Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactoring to use Spring mock web classes.

This commit is contained in:
Luke Taylor 2005-04-11 01:07:04 +00:00
parent 9723ac61c6
commit 3d4f8eed31
34 changed files with 464 additions and 1167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

376
core/src/test/java/org/acegisecurity/MockHttpServletRequest.java
View File

@ -1,376 +0,0 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package net.sf.acegisecurity;
import org.springframework.mock.web.MockHttpSession;
import java.io.BufferedReader;
import java.io.IOException;
import java.security.Principal;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletInputStream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
/**
* Mocks a <code>HttpServletRequest</code> and provides the
* <code>getUserPrincipal()</code>, <code>getContextPath()</code>,
* <code>getServletPath()</code> and <code>getSession()</code> methods.
*
* <P>
* Also provides a convenience <code>Map</code> for storing request parameters.
* </p>
*
* @author Ben Alex
* @author colin sampaleanu
* @version $Id$
*/
public class MockHttpServletRequest implements HttpServletRequest {
//~ Instance fields ========================================================
private HttpSession session = new MockHttpSession();
private Map attribMap = new HashMap();
private Map cookiesMap = new HashMap();
private Map headersMap = new HashMap();
private Map paramMap = new HashMap();
private Principal principal;
private String contextPath = "";
private String pathInfo; // null for no extra path
private String queryString = null;
private String requestURL;
private String scheme;
private String serverName;
private String servletPath;
private int serverPort;
//~ Constructors ===========================================================
public MockHttpServletRequest(Principal principal, HttpSession session) {
this.principal = principal;
this.session = session;
}
public MockHttpServletRequest(String queryString) {
this.queryString = queryString;
}
public MockHttpServletRequest(Map headers, HttpSession session,
String queryString, Cookie[] cookies) {
this.queryString = queryString;
this.headersMap = headers;
this.session = session;
for (int i = 0; i < cookies.length; i++) {
cookiesMap.put(cookies[i].getName(), cookies[i]);
}
}
public MockHttpServletRequest(Map headers, Principal principal,
HttpSession session) {
this.headersMap = headers;
this.principal = principal;
this.session = session;
}
private MockHttpServletRequest() {
super();
}
//~ Methods ================================================================
public void setAttribute(String arg0, Object arg1) {
this.attribMap.put(arg0, arg1);
}
public Object getAttribute(String arg0) {
return this.attribMap.get(arg0);
}
public Enumeration getAttributeNames() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getAuthType() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setCharacterEncoding(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getCharacterEncoding() {
throw new UnsupportedOperationException("mock method not implemented");
}
public int getContentLength() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getContentType() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setContextPath(String contextPath) {
this.contextPath = contextPath;
}
public String getContextPath() {
return contextPath;
}
public Cookie[] getCookies() {
return (Cookie[]) cookiesMap.values().toArray(new Cookie[] {});
}
public long getDateHeader(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getHeader(String arg0) {
Object result = headersMap.get(arg0);
if (result != null) {
return (String) headersMap.get(arg0);
} else {
return null;
}
}
public Enumeration getHeaderNames() {
throw new UnsupportedOperationException("mock method not implemented");
}
public Enumeration getHeaders(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public ServletInputStream getInputStream() throws IOException {
throw new UnsupportedOperationException("mock method not implemented");
}
public int getIntHeader(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getLocalAddr() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getLocalName() {
throw new UnsupportedOperationException("mock method not implemented");
}
public int getLocalPort() {
throw new UnsupportedOperationException("mock method not implemented");
}
public Locale getLocale() {
throw new UnsupportedOperationException("mock method not implemented");
}
public Enumeration getLocales() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getMethod() {
return "GET";
}
public void setParameter(String arg0, String value) {
paramMap.put(arg0, value);
}
public String getParameter(String arg0) {
Object result = paramMap.get(arg0);
if (result != null) {
return (String) paramMap.get(arg0);
} else {
return null;
}
}
public Map getParameterMap() {
throw new UnsupportedOperationException("mock method not implemented");
}
public Enumeration getParameterNames() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String[] getParameterValues(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setPathInfo(String pathInfo) {
this.pathInfo = pathInfo;
}
public String getPathInfo() {
return pathInfo;
}
public String getPathTranslated() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getProtocol() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getQueryString() {
return this.queryString;
}
public BufferedReader getReader() throws IOException {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getRealPath(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getRemoteAddr() {
return "127.0.0.1";
}
public String getRemoteHost() {
throw new UnsupportedOperationException("mock method not implemented");
}
public int getRemotePort() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getRemoteUser() {
throw new UnsupportedOperationException("mock method not implemented");
}
public RequestDispatcher getRequestDispatcher(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getRequestURI() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setRequestURL(String requestURL) {
this.requestURL = requestURL;
}
public StringBuffer getRequestURL() {
return new StringBuffer(requestURL);
}
public String getRequestedSessionId() {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean isRequestedSessionIdFromCookie() {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean isRequestedSessionIdFromURL() {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean isRequestedSessionIdFromUrl() {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean isRequestedSessionIdValid() {
return true;
}
public void setScheme(String scheme) {
this.scheme = scheme;
}
public String getScheme() {
return scheme;
}
public boolean isSecure() {
if ("https".equals(scheme)) {
return true;
} else {
return false;
}
}
public void setServerName(String serverName) {
this.serverName = serverName;
}
public String getServerName() {
return serverName;
}
public void setServerPort(int serverPort) {
this.serverPort = serverPort;
}
public int getServerPort() {
return serverPort;
}
public void setServletPath(String servletPath) {
this.servletPath = servletPath;
}
public String getServletPath() {
return this.servletPath;
}
public HttpSession getSession(boolean arg0) {
if (arg0) {
if (this.session == null) {
this.session = new MockHttpSession();
}
}
return this.session;
}
public HttpSession getSession() {
if (this.session == null) {
this.session = new MockHttpSession();
}
return this.session;
}
public boolean isUserInRole(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public Principal getUserPrincipal() {
return this.principal;
}
public void removeAttribute(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
}

206
core/src/test/java/org/acegisecurity/MockHttpServletResponse.java
View File

@ -1,206 +0,0 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package net.sf.acegisecurity;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
/**
* Mocks a <code>HttpServletResponse</code>, recording the
* <code>sendRedirect</code> URL and <code>sendError</code> code.
*
* @author Ben Alex
* @version $Id$
*/
public class MockHttpServletResponse implements HttpServletResponse {
//~ Instance fields ========================================================
private Map cookiesMap = new HashMap();
private Map headersMap = new HashMap();
private String errorMessage;
private String redirect;
private int error;
//~ Methods ================================================================
public void setBufferSize(int arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public int getBufferSize() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setCharacterEncoding(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getCharacterEncoding() {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean isCommitted() {
if (redirect == null) {
return false;
} else {
return true;
}
}
public void setContentLength(int arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setContentType(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getContentType() {
throw new UnsupportedOperationException("mock method not implemented");
}
public Cookie getCookieByName(String name) {
return (Cookie) cookiesMap.get(name);
}
public void setDateHeader(String arg0, long arg1) {
throw new UnsupportedOperationException("mock method not implemented");
}
public int getError() {
return this.error;
}
public String getErrorMessage() {
return this.errorMessage;
}
public void setHeader(String arg0, String arg1) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getHeader(String arg0) {
Object result = headersMap.get(arg0);
if (result != null) {
return (String) headersMap.get(arg0);
} else {
return null;
}
}
public void setIntHeader(String arg0, int arg1) {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setLocale(Locale arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public Locale getLocale() {
throw new UnsupportedOperationException("mock method not implemented");
}
public ServletOutputStream getOutputStream() throws IOException {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getRedirect() {
return redirect;
}
public void setStatus(int arg0, String arg1) {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setStatus(int arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public PrintWriter getWriter() throws IOException {
throw new UnsupportedOperationException("mock method not implemented");
}
public void addCookie(Cookie arg0) {
cookiesMap.put(arg0.getName(), arg0);
}
public void addDateHeader(String arg0, long arg1) {
throw new UnsupportedOperationException("mock method not implemented");
}
public void addHeader(String arg0, String arg1) {
headersMap.put(arg0, arg1);
}
public void addIntHeader(String arg0, int arg1) {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean containsHeader(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String encodeRedirectURL(String arg0) {
return arg0;
}
public String encodeRedirectUrl(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String encodeURL(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String encodeUrl(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public void flushBuffer() throws IOException {
throw new UnsupportedOperationException("mock method not implemented");
}
public void reset() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void resetBuffer() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void sendError(int arg0, String arg1) throws IOException {
this.error = arg0;
this.errorMessage = arg1;
}
public void sendError(int arg0) throws IOException {
this.error = arg0;
}
public void sendRedirect(String arg0) throws IOException {
this.redirect = arg0;
}
}

