1
2
3
4
5
6
7 package org.mule.module.spring.security;
8
9 import org.mule.tck.junit4.FunctionalTestCase;
10 import org.mule.transport.http.HttpConstants;
11
12 import org.apache.commons.httpclient.HttpClient;
13 import org.apache.commons.httpclient.UsernamePasswordCredentials;
14 import org.apache.commons.httpclient.auth.AuthScope;
15 import org.apache.commons.httpclient.methods.GetMethod;
16 import org.junit.Test;
17
18 import static org.junit.Assert.assertEquals;
19 import static org.junit.Assert.assertTrue;
20
21 public class HttpFilterFunctionalTestCase extends FunctionalTestCase
22 {
23
24 @Override
25 protected String getConfigResources()
26 {
27 return "http-filter-test.xml";
28 }
29
30 @Test
31 public void testAuthenticationFailureNoContext() throws Exception
32 {
33 HttpClient client = new HttpClient();
34 client.getParams().setAuthenticationPreemptive(true);
35 GetMethod get = new GetMethod(getUrl());
36
37 get.setDoAuthentication(false);
38
39 try
40 {
41 int status = client.executeMethod(get);
42 assertEquals(HttpConstants.SC_UNAUTHORIZED, status);
43 assertTrue(get.getResponseBodyAsString().contains("no security context on the session. Authentication denied on endpoint"));
44 }
45 finally
46 {
47 get.releaseConnection();
48 }
49 }
50
51 @Test
52 public void testAuthenticationFailureBadCredentials() throws Exception
53 {
54 doRequest(null, "localhost", "anonX", "anonX", getUrl(), true, false, 401);
55 }
56
57 protected String getUrl()
58 {
59 return "http://localhost:4567/authenticate";
60 }
61
62 @Test
63 public void testAuthenticationAuthorised() throws Exception
64 {
65 doRequest(null, "localhost", "anon", "anon", getUrl(), false, true, 200);
66 }
67
68 @Test
69 public void testAuthenticationAuthorisedWithHandshake() throws Exception
70 {
71 doRequest(null, "localhost", "anon", "anon", getUrl(), true, false, 200);
72 }
73
74 @Test
75 public void testAuthenticationAuthorisedWithHandshakeAndBadRealm() throws Exception
76 {
77 doRequest("blah", "localhost", "anon", "anon", getUrl(), true, false, 401);
78 }
79
80 @Test
81 public void testAuthenticationAuthorisedWithHandshakeAndRealm() throws Exception
82 {
83 doRequest("mule-realm", "localhost", "ross", "ross", getUrl(), true, false, 200);
84 }
85
86 private void doRequest(String realm,
87 String host,
88 String user,
89 String pass,
90 String url,
91 boolean handshake,
92 boolean preemtive,
93 int result) throws Exception
94 {
95 HttpClient client = new HttpClient();
96 client.getParams().setAuthenticationPreemptive(preemtive);
97 client.getState().setCredentials(new AuthScope(host, -1, realm),
98 new UsernamePasswordCredentials(user, pass));
99 GetMethod get = new GetMethod(url);
100 get.setDoAuthentication(handshake);
101
102 try
103 {
104 int status = client.executeMethod(get);
105 assertEquals(result, status);
106 }
107 finally
108 {
109 get.releaseConnection();
110 }
111 }
112
113 }