View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.module.spring.security;
8   
9   import org.mule.tck.junit4.FunctionalTestCase;
10  
11  import org.apache.commons.httpclient.HttpClient;
12  import org.apache.commons.httpclient.UsernamePasswordCredentials;
13  import org.apache.commons.httpclient.auth.AuthScope;
14  import org.apache.commons.httpclient.methods.GetMethod;
15  import org.junit.Test;
16  
17  import static org.junit.Assert.assertEquals;
18  
19  public class AuthorizationFilterTestCase extends FunctionalTestCase
20  {
21  
22      @Override
23      protected String getConfigResources()
24      {
25          return "http-filter-test.xml";
26      }
27  
28      @Test
29      public void testAuthenticatedButNotAuthorized() throws Exception
30      {
31          doRequest(null, "localhost", "anon", "anon", getUrl(), true, false, 405);
32      }
33      
34      @Test
35      public void testAuthorized() throws Exception
36      {
37          doRequest(null, "localhost", "ross", "ross", getUrl(), true, false, 200);
38      }
39  
40      protected String getUrl()
41      {
42          return "http://localhost:4567/authorize";
43      }
44  
45      private void doRequest(String realm,
46                             String host,
47                             String user,
48                             String pass,
49                             String url,
50                             boolean handshake,
51                             boolean preemtive,
52                             int result) throws Exception
53      {
54          HttpClient client = new HttpClient();
55          client.getParams().setAuthenticationPreemptive(preemtive);
56          client.getState().setCredentials(new AuthScope(host, -1, realm),
57              new UsernamePasswordCredentials(user, pass));
58          GetMethod get = new GetMethod(url);
59          get.setDoAuthentication(handshake);
60  
61          try
62          {
63              int status = client.executeMethod(get);
64              assertEquals(result, status);
65          }
66          finally
67          {
68              get.releaseConnection();
69          }
70      }
71  
72  }