122
core/src/test/java/org/acegisecurity/MockHttpSession.java
View File

@ -1,122 +0,0 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package net.sf.acegisecurity;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionContext;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
/**
* Mocks a <code>HttpSession</code> and provides the
* <code>getAttribute()</code> and <code>setAttribute()</code> methods.
*
* @author Ben Alex
* @version $Id$
*/
public class MockHttpSession implements HttpSession {
//~ Instance fields ========================================================
private Map map = new HashMap();
private String sessionId = "3984594856968";
/**
* Default constructor using default sessionId
*/
public MockHttpSession() {
}
/**
* Constructor for using a specified sessionId
* @param sessionId
*/
public MockHttpSession(String sessionId) {
this.sessionId = sessionId;
}
//~ Methods ================================================================
public void setAttribute(String arg0, Object arg1) {
map.put(arg0, arg1);
}
public Object getAttribute(String arg0) {
return map.get(arg0);
}
public Enumeration getAttributeNames() {
throw new UnsupportedOperationException("mock method not implemented");
}
public long getCreationTime() {
throw new UnsupportedOperationException("mock method not implemented");
}
public String getId() {
return sessionId;
}
public long getLastAccessedTime() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void setMaxInactiveInterval(int arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public int getMaxInactiveInterval() {
throw new UnsupportedOperationException("mock method not implemented");
}
public boolean isNew() {
throw new UnsupportedOperationException("mock method not implemented");
}
public ServletContext getServletContext() {
throw new UnsupportedOperationException("mock method not implemented");
}
public HttpSessionContext getSessionContext() {
throw new UnsupportedOperationException("mock method not implemented");
}
public Object getValue(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
public String[] getValueNames() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void invalidate() {
throw new UnsupportedOperationException("mock method not implemented");
}
public void putValue(String arg0, Object arg1) {
throw new UnsupportedOperationException("mock method not implemented");
}
public void removeAttribute(String arg0) {
map.remove(arg0);
}
public void removeValue(String arg0) {
throw new UnsupportedOperationException("mock method not implemented");
}
}

10
core/src/test/java/org/acegisecurity/adapters/HttpRequestIntegrationFilterTests.java
View File

@ -19,12 +19,12 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContextImpl;
import net.sf.acegisecurity.context.security.SecureContextUtils;
import net.sf.acegisecurity.util.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
@ -56,8 +56,8 @@ public class HttpRequestIntegrationFilterTests extends TestCase {
"someone", "password",
new GrantedAuthority[] {new GrantedAuthorityImpl("SOME_ROLE")});
MockHttpServletRequest request = new MockHttpServletRequest(principal,
null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setUserPrincipal(principal);
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain(true);
@ -86,7 +86,7 @@ public class HttpRequestIntegrationFilterTests extends TestCase {
public void testHandlesIfThereIsNoPrincipal() throws Exception {
HttpRequestIntegrationFilter filter = new HttpRequestIntegrationFilter();
MockHttpServletRequest request = new MockHttpServletRequest("foo");
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain(true);

35
core/src/test/java/org/acegisecurity/context/HttpSessionContextIntegrationFilterTests.java
View File

@ -21,9 +21,6 @@ import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.MockFilterConfig;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockHttpSession;
import net.sf.acegisecurity.adapters.PrincipalAcegiUserToken;
import net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter;
import net.sf.acegisecurity.context.security.SecureContext;
@ -39,6 +36,10 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link HttpSessionContextIntegrationFilter}.
@ -100,12 +101,11 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
sc.setAuthentication(sessionPrincipal);
// Build a mock request
MockHttpSession session = new MockHttpSession();
session.setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
sc);
MockHttpServletRequest request = new MockHttpServletRequest(null,
session);
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = new MockFilterChain(sessionPrincipal,
updatedPrincipal);
@ -120,7 +120,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
request, response, chain);
// Obtain new/update Authentication from HttpSession
Context context = (Context) session.getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
Context context = (Context) request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
assertEquals(updatedPrincipal,
((SecureContext) context).getAuthentication());
}
@ -133,9 +133,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
new GrantedAuthority[] {new GrantedAuthorityImpl("SOME_DIFFERENT_ROLE")});
// Build a mock request
MockHttpSession session = null;
MockHttpServletRequest request = new MockHttpServletRequest(null,
session);
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = new MockFilterChain(null, updatedPrincipal);
@ -149,9 +147,8 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
request, response, chain);
// Obtain new/update Authentication from HttpSession
Context context = (Context) request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
assertEquals(updatedPrincipal,
((SecureContext) context).getAuthentication());
Context context = (Context) request.getSession(false).getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
assertEquals(updatedPrincipal, ((SecureContext) context).getAuthentication());
}
public void testHttpSessionNotCreatedUnlessContextHolderChanges()
@ -182,12 +179,10 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
new GrantedAuthority[] {new GrantedAuthorityImpl("SOME_DIFFERENT_ROLE")});
// Build a mock request
MockHttpSession session = new MockHttpSession();
session.setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
"NOT_A_CONTEXT_OBJECT");
MockHttpServletRequest request = new MockHttpServletRequest(null,
session);
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
"NOT_A_CONTEXT_OBJECT");
MockHttpServletResponse response = new MockHttpServletResponse();
FilterChain chain = new MockFilterChain(null, updatedPrincipal);
@ -201,7 +196,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
request, response, chain);
// Obtain new/update Authentication from HttpSession
Context context = (Context) session.getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
Context context = (Context) request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
assertEquals(updatedPrincipal,
((SecureContext) context).getAuthentication());
}

8
core/src/test/java/org/acegisecurity/intercept/web/AbstractFilterInvocationDefinitionSourceTests.java
View File

@ -17,8 +17,8 @@ package net.sf.acegisecurity.intercept.web;
import junit.framework.TestCase;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import java.io.IOException;
@ -27,6 +27,10 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link AbstractFilterInvocationDefinitionSource}.

7
core/src/test/java/org/acegisecurity/intercept/web/FilterInvocationDefinitionSourceEditorTests.java
View File

@ -19,12 +19,15 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.MockFilterChain;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.SecurityConfig;
import java.util.Iterator;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link FilterInvocationDefinitionSourceEditor} and its associated

7
core/src/test/java/org/acegisecurity/intercept/web/FilterInvocationDefinitionSourceEditorWithPathsTests.java
View File

@ -19,12 +19,15 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.MockFilterChain;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.SecurityConfig;
import java.util.Iterator;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link FilterInvocationDefinitionSourceEditor} and its associated

15
core/src/test/java/org/acegisecurity/intercept/web/FilterInvocationTests.java
View File

