1
2
3
4
5
6
7 package org.mule.module.acegi;
8
9 import org.mule.tck.junit4.FunctionalTestCase;
10 import org.mule.transport.http.HttpConstants;
11
12 import org.apache.commons.httpclient.HttpClient;
13 import org.apache.commons.httpclient.UsernamePasswordCredentials;
14 import org.apache.commons.httpclient.auth.AuthScope;
15 import org.apache.commons.httpclient.methods.GetMethod;
16 import org.junit.Test;
17
18 import static org.junit.Assert.assertEquals;
19
20 public class HttpFilterFunctionalTestCase extends FunctionalTestCase
21 {
22
23 @Override
24 protected String getConfigResources()
25 {
26 return "http-filter-test.xml";
27 }
28
29 @Test
30 public void testAuthenticationFailureNoContext() throws Exception
31 {
32 HttpClient client = new HttpClient();
33 client.getParams().setAuthenticationPreemptive(true);
34 GetMethod get = new GetMethod("http://localhost:4567/index.html");
35
36 get.setDoAuthentication(false);
37
38 try
39 {
40 int status = client.executeMethod(get);
41 assertEquals(HttpConstants.SC_UNAUTHORIZED, status);
42 assertEquals(
43 "Registered authentication is set to org.mule.module.acegi.filters.http.HttpBasicAuthenticationFilter "
44 + "but there was no security context on the session. Authentication denied on endpoint "
45 + "http://localhost:4567. Message payload is of type: String",
46 get.getResponseBodyAsString());
47 }
48 finally
49 {
50 get.releaseConnection();
51 }
52 }
53
54 @Test
55 public void testAuthenticationFailureBadCredentials() throws Exception
56 {
57 doRequest(null, "localhost", "anonX", "anonX", "http://localhost:4567/index.html", true, false, 401);
58 }
59
60 @Test
61 public void testAuthenticationAuthorised() throws Exception
62 {
63 doRequest(null, "localhost", "anon", "anon", "http://localhost:4567/index.html", false, true, 200);
64 }
65
66 @Test
67 public void testAuthenticationAuthorisedWithHandshake() throws Exception
68 {
69 doRequest(null, "localhost", "anon", "anon", "http://localhost:4567/index.html", true, false, 200);
70 }
71
72 @Test
73 public void testAuthenticationAuthorisedWithHandshakeAndBadRealm() throws Exception
74 {
75 doRequest("blah", "localhost", "anon", "anon", "http://localhost:4567/index.html", true, false, 401);
76 }
77
78 @Test
79 public void testAuthenticationAuthorisedWithHandshakeAndRealm() throws Exception
80 {
81 doRequest("mule-realm", "localhost", "ross", "ross", "http://localhost:4567/index.html", true, false,
82 200);
83 }
84
85 private void doRequest(String realm,
86 String host,
87 String user,
88 String pass,
89 String url,
90 boolean handshake,
91 boolean preemtive,
92 int result) throws Exception
93 {
94 HttpClient client = new HttpClient();
95 client.getParams().setAuthenticationPreemptive(preemtive);
96 client.getState().setCredentials(new AuthScope(host, -1, realm),
97 new UsernamePasswordCredentials(user, pass));
98 GetMethod get = new GetMethod(url);
99 get.setDoAuthentication(handshake);
100
101 try
102 {
103 int status = client.executeMethod(get);
104 assertEquals(result, status);
105 }
106 finally
107 {
108 get.releaseConnection();
109 }
110 }
111
112 }