Google Git
Sign in
eclipse / gerrit / jetty / org.eclipse.jetty.project / 6306f06e2f877b165452b32a719331ad52d682e2 / . / jetty-jaspi / src / test / java / org / eclipse / jetty / security / jaspi / JaspiTest.java
blob: 892d3ffe92fde2ec783dcad6853ccfecd4f203a0 [file] [log] [blame]
//
// ========================================================================
// Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.security.jaspi;
import static org.hamcrest.Matchers.startsWith;
import static org.junit.Assert.assertThat;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.server.LocalConnector;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.util.B64Code;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Password;
import org.hamcrest.Matchers;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
public class JaspiTest
{
Server _server;
LocalConnector _connector;
@Before
public void before() throws Exception
{
System.setProperty("org.apache.geronimo.jaspic.configurationFile","src/test/resources/jaspi.xml");
_server = new Server();
_connector = new LocalConnector(_server);
_server.addConnector(_connector);
ContextHandlerCollection contexts = new ContextHandlerCollection();
_server.setHandler(contexts);
HashLoginService loginService = new HashLoginService("TestRealm");
loginService.putUser("user",new Password("password"),new String[]{"users"});
loginService.putUser("admin",new Password("secret"),new String[]{"users","admins"});
_server.addBean(loginService);
ContextHandler context = new ContextHandler();
contexts.addHandler(context);
context.setContextPath("/ctx");
JaspiAuthenticatorFactory jaspiAuthFactory = new JaspiAuthenticatorFactory();
ConstraintSecurityHandler security = new ConstraintSecurityHandler();
context.setHandler(security);
security.setAuthenticatorFactory(jaspiAuthFactory);
// security.setAuthenticator(new BasicAuthenticator());
Constraint constraint = new Constraint("All","users");
constraint.setAuthenticate(true);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setPathSpec("/jaspi/*");
mapping.setConstraint(constraint);
security.addConstraintMapping(mapping);
TestHandler handler = new TestHandler();
security.setHandler(handler);
ContextHandler other = new ContextHandler();
contexts.addHandler(other);
other.setContextPath("/other");
ConstraintSecurityHandler securityOther = new ConstraintSecurityHandler();
other.setHandler(securityOther);
securityOther.setAuthenticatorFactory(jaspiAuthFactory);
securityOther.addConstraintMapping(mapping);
securityOther.setHandler(new TestHandler());
_server.start();
}
@After
public void after() throws Exception
{
_server.stop();
}
@Test
public void testNoConstraint() throws Exception
{
String response = _connector.getResponses("GET /ctx/test HTTP/1.0\n\n");
assertThat(response,startsWith("HTTP/1.1 200 OK"));
}
@Test
public void testConstraintNoAuth() throws Exception
{
String response = _connector.getResponses("GET /ctx/jaspi/test HTTP/1.0\n\n");
assertThat(response,startsWith("HTTP/1.1 401 Unauthorized"));
assertThat(response,Matchers.containsString("WWW-Authenticate: basic realm=\"TestRealm\""));
}
@Test
public void testConstraintWrongAuth() throws Exception
{
String response = _connector.getResponses("GET /ctx/jaspi/test HTTP/1.0\n"+
"Authorization: Basic " + B64Code.encode("user:wrong") + "\n\n");
assertThat(response,startsWith("HTTP/1.1 401 Unauthorized"));
assertThat(response,Matchers.containsString("WWW-Authenticate: basic realm=\"TestRealm\""));
}
@Test
public void testConstraintAuth() throws Exception
{
String response = _connector.getResponses("GET /ctx/jaspi/test HTTP/1.0\n"+
"Authorization: Basic " + B64Code.encode("user:password") + "\n\n");
assertThat(response,startsWith("HTTP/1.1 200 OK"));
}
@Test
public void testOtherNoAuth() throws Exception
{
String response = _connector.getResponses("GET /other/test HTTP/1.0\n\n");
assertThat(response,startsWith("HTTP/1.1 403 Forbidden"));
}
@Test
public void testOtherAuth() throws Exception
{
String response = _connector.getResponses("GET /other/test HTTP/1.0\n"+
"X-Forwarded-User: user\n\n");
assertThat(response,startsWith("HTTP/1.1 200 OK"));
}
public class TestHandler extends AbstractHandler
{
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.setStatus(200);
response.setContentType("text/plain");
response.getWriter().println("All OK");
response.getWriter().println("requestURI="+request.getRequestURI());
}
}
}