Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-16 15:23:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Tests added to bring X509ProcessingFilter up to full coverage.

Browse Source
This commit is contained in:
Luke Taylor 2005-03-12 20:47:58 +00:00
parent c3c5487b93
commit 0a4fc1731a
1 changed files with 140 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

191
core/src/test/java/org/acegisecurity/ui/x509/X509ProcessingFilterTests.java
View File

@ -2,28 +2,31 @@ package net.sf.acegisecurity.ui.x509;
import junit.framework.TestCase; import junit.framework.TestCase;
//import org.mortbay.http.*;
//import org.mortbay.jetty.servlet.*;
import java.net.URL;
import java.io.IOException;
import java.security.cert.X509Certificate;
import net.sf.acegisecurity.*;
import net.sf.acegisecurity.context.security.SecureContext; import net.sf.acegisecurity.context.security.SecureContext;
import net.sf.acegisecurity.context.security.SecureContextUtils; import net.sf.acegisecurity.context.security.SecureContextUtils;
import net.sf.acegisecurity.context.security.SecureContextImpl; import net.sf.acegisecurity.context.security.SecureContextImpl;
import net.sf.acegisecurity.context.ContextHolder; import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.providers.x509.X509TestUtils; import net.sf.acegisecurity.providers.x509.X509TestUtils;
import net.sf.acegisecurity.ui.cas.CasProcessingFilter; import net.sf.acegisecurity.providers.x509.X509AuthenticationToken;
import net.sf.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpSession;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.AuthenticationManager;
import net.sf.acegisecurity.BadCredentialsException;
import net.sf.acegisecurity.MockAuthenticationManager;
import net.sf.acegisecurity.ui.AbstractProcessingFilter;
import net.sf.acegisecurity.util.MockFilterChain;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import java.security.cert.X509Certificate;
/** /**
* @author Luke * @author Luke Taylor
*/ */
public class X509ProcessingFilterTests extends TestCase { public class X509ProcessingFilterTests extends TestCase {
//~ Constructors =========================================================== //~ Constructors ===========================================================
@ -46,15 +49,55 @@ public class X509ProcessingFilterTests extends TestCase {
ContextHolder.setContext(null); ContextHolder.setContext(null);
} }
public void testNeedsAuthenticationManager() throws Exception {
X509ProcessingFilter filter = new X509ProcessingFilter();
try {
filter.afterPropertiesSet();
fail("Expected IllegalArgumentException");
} catch (IllegalArgumentException failed) {
// ignored
}
}
public void testDoFilterWithNonHttpServletRequestDetected()
throws Exception {
X509ProcessingFilter filter = new X509ProcessingFilter();
try {
filter.doFilter(null, new MockHttpServletResponse(),
new MockFilterChain(false));
fail("Should have thrown ServletException");
} catch (ServletException expected) {
assertEquals("Can only process HttpServletRequest",
expected.getMessage());
}
}
public void testDoFilterWithNonHttpServletResponseDetected()
throws Exception {
X509ProcessingFilter filter = new X509ProcessingFilter();
try {
filter.doFilter(new MockHttpServletRequest(null, null), null,
new MockFilterChain(false));
fail("Should have thrown ServletException");
} catch (ServletException expected) {
assertEquals("Can only process HttpServletResponse",
expected.getMessage());
}
}
public void testNormalOperation() throws Exception { public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null, new MockHttpSession()); MockHttpServletRequest request = new MockHttpServletRequest(null, new MockHttpSession());
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = new MockFilterChain(); FilterChain chain = new MockFilterChain(true);
request.setAttribute("javax.servlet.request.X509Certificate", request.setAttribute("javax.servlet.request.X509Certificate",
new X509Certificate[] {X509TestUtils.buildTestCertificate()}); new X509Certificate[] {X509TestUtils.buildTestCertificate()});
MockAuthenticationManager authMgr = new MockAuthenticationManager(true); AuthenticationManager authMgr = new MockX509AuthenticationManager();
ContextHolder.setContext(new SecureContextImpl()); ContextHolder.setContext(new SecureContextImpl());
