1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.spring.security;
12
13 import static org.junit.Assert.assertEquals;
14
15 import java.util.Arrays;
16 import java.util.Collection;
17
18 import org.apache.commons.httpclient.Credentials;
19 import org.apache.commons.httpclient.HttpClient;
20 import org.apache.commons.httpclient.HttpStatus;
21 import org.apache.commons.httpclient.UsernamePasswordCredentials;
22 import org.apache.commons.httpclient.auth.AuthScope;
23 import org.apache.commons.httpclient.methods.PostMethod;
24 import org.apache.commons.httpclient.methods.StringRequestEntity;
25 import org.junit.Test;
26 import org.junit.runners.Parameterized.Parameters;
27 import org.mule.tck.AbstractServiceAndFlowTestCase;
28
29 public class AuthenticationAgainstMultipleProvidersTestCase extends AbstractServiceAndFlowTestCase
30 {
31
32 public AuthenticationAgainstMultipleProvidersTestCase(ConfigVariant variant, String configResources)
33 {
34 super(variant, configResources);
35 }
36
37 @Parameters
38 public static Collection<Object[]> parameters()
39 {
40 return Arrays.asList(new Object[][]{{ConfigVariant.SERVICE, "mule-multiple-providers-config-service.xml"},
41 {ConfigVariant.FLOW, "mule-multiple-providers-config-flow.xml"}});
42 }
43
44 @Test
45 public void testProvider1() throws Exception
46 {
47 HttpClient httpClient = new HttpClient();
48 Credentials credentials = new UsernamePasswordCredentials("admin1", "admin1");
49 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
50 httpClient.getParams().setAuthenticationPreemptive(true);
51
52 PostMethod postMethod = new PostMethod("http://localhost:4445");
53 postMethod.setDoAuthentication(true);
54 postMethod.setRequestEntity(new StringRequestEntity("hello", "text/html", "UTF-8"));
55
56 assertEquals(HttpStatus.SC_OK, httpClient.executeMethod(postMethod));
57 assertEquals("hello", postMethod.getResponseBodyAsString());
58
59 credentials = new UsernamePasswordCredentials("asdf", "asdf");
60 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
61 assertEquals(HttpStatus.SC_UNAUTHORIZED, httpClient.executeMethod(postMethod));
62
63 credentials = new UsernamePasswordCredentials("admin2", "admin2");
64 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
65 assertEquals(HttpStatus.SC_UNAUTHORIZED, httpClient.executeMethod(postMethod));
66 }
67
68 @Test
69 public void testProvider2() throws Exception
70 {
71 HttpClient httpClient = new HttpClient();
72 Credentials credentials = new UsernamePasswordCredentials("admin2", "admin2");
73 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
74 httpClient.getParams().setAuthenticationPreemptive(true);
75
76 PostMethod postMethod = new PostMethod("http://localhost:4446");
77 postMethod.setDoAuthentication(true);
78 postMethod.setRequestEntity(new StringRequestEntity("hello", "text/html", "UTF-8"));
79
80 assertEquals(HttpStatus.SC_OK, httpClient.executeMethod(postMethod));
81 assertEquals("hello", postMethod.getResponseBodyAsString());
82
83 credentials = new UsernamePasswordCredentials("asdf", "asdf");
84 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
85 assertEquals(HttpStatus.SC_UNAUTHORIZED, httpClient.executeMethod(postMethod));
86
87 credentials = new UsernamePasswordCredentials("admin", "admin");
88 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
89 assertEquals(HttpStatus.SC_UNAUTHORIZED, httpClient.executeMethod(postMethod));
90 }
91
92 @Test
93 public void testMultipleProviders() throws Exception
94 {
95 HttpClient httpClient = new HttpClient();
96 Credentials credentials = new UsernamePasswordCredentials("admin1", "admin1");
97 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
98 httpClient.getParams().setAuthenticationPreemptive(true);
99
100 PostMethod postMethod = new PostMethod("http://localhost:4447");
101 postMethod.setDoAuthentication(true);
102 postMethod.setRequestEntity(new StringRequestEntity("hello", "text/html", "UTF-8"));
103
104 assertEquals(HttpStatus.SC_OK, httpClient.executeMethod(postMethod));
105 assertEquals("hello", postMethod.getResponseBodyAsString());
106
107 credentials = new UsernamePasswordCredentials("asdf", "asdf");
108 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
109 assertEquals(HttpStatus.SC_UNAUTHORIZED, httpClient.executeMethod(postMethod));
110
111 credentials = new UsernamePasswordCredentials("admin2", "admin2");
112 httpClient.getState().setCredentials(AuthScope.ANY, credentials);
113 assertEquals(HttpStatus.SC_OK, httpClient.executeMethod(postMethod));
114 assertEquals("hello", postMethod.getResponseBodyAsString());
115 }
116
117 }