@ -18,8 +18,6 @@ package net.sf.acegisecurity.intercept.web;
import junit.framework.TestCase;
import net.sf.acegisecurity.MockFilterChain;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
@ -36,6 +34,9 @@ import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link FilterInvocation}.
@ -73,8 +74,7 @@ public class FilterInvocationTests extends TestCase {
request.setScheme("http");
request.setServerPort(80);
request.setContextPath("/mycontext");
request.setRequestURL(
"http://www.example.com/mycontext/HelloWorld/some/more/segments.html");
request.setRequestURI("/mycontext/HelloWorld/some/more/segments.html");
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain();
@ -165,13 +165,14 @@ public class FilterInvocationTests extends TestCase {
}
public void testStringMethodsWithAQueryString() {
MockHttpServletRequest request = new MockHttpServletRequest("foo=bar");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("foo=bar");
request.setServletPath("/HelloWorld");
request.setServerName("www.example.com");
request.setScheme("http");
request.setServerPort(80);
request.setContextPath("/mycontext");
request.setRequestURL("http://www.example.com/mycontext/HelloWorld");
request.setRequestURI("/mycontext/HelloWorld");
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain();
@ -189,7 +190,7 @@ public class FilterInvocationTests extends TestCase {
request.setScheme("http");
request.setServerPort(80);
request.setContextPath("/mycontext");
request.setRequestURL("http://www.example.com/mycontext/HelloWorld");
request.setRequestURI("/mycontext/HelloWorld");
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain();

12
core/src/test/java/org/acegisecurity/intercept/web/FilterSecurityInterceptorTests.java
View File

@ -27,9 +27,6 @@ import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.MockAccessDecisionManager;
import net.sf.acegisecurity.MockApplicationContext;
import net.sf.acegisecurity.MockAuthenticationManager;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockHttpSession;
import net.sf.acegisecurity.MockRunAsManager;
import net.sf.acegisecurity.RunAsManager;
import net.sf.acegisecurity.SecurityConfig;
@ -47,6 +44,9 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
/**
* Tests {@link FilterSecurityInterceptor}.
@ -163,8 +163,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
// Setup our HTTPS request and response
MockHttpServletResponse response = new MockHttpServletResponse();
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
request.setScheme("https");
request.setServerPort(443);
@ -226,8 +225,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
// Setup our HTTP request and response
MockHttpServletResponse response = new MockHttpServletResponse();
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
// Setup a Context

19
core/src/test/java/org/acegisecurity/intercept/web/PathBasedFilterDefinitionMapTests.java
View File

@ -19,10 +19,13 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.MockFilterChain;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.SecurityConfig;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests parts of {@link PathBasedFilterInvocationDefinitionMap} not tested by
@ -73,7 +76,9 @@ public class PathBasedFilterDefinitionMapTests extends TestCase {
map.addSecureUrl("/secure/super/**", def);
// Build a HTTP request
MockHttpServletRequest req = new MockHttpServletRequest(null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI(null);
MockHttpServletRequest req = request;
req.setServletPath("/SeCuRE/super/somefile.html");
FilterInvocation fi = new FilterInvocation(req,
@ -93,7 +98,9 @@ public class PathBasedFilterDefinitionMapTests extends TestCase {
map.addSecureUrl("/secure/super/**", def);
// Build a HTTP request
MockHttpServletRequest req = new MockHttpServletRequest(null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI(null);
MockHttpServletRequest req = request;
req.setServletPath("/SeCuRE/super/somefile.html");
FilterInvocation fi = new FilterInvocation(req,
@ -113,7 +120,9 @@ public class PathBasedFilterDefinitionMapTests extends TestCase {
map.addSecureUrl("/secure/super/**", def);
// Build a HTTP request
MockHttpServletRequest req = new MockHttpServletRequest(null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI(null);
MockHttpServletRequest req = request;
req.setServletPath("/secure/super/somefile.html");
FilterInvocation fi = new FilterInvocation(req,

19
core/src/test/java/org/acegisecurity/intercept/web/RegExpBasedFilterDefinitionMapTests.java
View File

@ -19,10 +19,13 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.MockFilterChain;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.SecurityConfig;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests parts of {@link RegExpBasedFilterInvocationDefinitionMap} not tested
@ -73,7 +76,9 @@ public class RegExpBasedFilterDefinitionMapTests extends TestCase {
map.addSecureUrl("\\A/secure/super.*\\Z", def);
// Build a HTTP request
MockHttpServletRequest req = new MockHttpServletRequest(null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI(null);
MockHttpServletRequest req = request;
req.setServletPath("/SeCuRE/super/somefile.html");
FilterInvocation fi = new FilterInvocation(req,
@ -93,7 +98,9 @@ public class RegExpBasedFilterDefinitionMapTests extends TestCase {
map.addSecureUrl("\\A/secure/super.*\\Z", def);
// Build a HTTP request
MockHttpServletRequest req = new MockHttpServletRequest(null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI(null);
MockHttpServletRequest req = request;
req.setServletPath("/SeCuRE/super/somefile.html");
FilterInvocation fi = new FilterInvocation(req,
@ -113,7 +120,9 @@ public class RegExpBasedFilterDefinitionMapTests extends TestCase {
map.addSecureUrl("\\A/secure/super.*\\Z", def);
// Build a HTTP request
MockHttpServletRequest req = new MockHttpServletRequest(null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI(null);
MockHttpServletRequest req = request;
req.setServletPath("/secure/super/somefile.html");
FilterInvocation fi = new FilterInvocation(req,

43
core/src/test/java/org/acegisecurity/intercept/web/SecurityEnforcementFilterTests.java
View File

@ -22,9 +22,6 @@ import net.sf.acegisecurity.BadCredentialsException;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.MockAuthenticationEntryPoint;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockHttpSession;
import net.sf.acegisecurity.MockPortResolver;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContext;
@ -38,7 +35,9 @@ import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
/**
@ -70,16 +69,13 @@ public class SecurityEnforcementFilterTests extends TestCase {
public void testAccessDeniedWhenAnonymous() throws Exception {
// Setup our HTTP request
HttpSession session = new MockHttpSession();
MockHttpServletRequest request = new MockHttpServletRequest(null,
session);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
request.setServerPort(80);
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/mycontext");
request.setRequestURL(
"http://www.example.com/mycontext/secure/page.html");
request.setRequestURI("/mycontext/secure/page.html");
// Setup our expectation that the filter chain will not be invoked, as access is denied
MockFilterChain chain = new MockFilterChain(false);
@ -103,16 +99,14 @@ public class SecurityEnforcementFilterTests extends TestCase {
MockHttpServletResponse response = new MockHttpServletResponse();
filter.doFilter(request, response, chain);
assertEquals("/mycontext/login.jsp", response.getRedirect());
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
assertEquals("http://www.example.com/mycontext/secure/page.html",
request.getSession().getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY));
}
public void testAccessDeniedWhenNonAnonymous() throws Exception {
// Setup our HTTP request
HttpSession session = new MockHttpSession();
MockHttpServletRequest request = new MockHttpServletRequest(null,
session);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
// Setup our expectation that the filter chain will not be invoked, as access is denied
@ -135,9 +129,9 @@ public class SecurityEnforcementFilterTests extends TestCase {
MockHttpServletResponse response = new MockHttpServletResponse();
filter.doFilter(request, response, chain);
assertEquals(403, response.getError());
assertEquals(403, response.getStatus());
assertEquals(AccessDeniedException.class,
session.getAttribute(
request.getSession().getAttribute(
SecurityEnforcementFilter.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)
.getClass());
}
@ -185,15 +179,13 @@ public class SecurityEnforcementFilterTests extends TestCase {
public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWhenAuthenticationException()
throws Exception {
// Setup our HTTP request
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
request.setServerPort(80);
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/mycontext");
request.setRequestURL(
"http://www.example.com/mycontext/secure/page.html");
request.setRequestURI("/mycontext/secure/page.html");
// Setup our expectation that the filter chain will not be invoked, as access is denied
MockFilterChain chain = new MockFilterChain(false);
@ -212,7 +204,7 @@ public class SecurityEnforcementFilterTests extends TestCase {
MockHttpServletResponse response = new MockHttpServletResponse();
filter.doFilter(request, response, chain);
assertEquals("/mycontext/login.jsp", response.getRedirect());
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
assertEquals("http://www.example.com/mycontext/secure/page.html",
request.getSession().getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY));
}
@ -220,15 +212,13 @@ public class SecurityEnforcementFilterTests extends TestCase {
public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException()
throws Exception {
// Setup our HTTP request
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
request.setServerPort(8080);
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/mycontext");
request.setRequestURL(
"http://www.example.com:8080/mycontext/secure/page.html");
request.setRequestURI("/mycontext/secure/page.html");
// Setup our expectation that the filter chain will not be invoked, as access is denied
MockFilterChain chain = new MockFilterChain(false);
@ -247,7 +237,7 @@ public class SecurityEnforcementFilterTests extends TestCase {
MockHttpServletResponse response = new MockHttpServletResponse();
filter.doFilter(request, response, chain);
assertEquals("/mycontext/login.jsp", response.getRedirect());
assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
assertEquals("http://www.example.com:8080/mycontext/secure/page.html",
request.getSession().getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY));
}
@ -301,8 +291,7 @@ public class SecurityEnforcementFilterTests extends TestCase {
public void testSuccessfulAccessGrant() throws Exception {
// Setup our HTTP request
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
// Setup our expectation that the filter chain will be invoked, as access is granted

