View Javadoc

1   /*
2    * $Id: HttpBasicAuthenticationFilterTestCase.java 20320 2010-11-24 15:03:31Z dfeist $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.acegi.filters.http;
12  
13  import static org.mockito.Matchers.anyObject;
14  import static org.mockito.Mockito.doThrow;
15  import static org.mockito.Mockito.mock;
16  import static org.mockito.Mockito.verify;
17  
18  import org.mule.RequestContext;
19  import org.mule.api.MuleEvent;
20  import org.mule.api.MuleMessage;
21  import org.mule.api.security.Authentication;
22  import org.mule.api.security.SecurityManager;
23  import org.mule.api.security.UnauthorisedException;
24  import org.mule.api.transport.PropertyScope;
25  import org.mule.tck.AbstractMuleTestCase;
26  import org.mule.transport.http.HttpConstants;
27  
28  public class HttpBasicAuthenticationFilterTestCase extends AbstractMuleTestCase
29  {
30  
31      public void testAuthenticationHeaderFailure() throws Exception
32      {
33          MuleEvent oldEvent = RequestContext.getEvent();
34  
35          MuleEvent event = this.getTestEvent("a");
36          MuleMessage message = event.getMessage();
37          message.setProperty(HttpConstants.HEADER_AUTHORIZATION, "Basic a", PropertyScope.INBOUND);
38          RequestContext.setEvent(event);
39  
40          HttpBasicAuthenticationFilter filter = new HttpBasicAuthenticationFilter();
41  
42          SecurityManager manager = mock(SecurityManager.class);
43          filter.setSecurityManager(manager);
44  
45          doThrow(new UnauthorisedException(null, (MuleEvent) null)).when(manager).authenticate(
46              (Authentication) anyObject());
47  
48          try
49          {
50              filter.authenticateInbound(event);
51              fail("An UnauthorisedException should be thrown");
52          }
53          catch (UnauthorisedException e)
54          {
55              assertNotNull(event.getMessage().getProperty("WWW-Authenticate"));
56              assertEquals("Basic realm=", event.getMessage().getProperty("WWW-Authenticate"));
57              verify(manager);
58          }
59          RequestContext.setEvent(oldEvent);
60      }
61  }