "anon", "anon", getUrl(), true, false, 200);
67 }
68
69 public void testAuthenticationAuthorisedWithHandshakeAndBadRealm() throws Exception
70 {
71 doRequest("blah", "localhost", "anon", "anon", getUrl(), true, false, 401);
72 }
73
74 public void testAuthenticationAuthorisedWithHandshakeAndRealm() throws Exception
75 {
76 doRequest("mule-realm", "localhost", "ross", "ross", getUrl(), true, false, 200);
77 }
78
79 private void doRequest(String realm,
80 String host,
81 String user,
82 String pass,
83 String url,
84 boolean handshake,
85 boolean preemtive,
86 int result) throws Exception
87 {
88 HttpClient client = new HttpClient();
89 client.getParams().setAuthenticationPreemptive(preemtive);
90 client.getState().setCredentials(new AuthScope(host, -1, realm),
91 new UsernamePasswordCredentials(user, pass));
92 GetMethod get = new GetMethod(url);
93 get.setDoAuthentication(handshake);
94
95 try
96 {
97 int status = client.executeMethod(get);
98 assertEquals(result, status);
99 }
100 finally
101 {
102 get.releaseConnection();
103 }
104 }
105
106 }