65
core/src/test/java/org/acegisecurity/providers/ConcurrentSessionControllerImplTests.java
View File

@ -17,14 +17,22 @@ package net.sf.acegisecurity.providers;
import junit.framework.TestCase;
import net.sf.acegisecurity.*;
import net.sf.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
import net.sf.acegisecurity.providers.dao.User;
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
import net.sf.acegisecurity.ui.session.HttpSessionCreatedEvent;
import net.sf.acegisecurity.ui.session.HttpSessionDestroyedEvent;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.AuthenticationTrustResolverImpl;
import net.sf.acegisecurity.MockApplicationContext;
import org.springframework.context.ApplicationListener;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.mock.web.MockHttpServletRequest;
import java.security.Principal;
@ -33,6 +41,8 @@ import java.security.Principal;
* Tests for {@link ConcurrentSessionControllerImpl}
*
* @author Ray Krueger
* @author Luke Taylor
* @version $Id$
*/
public class ConcurrentSessionControllerImplTests extends TestCase {
//~ Instance fields ========================================================
@ -55,7 +65,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
}
public void testEnforcementKnownGood() throws Exception {
Authentication auth = createAuthentication("user", "password", "session");
Authentication auth = createAuthentication("user", "password");
target.beforeAuthentication(auth);
target.afterAuthentication(auth, auth);
}
@ -65,14 +75,14 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
Authentication auth = null;
for (int i = 0; i < 5; i++) {
auth = createAuthentication("user", "password", String.valueOf(i));
for (int i = 0; i < 5; i++) { // creates 5 sessions
auth = createAuthentication("user", "password");
target.beforeAuthentication(auth);
target.afterAuthentication(auth, auth);
}
try {
auth = createAuthentication("user", "password", "lastsession");
auth = createAuthentication("user", "password");
target.beforeAuthentication(auth);
fail(
"Only allowed 5 sessions, this should have thrown a ConcurrentLoginException");
@ -84,15 +94,13 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
public void testEnforcementSingleSession() throws Exception {
target.setMaxSessions(1);
Authentication auth = createAuthentication("user", "password",
"session1");
Authentication auth = createAuthentication("user", "password");
target.beforeAuthentication(auth);
target.afterAuthentication(auth, auth);
try {
target.beforeAuthentication(createAuthentication("user",
"password", "session2"));
target.beforeAuthentication(createAuthentication("user", "password"));
fail(
"Only allowed 1 session, this should have thrown a ConcurrentLoginException");
} catch (ConcurrentLoginException e) {}
@ -100,10 +108,15 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
public void testEnforcementUnlimitedSameSession() throws Exception {
target.setMaxSessions(1);
MockHttpSession session = new MockHttpSession(); // all requests are within this session
for (int i = 0; i < 100; i++) {
Authentication auth = createAuthentication("user", "password",
"samesession");
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("user",
"password");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setSession(session);
request.setUserPrincipal(auth);
auth.setDetails(new WebAuthenticationDetails(request));
target.beforeAuthentication(auth);
target.afterAuthentication(auth, auth);
}
@ -113,8 +126,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
target.setMaxSessions(0);
for (int i = 0; i < 100; i++) {
Authentication auth = createAuthentication("user", "password",
String.valueOf(i));
Authentication auth = createAuthentication("user", "password");
target.beforeAuthentication(auth);
target.afterAuthentication(auth, auth);
}
@ -126,8 +138,9 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("user",
"password");
MockHttpSession session = new MockHttpSession();
MockHttpServletRequest request = new MockHttpServletRequest(auth,
session);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setSession(session);
request.setUserPrincipal(auth);
auth.setDetails(new WebAuthenticationDetails(request));
target.beforeAuthentication(auth);
@ -135,8 +148,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
target.onApplicationEvent(new HttpSessionDestroyedEvent(session));
Authentication different = createAuthentication("user", "password",
"differentsession");
Authentication different = createAuthentication("user", "password");
target.beforeAuthentication(different);
target.afterAuthentication(different, different);
}
@ -169,7 +181,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
true, new GrantedAuthority[0]);
final UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(user,
"password", user.getAuthorities());
auth.setDetails(createWebDetails(auth, "session1"));
auth.setDetails(createWebDetails(auth));
target.beforeAuthentication(auth);
target.afterAuthentication(auth, auth);
@ -185,7 +197,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
}
}, "password");
otherAuth.setDetails(createWebDetails(otherAuth, "session2"));
otherAuth.setDetails(createWebDetails(otherAuth));
target.beforeAuthentication(otherAuth);
fail(
"Same principal, different principal type, different session should have thrown ConcurrentLoginException");
@ -249,20 +261,19 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
target.setApplicationContext(MockApplicationContext.getContext());
}
private Authentication createAuthentication(String user, String password,
String sessionId) {
private Authentication createAuthentication(String user, String password) {
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(user,
password);
auth.setDetails(createWebDetails(auth, sessionId));
auth.setDetails(createWebDetails(auth));
return auth;
}
private WebAuthenticationDetails createWebDetails(Authentication auth,
String sessionId) {
MockHttpSession session = new MockHttpSession(sessionId);
MockHttpServletRequest request = new MockHttpServletRequest(auth,
session);
private WebAuthenticationDetails createWebDetails(Authentication auth) {
MockHttpSession session = new MockHttpSession();
MockHttpServletRequest request = new MockHttpServletRequest();
request.setSession(session);
request.setUserPrincipal(auth);
return new WebAuthenticationDetails(request);
}

16
core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousProcessingFilterTests.java
View File

@ -21,8 +21,9 @@ import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.MockFilterConfig;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContext;
import net.sf.acegisecurity.context.security.SecureContextImpl;
@ -39,6 +40,9 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link AnonymousProcessingFilter}.
@ -126,8 +130,10 @@ public class AnonymousProcessingFilterTests extends TestCase {
filter.afterPropertiesSet();
// Test
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("x");
executeFilterInContainerSimulator(new MockFilterConfig(), filter,
new MockHttpServletRequest("x"), new MockHttpServletResponse(),
request, new MockHttpServletResponse(),
new MockFilterChain(true));
// Ensure filter didn't change our original object
@ -146,8 +152,10 @@ public class AnonymousProcessingFilterTests extends TestCase {
filter.setUserAttribute(user);
filter.afterPropertiesSet();
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("x");
executeFilterInContainerSimulator(new MockFilterConfig(), filter,
new MockHttpServletRequest("x"), new MockHttpServletResponse(),
request, new MockHttpServletResponse(),
new MockFilterChain(true));
Authentication auth = SecureContextUtils.getSecureContext()

9
core/src/test/java/org/acegisecurity/securechannel/ChannelDecisionManagerImplTests.java
View File

@ -20,8 +20,6 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.ConfigAttribute;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.MockFilterChain;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.SecurityConfig;
import net.sf.acegisecurity.intercept.web.FilterInvocation;
@ -33,6 +31,9 @@ import java.util.Vector;
import javax.servlet.ServletException;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link ChannelDecisionManagerImpl}.
@ -101,7 +102,7 @@ public class ChannelDecisionManagerImplTests extends TestCase {
cdm.setChannelProcessors(list);
cdm.afterPropertiesSet();
MockHttpServletRequest request = new MockHttpServletRequest("not used");
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain();
FilterInvocation fi = new FilterInvocation(request, response, chain);
@ -124,7 +125,7 @@ public class ChannelDecisionManagerImplTests extends TestCase {
cdm.setChannelProcessors(list);
cdm.afterPropertiesSet();
MockHttpServletRequest request = new MockHttpServletRequest("not used");
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain();
FilterInvocation fi = new FilterInvocation(request, response, chain);

