View Javadoc

1   /*
2    * $Id: HttpBasicAuthenticationFilterTestCase.java 22387 2011-07-12 03:53:36Z dirk.olmes $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  package org.mule.module.spring.security.filters.http;
11  
12  import org.mule.RequestContext;
13  import org.mule.api.MuleEvent;
14  import org.mule.api.MuleMessage;
15  import org.mule.api.security.Authentication;
16  import org.mule.api.security.SecurityManager;
17  import org.mule.api.security.UnauthorisedException;
18  import org.mule.api.transport.PropertyScope;
19  import org.mule.tck.junit4.AbstractMuleContextTestCase;
20  import org.mule.transport.http.HttpConstants;
21  import org.mule.transport.http.filters.HttpBasicAuthenticationFilter;
22  
23  import org.junit.Test;
24  
25  import static org.junit.Assert.assertEquals;
26  import static org.junit.Assert.assertNotNull;
27  import static org.junit.Assert.fail;
28  import static org.mockito.Matchers.anyObject;
29  import static org.mockito.Mockito.doThrow;
30  import static org.mockito.Mockito.mock;
31  import static org.mockito.Mockito.verify;
32  
33  public class HttpBasicAuthenticationFilterTestCase extends AbstractMuleContextTestCase
34  {
35  
36      @Test
37      public void testAuthenticationHeaderFailure() throws Exception
38      {
39          MuleEvent oldEvent = RequestContext.getEvent();
40  
41          MuleEvent event = this.getTestEvent("a");
42          MuleMessage message = event.getMessage();
43          message.setProperty(HttpConstants.HEADER_AUTHORIZATION, "Basic a", PropertyScope.INBOUND);
44          RequestContext.setEvent(event);
45  
46          HttpBasicAuthenticationFilter filter = new HttpBasicAuthenticationFilter();
47  
48          SecurityManager manager = mock(SecurityManager.class);
49          filter.setSecurityManager(manager);
50  
51          doThrow(new UnauthorisedException(null, (MuleEvent) null)).when(manager).authenticate(
52              (Authentication) anyObject());
53  
54          try
55          {
56              filter.authenticateInbound(event);
57              fail("An UnauthorisedException should be thrown");
58          }
59          catch (UnauthorisedException e)
60          {
61              assertNotNull(event.getMessage().getProperty("WWW-Authenticate"));
62              assertEquals("Basic realm=", event.getMessage().getProperty("WWW-Authenticate"));
63              verify(manager);
64          }
65          RequestContext.setEvent(oldEvent);
66      }
67  }