View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.module.acegi;
8   
9   import org.mule.tck.junit4.FunctionalTestCase;
10  import org.mule.transport.http.HttpConstants;
11  
12  import org.apache.commons.httpclient.HttpClient;
13  import org.apache.commons.httpclient.UsernamePasswordCredentials;
14  import org.apache.commons.httpclient.auth.AuthScope;
15  import org.apache.commons.httpclient.methods.GetMethod;
16  import org.junit.Test;
17  
18  import static org.junit.Assert.assertEquals;
19  
20  public class HttpFilterFunctionalTestCase extends FunctionalTestCase
21  {
22  
23      @Override
24      protected String getConfigResources()
25      {
26          return "http-filter-test.xml";
27      }
28  
29      @Test
30      public void testAuthenticationFailureNoContext() throws Exception
31      {
32          HttpClient client = new HttpClient();
33          client.getParams().setAuthenticationPreemptive(true);
34          GetMethod get = new GetMethod("http://localhost:4567/index.html");
35  
36          get.setDoAuthentication(false);
37  
38          try
39          {
40              int status = client.executeMethod(get);
41              assertEquals(HttpConstants.SC_UNAUTHORIZED, status);
42              assertEquals(
43                      "Registered authentication is set to org.mule.module.acegi.filters.http.HttpBasicAuthenticationFilter "
44                      + "but there was no security context on the session. Authentication denied on endpoint "
45                      + "http://localhost:4567. Message payload is of type: String",
46                      get.getResponseBodyAsString());
47          }
48          finally
49          {
50              get.releaseConnection();
51          }
52      }
53  
54      @Test
55      public void testAuthenticationFailureBadCredentials() throws Exception
56      {
57          doRequest(null, "localhost", "anonX", "anonX", "http://localhost:4567/index.html", true, false, 401);
58      }
59  
60      @Test
61      public void testAuthenticationAuthorised() throws Exception
62      {
63          doRequest(null, "localhost", "anon", "anon", "http://localhost:4567/index.html", false, true, 200);
64      }
65  
66      @Test
67      public void testAuthenticationAuthorisedWithHandshake() throws Exception
68      {
69          doRequest(null, "localhost", "anon", "anon", "http://localhost:4567/index.html", true, false, 200);
70      }
71  
72      @Test
73      public void testAuthenticationAuthorisedWithHandshakeAndBadRealm() throws Exception
74      {
75          doRequest("blah", "localhost", "anon", "anon", "http://localhost:4567/index.html", true, false, 401);
76      }
77  
78      @Test
79      public void testAuthenticationAuthorisedWithHandshakeAndRealm() throws Exception
80      {
81          doRequest("mule-realm", "localhost", "ross", "ross", "http://localhost:4567/index.html", true, false,
82                    200);
83      }
84  
85      private void doRequest(String realm,
86                             String host,
87                             String user,
88                             String pass,
89                             String url,
90                             boolean handshake,
91                             boolean preemtive,
92                             int result) throws Exception
93      {
94          HttpClient client = new HttpClient();
95          client.getParams().setAuthenticationPreemptive(preemtive);
96          client.getState().setCredentials(new AuthScope(host, -1, realm),
97                                           new UsernamePasswordCredentials(user, pass));
98          GetMethod get = new GetMethod(url);
99          get.setDoAuthentication(handshake);
100 
101         try
102         {
103             int status = client.executeMethod(get);
104             assertEquals(result, status);
105         }
106         finally
107         {
108             get.releaseConnection();
109         }
110     }
111 
112 }