17
core/src/test/java/org/acegisecurity/securechannel/ChannelProcessingFilterTests.java
View File

@ -19,9 +19,10 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.ConfigAttribute;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.SecurityConfig;
import net.sf.acegisecurity.intercept.web.FilterInvocation;
import net.sf.acegisecurity.intercept.web.FilterInvocationDefinitionSource;
@ -36,6 +37,9 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link ChannelProcessingFilter}.
@ -143,7 +147,8 @@ public class ChannelProcessingFilterTests extends TestCase {
filter.setFilterInvocationDefinitionSource(fids);
MockHttpServletRequest request = new MockHttpServletRequest("info=now");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=now");
request.setServletPath("/path");
MockHttpServletResponse response = new MockHttpServletResponse();
@ -167,7 +172,8 @@ public class ChannelProcessingFilterTests extends TestCase {
filter.setFilterInvocationDefinitionSource(fids);
MockHttpServletRequest request = new MockHttpServletRequest("info=now");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=now");
request.setServletPath("/path");
MockHttpServletResponse response = new MockHttpServletResponse();
@ -191,7 +197,8 @@ public class ChannelProcessingFilterTests extends TestCase {
filter.setFilterInvocationDefinitionSource(fids);
MockHttpServletRequest request = new MockHttpServletRequest("info=now");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=now");
request.setServletPath("/PATH_NOT_MATCHING_CONFIG_ATTRIBUTE");
MockHttpServletResponse response = new MockHttpServletResponse();

14
core/src/test/java/org/acegisecurity/securechannel/InsecureChannelProcessorTests.java
View File

@ -19,10 +19,13 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.MockFilterChain;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.SecurityConfig;
import net.sf.acegisecurity.intercept.web.FilterInvocation;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
@ -47,7 +50,8 @@ public class InsecureChannelProcessorTests extends TestCase {
cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
cad.addConfigAttribute(new SecurityConfig("REQUIRES_INSECURE_CHANNEL"));
MockHttpServletRequest request = new MockHttpServletRequest("info=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");
request.setServerName("localhost");
request.setContextPath("/bigapp");
request.setServletPath("/servlet");
@ -70,11 +74,13 @@ public class InsecureChannelProcessorTests extends TestCase {
cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
cad.addConfigAttribute(new SecurityConfig("REQUIRES_INSECURE_CHANNEL"));
MockHttpServletRequest request = new MockHttpServletRequest("info=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");
request.setServerName("localhost");
request.setContextPath("/bigapp");
request.setServletPath("/servlet");
request.setScheme("https");
request.setSecure(true);
request.setServerPort(8443);
MockHttpServletResponse response = new MockHttpServletResponse();

27
core/src/test/java/org/acegisecurity/securechannel/RetryWithHttpEntryPointTests.java
View File

@ -17,14 +17,18 @@ package net.sf.acegisecurity.securechannel;
import junit.framework.TestCase;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockPortResolver;
import net.sf.acegisecurity.util.PortMapperImpl;
import java.util.HashMap;
import java.util.Map;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link RetryWithHttpEntryPoint}.
@ -76,7 +80,8 @@ public class RetryWithHttpEntryPointTests extends TestCase {
}
public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("open=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("open=true");
request.setScheme("https");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -93,12 +98,12 @@ public class RetryWithHttpEntryPointTests extends TestCase {
ep.commence(request, response);
assertEquals("http://www.example.com/bigWebApp/hello/pathInfo.html?open=true",
response.getRedirect());
response.getRedirectedUrl());
}
public void testNormalOperationWithNullPathInfoAndNullQueryString()
throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setScheme("https");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -115,12 +120,13 @@ public class RetryWithHttpEntryPointTests extends TestCase {
ep.commence(request, response);
assertEquals("http://www.example.com/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
}
public void testOperationWhenTargetPortIsUnknown()
throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("open=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("open=true");
request.setScheme("https");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -136,11 +142,12 @@ public class RetryWithHttpEntryPointTests extends TestCase {
ep.afterPropertiesSet();
ep.commence(request, response);
assertEquals("/bigWebApp", response.getRedirect());
assertEquals("/bigWebApp", response.getRedirectedUrl());
}
public void testOperationWithNonStandardPort() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("open=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("open=true");
request.setScheme("https");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -162,6 +169,6 @@ public class RetryWithHttpEntryPointTests extends TestCase {
ep.commence(request, response);
assertEquals("http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true",
response.getRedirect());
response.getRedirectedUrl());
}
}

27
core/src/test/java/org/acegisecurity/securechannel/RetryWithHttpsEntryPointTests.java
View File

@ -17,14 +17,18 @@ package net.sf.acegisecurity.securechannel;
import junit.framework.TestCase;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockPortResolver;
import net.sf.acegisecurity.util.PortMapperImpl;
import java.util.HashMap;
import java.util.Map;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link RetryWithHttpsEntryPoint}.
@ -76,7 +80,8 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
}
public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("open=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("open=true");
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -93,12 +98,12 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
ep.commence(request, response);
assertEquals("https://www.example.com/bigWebApp/hello/pathInfo.html?open=true",
response.getRedirect());
response.getRedirectedUrl());
}
public void testNormalOperationWithNullPathInfoAndNullQueryString()
throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -115,12 +120,13 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
ep.commence(request, response);
assertEquals("https://www.example.com/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
}
public void testOperationWhenTargetPortIsUnknown()
throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("open=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("open=true");
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -136,11 +142,12 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
ep.afterPropertiesSet();
ep.commence(request, response);
assertEquals("/bigWebApp", response.getRedirect());
assertEquals("/bigWebApp", response.getRedirectedUrl());
}
public void testOperationWithNonStandardPort() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest("open=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("open=true");
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -162,6 +169,6 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
ep.commence(request, response);
assertEquals("https://www.example.com:9999/bigWebApp/hello/pathInfo.html?open=true",
response.getRedirect());
response.getRedirectedUrl());
}
}

14
core/src/test/java/org/acegisecurity/securechannel/SecureChannelProcessorTests.java
View File

@ -19,10 +19,13 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.ConfigAttributeDefinition;
import net.sf.acegisecurity.MockFilterChain;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.SecurityConfig;
import net.sf.acegisecurity.intercept.web.FilterInvocation;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
@ -47,11 +50,13 @@ public class SecureChannelProcessorTests extends TestCase {
cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
cad.addConfigAttribute(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
MockHttpServletRequest request = new MockHttpServletRequest("info=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");
request.setServerName("localhost");
request.setContextPath("/bigapp");
request.setServletPath("/servlet");
request.setScheme("https");
request.setSecure(true);
request.setServerPort(8443);
MockHttpServletResponse response = new MockHttpServletResponse();
@ -70,7 +75,8 @@ public class SecureChannelProcessorTests extends TestCase {
cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
cad.addConfigAttribute(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
MockHttpServletRequest request = new MockHttpServletRequest("info=true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");
request.setServerName("localhost");
request.setContextPath("/bigapp");
request.setServletPath("/servlet");

13
core/src/test/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPointTests.java
View File

@ -18,8 +18,11 @@ package net.sf.acegisecurity.ui.basicauth;
import junit.framework.TestCase;
import net.sf.acegisecurity.DisabledException;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
@ -70,8 +73,8 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint();
ep.setRealmName("hello");
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
MockHttpServletResponse response = new MockHttpServletResponse();
ep.afterPropertiesSet();
@ -79,7 +82,7 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
String msg = "These are the jokes kid";
ep.commence(request, response, new DisabledException(msg));
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
assertEquals(msg, response.getErrorMessage());
assertEquals("Basic realm=\"hello\"",

58
core/src/test/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterTests.java
View File

