Apache
/
maven
mirror of https://github.com/apache/maven.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[MNG-4235] Maven 2.2.0 produces invalid checksums during deployment to secured HTTP repo 

o Added (disabled) IT

git-svn-id: https://svn.apache.org/repos/asf/maven/core-integration-testing/trunk@793420 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Benjamin Bentmann 2009-07-12 22:23:13 +00:00
parent 9577a20721
commit c582559005
5 changed files with 333 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
its/core-it-suite/src/test/java/org/apache/maven/it/IntegrationTestSuite.java
View File

@ -91,6 +91,7 @@ public class IntegrationTestSuite
// suite.addTestSuite( MavenIT0109ReleaseUpdateTest.class ); // suite.addTestSuite( MavenIT0109ReleaseUpdateTest.class );
// suite.addTestSuite( MavenIT0108SnapshotUpdateTest.class ); -- MNG-3137 // suite.addTestSuite( MavenIT0108SnapshotUpdateTest.class ); -- MNG-3137
//suite.addTestSuite( MavenITmng4235HttpAuthDeploymentChecksumsTest.class );
suite.addTestSuite( MavenITmng4231SnapshotUpdatePolicyTest.class ); suite.addTestSuite( MavenITmng4231SnapshotUpdatePolicyTest.class );
suite.addTestSuite( MavenITmng4214MirroredParentSearchReposTest.class ); suite.addTestSuite( MavenITmng4214MirroredParentSearchReposTest.class );
suite.addTestSuite( MavenITmng4208InterpolationPrefersCliOverProjectPropsTest.class ); suite.addTestSuite( MavenITmng4208InterpolationPrefersCliOverProjectPropsTest.class );

236
its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4235HttpAuthDeploymentChecksumsTest.java Normal file
View File

