SEC-2634: Add Geb integration tests for jaas-xml

2025-07-13 13:53:29 +00:00 · 2014-06-12 10:43:24 -05:00 · 2014-06-12 10:43:24 -05:00 · 91b2b7f875
commit 91b2b7f875
parent 1bff58577c
8 changed files with 219 additions and 0 deletions
--- a/samples/jaas-xml/jaas.gradle
+++ b/samples/jaas-xml/jaas.gradle
@ -26,4 +26,6 @@ dependencies {
            jstlDependencies,
            "org.slf4j:jcl-over-slf4j:$slf4jVersion",
            "ch.qos.logback:logback-classic:$logbackVersion"
+
+    integrationTestCompile gebDependencies
 }
--- a/samples/jaas-xml/pom.xml
+++ b/samples/jaas-xml/pom.xml
@ -154,24 +154,72 @@
      <version>4.0.2.RELEASE</version>
      <scope>runtime</scope>
    </dependency>
+    <dependency>
+      <groupId>commons-httpclient</groupId>
+      <artifactId>commons-httpclient</artifactId>
+      <version>3.1</version>
+      <scope>test</scope>
+    </dependency>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>4.11</version>
      <scope>test</scope>
    </dependency>
+    <dependency>
+      <groupId>org.codehaus.groovy</groupId>
+      <artifactId>groovy</artifactId>
+      <version>2.0.5</version>
+      <scope>test</scope>
+    </dependency>
    <dependency>
      <groupId>org.easytesting</groupId>
      <artifactId>fest-assert</artifactId>
      <version>1.4</version>
      <scope>test</scope>
    </dependency>
+    <dependency>
+      <groupId>org.gebish</groupId>
+      <artifactId>geb-spock</artifactId>
+      <version>0.9.0</version>
+      <scope>test</scope>
+    </dependency>
    <dependency>
      <groupId>org.mockito</groupId>
      <artifactId>mockito-core</artifactId>
      <version>1.9.5</version>
      <scope>test</scope>
    </dependency>
+    <dependency>
+      <groupId>org.seleniumhq.selenium</groupId>
+      <artifactId>selenium-htmlunit-driver</artifactId>
+      <version>2.33.0</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.spockframework</groupId>
+      <artifactId>spock-core</artifactId>
+      <version>0.7-groovy-2.0</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <artifactId>junit-dep</artifactId>
+          <groupId>junit</groupId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.spockframework</groupId>
+      <artifactId>spock-spring</artifactId>
+      <version>0.7-groovy-2.0</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <artifactId>junit-dep</artifactId>
+          <groupId>junit</groupId>
+        </exclusion>
+      </exclusions>
+    </dependency>
    <dependency>
      <groupId>org.springframework</groupId>
      <artifactId>spring-test</artifactId>
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/JaasXmlTests.groovy
@ -0,0 +1,61 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples
+
+import geb.spock.*
+import spock.lang.Shared
+import spock.lang.Stepwise
+import org.springframework.security.samples.pages.*
+
+/**
+ * Tests the CAS sample application using service tickets.
+ *
+ * @author Rob Winch
+ */
+@Stepwise
+class JaasXmlTests extends GebReportingSpec {
+    def 'access home page with unauthenticated works'() {
+        when: 'Unauthenticated user accesses the Home Page'
+        to HomePage
+        then: 'The home page is displayed'
+        at HomePage
+    }
+
+    def 'access secure page with unauthenticated requires login'() {
+        when: 'Unauthenticated user accesses the Secure Page'
+        securePage LoginPage
+        then: 'The login page is displayed'
+        at LoginPage
+    }
+
+    def 'authenticated user is sent to original page'() {
+        when: 'user authenticates'
+        login()
+        then: 'The secure page is displayed'
+        at SecurePage
+    }
+
+    def 'authenticated user logs out'() {
+        when: 'user logs out'
+        logout()
+        then: 'the default logout success page is displayed'
+        at HomePage
+        when: 'Unauthenticated user accesses the Secure Page'
+        via SecurePage
+        then: 'The login page is displayed'
+        at LoginPage
+    }
+}
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy
@ -0,0 +1,31 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples.pages;
+
+import geb.*
+
+/**
+ * The home page
+ *
+ * @author Rob Winch
+ */
+class HomePage extends Page {
+    static url = ''
+    static at = { assert driver.title == 'Home Page'; true}
+    static content = {
+        securePage(to: [SecurePage,LoginPage]) { $('a').click() }
+    }
+}
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy
@ -0,0 +1,37 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples.pages;
+
+import geb.*
+
+/**
+ * The login page.
+ *
+ * @author Rob Winch
+ */
+class LoginPage extends Page {
+    static url = 'login'
+    static at = { assert driver.title == 'Login Page'; true}
+    static content = {
+        login(required:false) { user='user', password='user' ->
+            loginForm.j_username = user
+            loginForm.j_password = password
+            submit.click()
+        }
+        loginForm { $('form') }
+        submit { $('input', type: 'submit') }
+    }
+}
--- a/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy
+++ b/samples/jaas-xml/src/integration-test/groovy/org/springframework/security/samples/pages/SecurePage.groovy
@ -0,0 +1,32 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples.pages
+
+import geb.Page
+
+/**
+ * The home page
+ *
+ * @author Rob Winch
+ */
+class SecurePage extends Page {
+    static url = 'secure/'
+    static at = { assert driver.title == 'Security Debug Information'; true}
+    static content = {
+        message { $('p').text() }
+        logout { $('input', type: 'submit').click() }
+    }
+}
--- a/samples/jaas-xml/src/main/webapp/index.jsp
+++ b/samples/jaas-xml/src/main/webapp/index.jsp
@ -2,6 +2,7 @@
 <%@ page import="java.security.AccessController" %>
 <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
 <html>
+<head><title>Home Page</title></head>
 <body>
 <h1>Home Page</h1>
 <p>
--- a/samples/jaas-xml/src/main/webapp/secure/index.jsp
+++ b/samples/jaas-xml/src/main/webapp/secure/index.jsp
@ -1,3 +1,5 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
 <%@ page import="javax.security.auth.Subject" %>
 <%@ page import="java.security.AccessController" %>
 <%@ page import="org.springframework.security.core.context.SecurityContextHolder" %>
@ -47,5 +49,10 @@
 <%		}
 %>

+<form action="<c:url value="/j_spring_security_logout"/>" method="post">
+    <input type="submit" value="Log Out"/>
+    <sec:csrfInput/>
+</form>
+
 </body>
 </html>