@ -20,9 +20,6 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.MockAuthenticationEntryPoint;
import net.sf.acegisecurity.MockAuthenticationManager;
import net.sf.acegisecurity.MockFilterConfig;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockHttpSession;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContextImpl;
@ -32,12 +29,11 @@ import org.apache.commons.codec.binary.Base64;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
@ -100,9 +96,7 @@ public class BasicProcessingFilterTests extends TestCase {
public void testFilterIgnoresRequestsContainingNoAuthorizationHeader()
throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -138,13 +132,9 @@ public class BasicProcessingFilterTests extends TestCase {
public void testInvalidBasicAuthorizationTokenIsIgnored()
throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
String token = "NOT_A_VALID_TOKEN_AS_MISSING_COLON";
headers.put("Authorization",
"Basic " + new String(Base64.encodeBase64(token.getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64(token.getBytes())));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -169,13 +159,10 @@ public class BasicProcessingFilterTests extends TestCase {
public void testNormalOperation() throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
String token = "marissa:koala";
headers.put("Authorization",
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization",
"Basic " + new String(Base64.encodeBase64(token.getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -205,11 +192,8 @@ public class BasicProcessingFilterTests extends TestCase {
public void testOtherAuthorizationSchemeIsIgnored()
throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -262,13 +246,10 @@ public class BasicProcessingFilterTests extends TestCase {
public void testSuccessLoginThenFailureLoginResultsInSessionLoosingToken()
throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
String token = "marissa:koala";
headers.put("Authorization",
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization",
"Basic " + new String(Base64.encodeBase64(token.getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -296,12 +277,10 @@ public class BasicProcessingFilterTests extends TestCase {
// NOW PERFORM FAILED AUTHENTICATION
// Setup our HTTP request
headers = new HashMap();
token = "marissa:WRONG_PASSWORD";
headers.put("Authorization",
request = new MockHttpServletRequest();
request.addHeader("Authorization",
"Basic " + new String(Base64.encodeBase64(token.getBytes())));
request = new MockHttpServletRequest(headers, null,
new MockHttpSession());
request.setServletPath("/some_file.html");
// Setup our expectation that the filter chain will not be invoked, as we get a 403 forbidden response
@ -313,18 +292,15 @@ public class BasicProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testWrongPasswordReturnsForbidden() throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
String token = "marissa:WRONG_PASSWORD";
headers.put("Authorization",
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization",
"Basic " + new String(Base64.encodeBase64(token.getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -345,7 +321,7 @@ public class BasicProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
protected void setUp() throws Exception {

20
core/src/test/java/org/acegisecurity/ui/cas/CasProcessingFilterEntryPointTests.java
View File

@ -17,11 +17,15 @@ package net.sf.acegisecurity.ui.cas;
import junit.framework.TestCase;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import java.net.URLEncoder;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link CasProcessingFilterEntryPoint}.
@ -94,8 +98,8 @@ public class CasProcessingFilterEntryPointTests extends TestCase {
ep.setLoginUrl("https://cas/login");
ep.setServiceProperties(sp);
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
MockHttpServletResponse response = new MockHttpServletResponse();
@ -105,7 +109,7 @@ public class CasProcessingFilterEntryPointTests extends TestCase {
assertEquals("https://cas/login?service="
+ URLEncoder.encode(
"https://mycompany.com/bigWebApp/j_acegi_cas_security_check",
"UTF-8"), response.getRedirect());
"UTF-8"), response.getRedirectedUrl());
}
public void testNormalOperationWithRenewTrue() throws Exception {
@ -118,14 +122,14 @@ public class CasProcessingFilterEntryPointTests extends TestCase {
ep.setLoginUrl("https://cas/login");
ep.setServiceProperties(sp);
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
MockHttpServletResponse response = new MockHttpServletResponse();
ep.afterPropertiesSet();
ep.commence(request, response, null);
assertEquals("https://cas/login?renew=true&service=https://mycompany.com/bigWebApp/j_acegi_cas_security_check",
response.getRedirect());
response.getRedirectedUrl());
}
}

12
core/src/test/java/org/acegisecurity/ui/cas/CasProcessingFilterTests.java
View File

@ -20,8 +20,8 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.AuthenticationException;
import net.sf.acegisecurity.MockAuthenticationManager;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpSession;
import org.springframework.mock.web.MockHttpServletRequest;
/**
@ -58,9 +58,8 @@ public class CasProcessingFilterTests extends TestCase {
}
public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
request.setParameter("ticket", "ST-0-ER94xMJmn6pha35CQRoZ");
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter("ticket", "ST-0-ER94xMJmn6pha35CQRoZ");
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
@ -74,8 +73,7 @@ public class CasProcessingFilterTests extends TestCase {
public void testNullServiceTicketHandledGracefully()
throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
MockAuthenticationManager authMgr = new MockAuthenticationManager(false);

30
core/src/test/java/org/acegisecurity/ui/digestauth/DigestProcessingFilterEntryPointTests.java
View File

@ -18,14 +18,17 @@ package net.sf.acegisecurity.ui.digestauth;
import junit.framework.TestCase;
import net.sf.acegisecurity.DisabledException;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.util.StringSplitUtils;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.util.StringUtils;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import java.util.Map;
@ -98,8 +101,8 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
ep.setRealmName("hello");
ep.setKey("key");
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
MockHttpServletResponse response = new MockHttpServletResponse();
ep.afterPropertiesSet();
@ -107,14 +110,13 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
ep.commence(request, response, new DisabledException("foobar"));
// Check response is properly formed
assertEquals(401, response.getError());
assertTrue(response.getHeader("WWW-Authenticate").startsWith("Digest "));
assertEquals(401, response.getStatus());
assertEquals(true, response.getHeader("WWW-Authenticate").toString().startsWith("Digest "));
// Break up response header
String header = response.getHeader("WWW-Authenticate").substring(7);
String header = response.getHeader("WWW-Authenticate").toString().substring(7);
String[] headerEntries = StringUtils.commaDelimitedListToStringArray(header);
Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries,
"=", "\"");
Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries, "=", "\"");
assertEquals("hello", headerMap.get("realm"));
assertEquals("auth", headerMap.get("qop"));
@ -128,8 +130,8 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
ep.setRealmName("hello");
ep.setKey("key");
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
MockHttpServletResponse response = new MockHttpServletResponse();
ep.afterPropertiesSet();
@ -138,11 +140,11 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
new NonceExpiredException("expired nonce"));
// Check response is properly formed
assertEquals(401, response.getError());
assertTrue(response.getHeader("WWW-Authenticate").startsWith("Digest "));
assertEquals(401, response.getStatus());
assertTrue(response.getHeader("WWW-Authenticate").toString().startsWith("Digest "));
// Break up response header
String header = response.getHeader("WWW-Authenticate").substring(7);
String header = response.getHeader("WWW-Authenticate").toString().substring(7);
String[] headerEntries = StringUtils.commaDelimitedListToStringArray(header);
Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries,
"=", "\"");

224
core/src/test/java/org/acegisecurity/ui/digestauth/DigestProcessingFilterTests.java
View File