@ -68,53 +111,99 @@ public class X509ProcessingFilterTests extends TestCase {
filter.afterPropertiesSet(); filter.afterPropertiesSet();
filter.init(null); filter.init(null);
filter.doFilter(request, response, chain); filter.doFilter(request, response, chain);
filter.destroy();
Authentication result = ctx.getAuthentication(); Authentication result = ctx.getAuthentication();
assertNotNull(result); assertNotNull(result);
} }
public void testFailedAuthentication() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null, new MockHttpSession());
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = new MockFilterChain(true);
request.setAttribute("javax.servlet.request.X509Certificate",
new X509Certificate[] {X509TestUtils.buildTestCertificate()});
AuthenticationManager authMgr = new MockAuthenticationManager(false);
ContextHolder.setContext(new SecureContextImpl());
SecureContext ctx = SecureContextUtils.getSecureContext();
ctx.setAuthentication(null);
X509ProcessingFilter filter = new X509ProcessingFilter();
filter.setAuthenticationManager(authMgr);
filter.afterPropertiesSet();
filter.init(null);
filter.doFilter(request, response, chain);
filter.destroy();
Authentication result = ctx.getAuthentication();
assertNull(result);
}
public void testWithNoCertificate() throws Exception {
MockHttpSession session = new MockHttpSession();
MockHttpServletRequest request = new MockHttpServletRequest(null, session);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = new MockFilterChain(true);
AuthenticationManager authMgr = new MockX509AuthenticationManager();
X509ProcessingFilter filter = new X509ProcessingFilter();
filter.setAuthenticationManager(authMgr);
ContextHolder.setContext(new SecureContextImpl());
filter.doFilter(request, response, chain);
SecureContext ctx = SecureContextUtils.getSecureContext();
assertNull("Authentication should be null", ctx.getAuthentication());
assertTrue("BadCredentialsException should have been thrown",
session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY) instanceof BadCredentialsException);
}
public void testWithExistingSecurityContext() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null, new MockHttpSession());
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = new MockFilterChain(true);
Authentication token = new AnonymousAuthenticationToken("dummy", "dummy",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")});
ContextHolder.setContext(new SecureContextImpl());
SecureContext ctx = SecureContextUtils.getSecureContext();
ctx.setAuthentication(token);
X509ProcessingFilter filter = new X509ProcessingFilter();
filter.doFilter(request, response, chain);
assertEquals("Existing token should be unchanged", token, ctx.getAuthentication());
}
//~ Inner Classes ========================================================== //~ Inner Classes ==========================================================
private class MockFilterChain implements FilterChain { private static class MockX509AuthenticationManager implements AuthenticationManager {
public void doFilter(ServletRequest arg0, ServletResponse arg1)
throws IOException, ServletException { public Authentication authenticate(Authentication a) {
// do nothing. if(!(a instanceof X509AuthenticationToken)) {
TestCase.fail("Needed an X509Authentication token but found " + a);
}
if(a.getCredentials() == null) {
throw new BadCredentialsException("Mock authentication manager rejecting null certificate");
}
return a;
} }
} }
// public void testFilterIntegration() throws Exception {
//
// // set up server.
// HttpServer server = new HttpServer();
// try {
// SunJsseListener listener = new SunJsseListener();
// listener.setNeedClientAuth(true);
// listener.setPort(9443);
//// listener.setKeystore();
//
// server.addListener(listener);
//
// // map servlet.
// HttpContext context = server.getContext("/");
//
//// ServletHandler handler = new ServletHandler();
//// handler.addServlet("MyServlet", "/myServlet", MyServlet.class.getName());
//// context.addHandler(handler);
//
// // start server.
// server.start();
//
// // test client code against url.
// URL url = new URL("http://localhost:" + 9443 + "/myServlet");
//
//
//
// }
// finally {
// server.stop();
// }
// }
} }