1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.spring.security;
12
13 import org.mule.tck.junit4.FunctionalTestCase;
14 import org.mule.transport.http.HttpConstants;
15
16 import org.apache.commons.httpclient.HttpClient;
17 import org.apache.commons.httpclient.UsernamePasswordCredentials;
18 import org.apache.commons.httpclient.auth.AuthScope;
19 import org.apache.commons.httpclient.methods.GetMethod;
20 import org.junit.Test;
21
22 import static org.junit.Assert.assertEquals;
23
24 public class AuthorizationFilterTestCase extends FunctionalTestCase
25 {
26
27 @Override
28 protected String getConfigResources()
29 {
30 return "http-filter-test.xml";
31 }
32
33 @Test
34 public void testAuthenticatedButNotAuthorized() throws Exception
35 {
36 doRequest(null, "localhost", "anon", "anon", getUrl(), false, 405);
37 }
38
39 @Test
40 public void testAuthorized() throws Exception
41 {
42 doRequest(null, "localhost", "ross", "ross", getUrl(), false, 200);
43 }
44
45 protected String getUrl()
46 {
47 return "http://localhost:4567/authorize";
48 }
49
50 private void doRequest(String realm,
51 String host,
52 String user,
53 String pass,
54 String url,
55 boolean handshake,
56 int result) throws Exception
57 {
58 HttpClient client = new HttpClient();
59 client.getParams().setAuthenticationPreemptive(true);
60 client.getState().setCredentials(new AuthScope(host, -1, realm),
61 new UsernamePasswordCredentials(user, pass));
62 GetMethod get = new GetMethod(url);
63 get.setDoAuthentication(handshake);
64
65 try
66 {
67 int status = client.executeMethod(get);
68 if (status == HttpConstants.SC_UNAUTHORIZED && handshake == true)
69 {
70
71
72 status = client.executeMethod(get);
73 if (status == HttpConstants.SC_UNAUTHORIZED && handshake == true)
74 {
75
76
77 status = client.executeMethod(get);
78 }
79 }
80 assertEquals(result, status);
81 }
82 finally
83 {
84 get.releaseConnection();
85 }
86 }
87
88 }