@ -19,9 +19,6 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.DisabledException;
import net.sf.acegisecurity.MockFilterConfig;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockHttpSession;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContextImpl;
@ -35,14 +32,12 @@ import org.apache.commons.codec.binary.Base64;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.dao.DataAccessException;
import org.springframework.util.StringUtils;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
@ -120,15 +115,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -150,9 +139,9 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
String header = response.getHeader("WWW-Authenticate").substring(7);
String header = response.getHeader("WWW-Authenticate").toString().substring(7);
String[] headerEntries = StringUtils.commaDelimitedListToStringArray(header);
Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries,
"=", "\"");
@ -162,9 +151,7 @@ public class DigestProcessingFilterTests extends TestCase {
public void testFilterIgnoresRequestsContainingNoAuthorizationHeader()
throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -204,13 +191,11 @@ public class DigestProcessingFilterTests extends TestCase {
public void testInvalidDigestAuthorizationTokenGeneratesError()
throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
String token = "NOT_A_VALID_TOKEN_AS_MISSING_COLON";
headers.put("Authorization",
"Digest " + new String(Base64.encodeBase64(token.getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization",
"Digest " + new String(Base64.encodeBase64(token.getBytes())));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -229,18 +214,15 @@ public class DigestProcessingFilterTests extends TestCase {
// Test
executeFilterInContainerSimulator(config, filter, request, response,
chain);
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
}
public void testMalformedHeaderReturnsForbidden() throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization", "Digest scsdcsdc");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization", "Digest scsdcsdc");
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -261,7 +243,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testNonBase64EncodedNonceReturnsForbidden()
@ -280,15 +262,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -309,7 +285,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testNonceWithIncorrectSignatureForNumericFieldReturnsForbidden()
@ -329,15 +305,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -358,7 +328,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testNonceWithNonNumericFirstElementReturnsForbidden()
@ -378,15 +348,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -407,7 +371,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testNonceWithoutTwoColonSeparatedElementsReturnsForbidden()
@ -427,15 +391,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -456,7 +414,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testNormalOperation() throws Exception {
@ -474,15 +432,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -512,11 +464,8 @@ public class DigestProcessingFilterTests extends TestCase {
public void testOtherAuthorizationSchemeIsIgnored()
throws Exception {
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest();
request.addHeader("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -581,15 +530,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -616,20 +559,15 @@ public class DigestProcessingFilterTests extends TestCase {
responseDigest = DigestProcessingFilter.generateDigest(username, realm,
password, "GET", uri, qop, nonce, nc, cnonce);
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
request = new MockHttpServletRequest(headers, null,
new MockHttpSession());
request = new MockHttpServletRequest();
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
executeFilterInContainerSimulator(config, filter, request, response,
chain);
// Check we lost our previous authentication
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testWrongCnonceBasedOnDigestReturnsForbidden()
@ -648,15 +586,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, "DIFFERENT_CNONCE");
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -677,7 +609,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testWrongDigestReturnsForbidden() throws Exception {
@ -695,15 +627,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -724,7 +650,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testWrongRealmReturnsForbidden() throws Exception {
@ -742,15 +668,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -771,7 +691,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
public void testWrongUsernameReturnsForbidden() throws Exception {
@ -789,15 +709,9 @@ public class DigestProcessingFilterTests extends TestCase {
realm, password, "GET", uri, qop, nonce, nc, cnonce);
// Setup our HTTP request
Map headers = new HashMap();
headers.put("Authorization",
"Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"");
MockHttpServletRequest request = new MockHttpServletRequest(headers,
null, new MockHttpSession());
MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
request.addHeader("Authorization",
createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
request.setServletPath("/some_file.html");
// Launch an application context and access our bean
@ -818,7 +732,7 @@ public class DigestProcessingFilterTests extends TestCase {
chain);
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
assertEquals(401, response.getError());
assertEquals(401, response.getStatus());
}
protected void setUp() throws Exception {
@ -847,20 +761,34 @@ public class DigestProcessingFilterTests extends TestCase {
.getBean("digestProcessingFilterEntryPoint");
ep.setNonceValiditySeconds(nonceValidityPeriod);
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
MockHttpServletResponse response = new MockHttpServletResponse();
ep.commence(request, response, new DisabledException("foobar"));
// Break up response header
String header = response.getHeader("WWW-Authenticate").substring(7);
String header = response.getHeader("WWW-Authenticate").toString().substring(7);
String[] headerEntries = StringUtils.commaDelimitedListToStringArray(header);
Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries,
"=", "\"");
return headerMap;
}
private String createAuthorizationHeader(String username,
String realm,
String nonce,
String uri,
String responseDigest,
String qop,
String nc,
String cnonce) {
return "Digest username=\"" + username + "\", realm=\"" + realm
+ "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+ responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+ cnonce + "\"";
}
//~ Inner Classes ==========================================================

19
core/src/test/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilterTests.java
View File

@ -31,13 +31,16 @@ import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.MockFilterConfig;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContext;
import net.sf.acegisecurity.context.security.SecureContextImpl;
import net.sf.acegisecurity.context.security.SecureContextUtils;
import net.sf.acegisecurity.providers.TestingAuthenticationToken;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
@ -82,7 +85,9 @@ public class RememberMeProcessingFilterTests extends TestCase {
RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
try {
filter.doFilter(new MockHttpServletRequest("dc"), null,
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("dc");
filter.doFilter(request, null,
new MockFilterChain());
fail("Should have thrown ServletException");
} catch (ServletException expected) {
@ -129,8 +134,10 @@ public class RememberMeProcessingFilterTests extends TestCase {
filter.afterPropertiesSet();
// Test
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("x");
executeFilterInContainerSimulator(new MockFilterConfig(), filter,
new MockHttpServletRequest("x"), new MockHttpServletResponse(),
request, new MockHttpServletResponse(),
new MockFilterChain(true));
// Ensure filter didn't change our original object
@ -147,8 +154,10 @@ public class RememberMeProcessingFilterTests extends TestCase {
filter.setRememberMeServices(new MockRememberMeServices(remembered));
filter.afterPropertiesSet();
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("x");
executeFilterInContainerSimulator(new MockFilterConfig(), filter,
new MockHttpServletRequest("x"), new MockHttpServletResponse(),
request, new MockHttpServletResponse(),
new MockFilterChain(true));
Authentication auth = SecureContextUtils.getSecureContext()

85
core/src/test/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServicesTests.java
View File

@ -20,8 +20,8 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.TestingAuthenticationToken;
import net.sf.acegisecurity.providers.dao.AuthenticationDao;
@ -34,6 +34,8 @@ import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.dao.DataAccessException;
import org.springframework.util.StringUtils;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import java.util.Date;
@ -71,14 +73,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.setAuthenticationDao(new MockAuthenticationDao(null, true));
services.afterPropertiesSet();
MockHttpServletRequest request = new MockHttpServletRequest("dc");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("dc");
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertNull(result);
Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNull(returnedCookie); // shouldn't try to invalidate our cookie
}
@ -90,15 +93,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
services.afterPropertiesSet();
Cookie cookie = new Cookie("unrelated_cookie", "foobar");
MockHttpServletRequest request = new MockHttpServletRequest(null, null,
"null", new Cookie[] {cookie});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertNull(result);
Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNull(returnedCookie); // shouldn't try to invalidate our cookie
}
@ -115,15 +118,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis()
- 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest(null, null,
"null", new Cookie[] {cookie});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertNull(result);
Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@ -141,15 +144,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
new String(Base64.encodeBase64("x".getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest(null, null,
"null", new Cookie[] {cookie});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertNull(result);
Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@ -166,15 +169,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
"NOT_BASE_64_ENCODED");
MockHttpServletRequest request = new MockHttpServletRequest(null, null,
"null", new Cookie[] {cookie});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertNull(result);
Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@ -193,15 +196,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis()
+ 1000000, "someone", "password", "WRONG_KEY"));
MockHttpServletRequest request = new MockHttpServletRequest(null, null,
"null", new Cookie[] {cookie});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertNull(result);
Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@ -220,15 +223,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
new String(Base64.encodeBase64(
"username:NOT_A_NUMBER:signature".getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest(null, null,
"null", new Cookie[] {cookie});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertNull(result);
Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@ -242,15 +245,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis()
+ 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest(null, null,
"null", new Cookie[] {cookie});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
assertNull(result);
Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(returnedCookie);
assertEquals(0, returnedCookie.getMaxAge());
}
@ -268,8 +271,8 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis()
+ 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest(null, null,
"null", new Cookie[] {cookie});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
@ -300,19 +303,21 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
public void testLoginFail() {
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
MockHttpServletRequest request = new MockHttpServletRequest("fv");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("fv");
MockHttpServletResponse response = new MockHttpServletResponse();
services.loginFail(request, response);
Cookie cookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(cookie);
assertEquals(0, cookie.getMaxAge());
}
public void testLoginSuccessIgnoredIfParameterNotSetOrFalse() {
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
MockHttpServletRequest request = new MockHttpServletRequest("d");
request.setParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER,
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("d");
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER,
"false");
MockHttpServletResponse response = new MockHttpServletResponse();
@ -320,22 +325,22 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
new TestingAuthenticationToken("someone", "password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
Cookie cookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNull(cookie);
}
public void testLoginSuccessNormalWithNonUserDetailsBasedPrincipal() {
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
MockHttpServletRequest request = new MockHttpServletRequest("d");
request.setParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER,
"true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("d");
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
MockHttpServletResponse response = new MockHttpServletResponse();
services.loginSuccess(request, response,
new TestingAuthenticationToken("someone", "password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
Cookie cookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(cookie);
assertEquals(60 * 60 * 24 * 365 * 5, cookie.getMaxAge()); // 5 years
assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));
@ -346,9 +351,9 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
public void testLoginSuccessNormalWithUserDetailsBasedPrincipal() {
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
MockHttpServletRequest request = new MockHttpServletRequest("d");
request.setParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER,
"true");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("d");
request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
MockHttpServletResponse response = new MockHttpServletResponse();
UserDetails user = new User("someone", "password", true, true, true,
@ -358,7 +363,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
new TestingAuthenticationToken(user, "ignored",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
Cookie cookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
assertNotNull(cookie);
assertEquals(60 * 60 * 24 * 365 * 5, cookie.getMaxAge()); // 5 years
assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));