@ -0,0 +1,236 @@
package org.apache.maven.it;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.DigestInputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Properties;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.maven.it.Verifier;
import org.apache.maven.it.util.ResourceExtractor;
import org.mortbay.jetty.HttpMethods;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Server;
import org.mortbay.jetty.handler.DefaultHandler;
import org.mortbay.jetty.handler.HandlerList;
import org.mortbay.jetty.handler.ResourceHandler;
import org.mortbay.jetty.security.Constraint;
import org.mortbay.jetty.security.ConstraintMapping;
import org.mortbay.jetty.security.HashUserRealm;
import org.mortbay.jetty.security.SecurityHandler;
import org.mortbay.resource.Resource;
import org.mortbay.util.IO;
/**
* This is a test set for <a href="http://jira.codehaus.org/browse/MNG-4235">MNG-4235</a>.
*
* @author Benjamin Bentmann
* @version $Id$
*/
public class MavenITmng4235HttpAuthDeploymentChecksumsTest
extends AbstractMavenIntegrationTestCase
{
private File testDir;
private Server server;
private int port;
public MavenITmng4235HttpAuthDeploymentChecksumsTest()
{
super( "[2.0.5,2.2.0),(2.2.0,)" );
}
public void setUp()
throws Exception
{
super.setUp();
testDir = ResourceExtractor.simpleExtractResources( getClass(), "/mng-4235" );
ResourceHandler repoHandler = new ResourceHandler()
{
public void handle( String target, HttpServletRequest request, HttpServletResponse response, int dispatch )
throws IOException, ServletException
{
System.out.println( request.getMethod() + " " + request.getRequestURI() );
if ( HttpMethods.PUT.equals( request.getMethod() ) )
{
Resource resource = getResource( request );
resource.getFile().getParentFile().mkdirs();
OutputStream os = resource.getOutputStream();
try
{
IO.copy( request.getInputStream(), os );
}
finally
{
os.close();
}
response.setStatus( HttpServletResponse.SC_NO_CONTENT );
( (Request) request ).setHandled( true );
}
else
{
super.handle( target, request, response, dispatch );
}
}
};
repoHandler.setResourceBase( testDir.getAbsolutePath() );
Constraint constraint = new Constraint();
constraint.setName( Constraint.__BASIC_AUTH );
constraint.setRoles( new String[] { "deployer" } );
constraint.setAuthenticate( true );
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setConstraint( constraint );
constraintMapping.setPathSpec( "/*" );
HashUserRealm userRealm = new HashUserRealm( "TestRealm" );
userRealm.put( "testuser", "testpass" );
userRealm.addUserToRole( "testuser", "deployer" );
SecurityHandler securityHandler = new SecurityHandler();
securityHandler.setUserRealm( userRealm );
securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
HandlerList handlerList = new HandlerList();
handlerList.addHandler( securityHandler );
handlerList.addHandler( repoHandler );
handlerList.addHandler( new DefaultHandler() );
server = new Server( 0 );
server.setHandler( handlerList );
server.start();
port = server.getConnectors()[0].getLocalPort();
}
protected void tearDown()
throws Exception
{
if ( server != null )
{
server.stop();
server = null;
}
super.tearDown();
}
/**
* Test the creation of proper checksums during deployment to a secured HTTP repo. The pitfall with HTTP auth is
* that it might require double submission of the data, first during an initial PUT without credentials and second
* during a retried PUT with credentials in response to the auth challenge by the server. The checksum must
* nevertheless only be calculated on the non-doubled data stream.
*/
public void testit()
throws Exception
{
Properties filterProps = new Properties();
filterProps.setProperty( "@port@", Integer.toString( port ) );
Verifier verifier = new Verifier( testDir.getAbsolutePath() );
verifier.filterFile( "pom-template.xml", "pom.xml", "UTF-8", filterProps );
verifier.setAutoclean( false );
verifier.deleteArtifacts( "org.apache.maven.its.mng4235" );
verifier.deleteDirectory( "repo" );
verifier.getCliOptions().add( "--settings" );
verifier.getCliOptions().add( "settings.xml" );
verifier.executeGoal( "validate" );
verifier.verifyErrorFreeLog();
verifier.resetStreams();
assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.jar", ".sha1", "SHA-1" );
assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.jar", ".md5", "MD5" );
assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.pom", ".sha1", "SHA-1" );
assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/0.1/test-0.1.pom", ".md5", "MD5" );
assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/maven-metadata.xml", ".sha1", "SHA-1" );
assertHash( verifier, "repo/org/apache/maven/its/mng4235/test/maven-metadata.xml", ".md5", "MD5" );
}
private void assertHash( Verifier verifier, String dataFile, String hashExt, String algo )
throws Exception
{
String actualHash = calcHash( new File( verifier.getBasedir(), dataFile ), algo );
String expectedHash = verifier.loadLines( dataFile + hashExt, "UTF-8" ).get( 0 ).toString().trim();
assertTrue( "expected=" + expectedHash + ", actual=" + actualHash, expectedHash.equalsIgnoreCase( actualHash ) );
}
private String calcHash( File file, String algo )
throws IOException, NoSuchAlgorithmException
{
MessageDigest digester = MessageDigest.getInstance( algo );
FileInputStream is = new FileInputStream( file );
try
{
DigestInputStream dis = new DigestInputStream( is, digester );
for ( byte[] buffer = new byte[1024 * 4]; dis.read( buffer ) >= 0; )
{
// just read it
}
}
finally
{
is.close();
}
byte[] digest = digester.digest();
StringBuffer hash = new StringBuffer( digest.length * 2 );
for ( int i = 0; i < digest.length; i++ )
{
int b = digest[i] & 0xFF;
if ( b < 0x10 )
{
hash.append( '0' );
}
hash.append( Integer.toHexString( b ) );
}
return hash.toString();
}
}

BIN
its/core-it-suite/src/test/resources/mng-4235/main.jar Normal file
View File

Binary file not shown.

66
its/core-it-suite/src/test/resources/mng-4235/pom-template.xml Normal file
View File

@ -0,0 +1,66 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.maven.its.mng4235</groupId>
<artifactId>test</artifactId>
<version>0.1</version>
<name>Maven Integration Test :: MNG-4235</name>
<description>
Test the creation of proper checksums during deployment to a secured HTTP repo. The pitfall with HTTP auth is
that it might require double submission of the data, first during an initial PUT without credentials and second
during a retried PUT with credentials in response to the auth challenge by the server. The checksum must
nevertheless only be calculated on the non-doubled data stream.
</description>
<distributionManagement>
<repository>
<id>maven-core-it</id>
<url>http://localhost:@port@/repo</url>
</repository>
</distributionManagement>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.its.plugins</groupId>
<artifactId>maven-it-plugin-artifact</artifactId>
<version>2.1-SNAPSHOT</version>
<configuration>
<mainFile>main.jar</mainFile>
</configuration>
<executions>
<execution>
<phase>validate</phase>
<goals>
<goal>set</goal>
<goal>attach-pom</goal>
<goal>deploy</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

30
its/core-it-suite/src/test/resources/mng-4235/settings.xml Normal file
View File

@ -0,0 +1,30 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<settings>
<servers>
<server>
<id>maven-core-it</id>
<username>testuser</username>
<password>testpass</password>
</server>
</servers>
</settings>