4
core/src/test/java/org/acegisecurity/ui/session/HttpSessionEventPublisherTests.java
View File

@ -17,10 +17,8 @@ package net.sf.acegisecurity.ui.session;
import junit.framework.TestCase;
import net.sf.acegisecurity.MockHttpSession;
import org.springframework.mock.web.MockServletContext;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.web.context.support.StaticWebApplicationContext;
import javax.servlet.ServletContextEvent;

44
core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterEntryPointTests.java
View File

@ -17,14 +17,18 @@ package net.sf.acegisecurity.ui.webapp;
import junit.framework.TestCase;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpServletResponse;
import net.sf.acegisecurity.MockPortResolver;
import net.sf.acegisecurity.util.PortMapperImpl;
import java.util.HashMap;
import java.util.Map;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
/**
* Tests {@link AuthenticationProcessingFilterEntryPoint}.
@ -100,8 +104,8 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
public void testHttpsOperationFromOriginalHttpUrl()
throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -119,24 +123,27 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
ep.commence(request, response, null);
assertEquals("https://www.example.com/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
request.setServerPort(8080);
response = new MockHttpServletResponse();
ep.setPortResolver(new MockPortResolver(8080, 8443));
ep.commence(request, response, null);
assertEquals("https://www.example.com:8443/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
// Now test an unusual custom HTTP:HTTPS is handled properly
request.setServerPort(8888);
response = new MockHttpServletResponse();
ep.commence(request, response, null);
assertEquals("https://www.example.com:8443/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
PortMapperImpl portMapper = new PortMapperImpl();
Map map = new HashMap();
map.put("8888", "9999");
portMapper.setPortMappings(map);
response = new MockHttpServletResponse();
ep = new AuthenticationProcessingFilterEntryPoint();
ep.setLoginFormUrl("/hello");
@ -148,13 +155,13 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
ep.commence(request, response, null);
assertEquals("https://www.example.com:9999/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
}
public void testHttpsOperationFromOriginalHttpsUrl()
throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
request.setScheme("https");
request.setServerName("www.example.com");
request.setContextPath("/bigWebApp");
@ -172,13 +179,14 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
ep.commence(request, response, null);
assertEquals("https://www.example.com/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
request.setServerPort(8443);
response = new MockHttpServletResponse();
ep.setPortResolver(new MockPortResolver(8080, 8443));
ep.commence(request, response, null);
assertEquals("https://www.example.com:8443/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
}
public void testNormalOperation() throws Exception {
@ -188,8 +196,8 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
ep.setPortResolver(new MockPortResolver(80, 443));
ep.afterPropertiesSet();
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
request.setContextPath("/bigWebApp");
request.setScheme("http");
request.setServerName("www.example.com");
@ -201,7 +209,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
ep.afterPropertiesSet();
ep.commence(request, response, null);
assertEquals("http://www.example.com/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
}
public void testOperationWhenHttpsRequestsButHttpsPortUnknown()
@ -213,8 +221,8 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
ep.setForceHttps(true);
ep.afterPropertiesSet();
MockHttpServletRequest request = new MockHttpServletRequest(
"/some_path");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/some_path");
request.setContextPath("/bigWebApp");
request.setScheme("http");
request.setServerName("www.example.com");
@ -228,6 +236,6 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
// Response doesn't switch to HTTPS, as we didn't know HTTP port 8888 to HTTP port mapping
assertEquals("http://www.example.com:8888/bigWebApp/hello",
response.getRedirect());
response.getRedirectedUrl());
}
}

21
core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterTests.java
View File

@ -19,10 +19,10 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.MockAuthenticationManager;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.MockHttpSession;
import net.sf.acegisecurity.ui.WebAuthenticationDetails;
import org.springframework.mock.web.MockHttpServletRequest;
/**
* Tests {@link AuthenticationProcessingFilter}.
@ -58,11 +58,10 @@ public class AuthenticationProcessingFilterTests extends TestCase {
}
public void testNormalOperation() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
request.setParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY,
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY,
"marissa");
request.setParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY,
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY,
"koala");
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
@ -78,9 +77,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
}
public void testNullPasswordHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
request.setParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY,
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY,
"marissa");
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
@ -94,9 +92,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
}
public void testNullUsernameHandledGracefully() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(null,
new MockHttpSession());
request.setParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY,
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY,
"koala");
MockAuthenticationManager authMgr = new MockAuthenticationManager(true);

4
core/src/test/java/org/acegisecurity/wrapper/ContextHolderAwareRequestFilterTests.java
View File

@ -18,7 +18,7 @@ package net.sf.acegisecurity.wrapper;
import junit.framework.TestCase;
import net.sf.acegisecurity.MockFilterConfig;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestFilter;
import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestWrapper;
@ -29,6 +29,8 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.mock.web.MockHttpServletRequest;
/**
* Tests {@link ContextHolderAwareRequestFilter}.

29
core/src/test/java/org/acegisecurity/wrapper/ContextHolderAwareRequestWrapperTests.java
View File

@ -20,13 +20,15 @@ import junit.framework.TestCase;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.MockHttpServletRequest;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContext;
import net.sf.acegisecurity.context.security.SecureContextImpl;
import net.sf.acegisecurity.providers.TestingAuthenticationToken;
import net.sf.acegisecurity.providers.dao.User;
import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestWrapper;
import org.springframework.mock.web.MockHttpServletRequest;
/**
@ -65,8 +67,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
sc.setAuthentication(auth);
ContextHolder.setContext(sc);
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
"/"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/");
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
assertEquals("marissa", wrapper.getRemoteUser());
assertTrue(wrapper.isUserInRole("ROLE_FOO"));
@ -87,8 +90,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
sc.setAuthentication(auth);
ContextHolder.setContext(sc);
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
"/"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/");
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
assertEquals("marissaAsUserDetails", wrapper.getRemoteUser());
assertFalse(wrapper.isUserInRole("ROLE_FOO"));
@ -105,8 +109,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
sc.setAuthentication(null);
ContextHolder.setContext(sc);
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
"/"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/");
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
assertNull(wrapper.getRemoteUser());
assertFalse(wrapper.isUserInRole("ROLE_ANY"));
assertNull(wrapper.getUserPrincipal());
@ -117,8 +122,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
public void testNullContextHolderHandling() throws Exception {
ContextHolder.setContext(null);
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
"/"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/");
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
assertNull(wrapper.getRemoteUser());
assertFalse(wrapper.isUserInRole("ROLE_ANY"));
assertNull(wrapper.getUserPrincipal());
@ -132,8 +138,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
sc.setAuthentication(auth);
ContextHolder.setContext(sc);
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
"/"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/");
ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
assertNull(wrapper.getRemoteUser());
assertFalse(wrapper.isUserInRole("ROLE_HELLO")); // principal is null, so reject