spring-security/samples/runall.sh

231 lines
5.7 KiB
Bash
Executable File

#! /bin/sh
#
# This script is intended for rapid checking of the sample application configurations
# to ensure they are working. It is for development use only.
#
# To run the web application samples, build them as described on the web site and deploy
# them to a servlet container, such as Apache Tomcat.
#
# See http://curl.netmirror.org/docs/httpscripting.html
#
set -o nounset
set -o errexit
ROOT_URL="http://localhost:8080"
CONTENT=response.txt
servlet_path=""
cleanup() {
find . -name cookies.txt | xargs rm
find . -name $CONTENT | xargs rm
find . -name runall.log | xargs rm
}
start_jetty()
{
gradle -d jettyRun > runall.log &
until (grep "Started Jetty Server" runall.log)
do
echo "- Waiting for server to start... -"
sleep 3
done
}
stop_jetty() {
kill $!
until (grep "Jetty server exiting" runall.log)
do
echo "- Waiting for server to stop... -"
sleep 2
done
}
get() {
if [ -z "$1" ] # Is parameter #1 zero length?
then
echo "- URL argument is required -"
exit -1
else
echo "- GET \"$servlet_path$1\" -"
fi
curl -b cookies.txt -c cookies.txt -i -o $CONTENT "$servlet_path$1"
# We don't expect any 50x errors
if grep -q "HTTP/1.1 50" $CONTENT
then
echo "$CONTENT"
exit -1
fi
echo "- Done -"
}
post() {
if [ $# -ne 2 ] # Is parameter #1 zero length?
then
echo "- Parameters and URL argument required -"
exit -1
else
echo "- POST \"$servlet_path$2\" -"
fi
curl -b cookies.txt -c cookies.txt -i -o $CONTENT -d $1 "$servlet_path$2"
echo "- Done -"
}
assert() {
if [ -z "$1" ]
then
echo "-'Expected text' argument is required.-"
exit -1
fi
if ! grep -q "$1" $CONTENT
then
echo "- '$1' was not found in response... -"
exit -1
fi
}
cleanup
#
# Run the tests
#
cd tutorial
servlet_path="$ROOT_URL/tutorial"
echo "- Running tutorial app... -"
start_jetty
get /index.jsp
assert "Home Page"
assert "Your principal object is....: null"
get /secure/index.jsp
assert "HTTP/1.1 302 Found"
assert "Location:.*/spring_security_login"
get /spring_security_login
assert "Login with Username and Password"
get "/j_spring_security_check?j_username=rod&j_password=koala"
assert "HTTP/1.1 302 Found"
assert "Location:.*/spring_security_login?login_error"
get /spring_security_login?login_error
assert "Authentication method not supported: GET"
echo "- Logging in as Rod -"
post "j_username=rod&j_password=koala" "/j_spring_security_check"
assert "HTTP/1.1 302 Found"
assert "Location:.*/secure/index.jsp"
get /secure/index.jsp
assert "Secure Page"
assert "You are a supervisor!"
get "/listAccounts.html"
assert "Accounts"
# Rod can break his overdraft limit
get "/post.html?id=1&amount=-200.00"
assert "Accounts"
get "/j_spring_security_logout"
echo "- Logging in as Peter -"
post "j_username=peter&j_password=opal" "/j_spring_security_check"
assert "HTTP/1.1 302 Found"
assert "Location:.*/tutorial/"
# Peter can't do anything
get "/post.html?id=4&amount=-20.00"
assert "HTTP/1.1 403 Access is denied"
get "/j_spring_security_logout"
echo "- Logging in as Dianne -"
post "j_username=dianne&j_password=emu" "/j_spring_security_check"
# Dianne can't exceed overdraft
get "/post.html?id=4&amount=-100.00"
assert "Accounts"
get "/post.html?id=4&amount=-20.00"
assert "HTTP/1.1 403 Access is denied"
get "/j_spring_security_logout"
stop_jetty
echo "- Running contacts app... -"
cd ../contacts
servlet_path="$ROOT_URL/contacts"
start_jetty
servlet_path="$ROOT_URL/contacts"
get /hello.htm
assert "Contacts Security Demo"
get /secure/index.htm
assert "HTTP/1.1 302 Found"
assert "Location:.*/login.jsp"
echo "- Logging in as Rod -"
post "j_username=rod&j_password=koala" "/j_spring_security_check"
assert "HTTP/1.1 302 Found"
get /secure/index.htm
assert "rod's Contacts"
assert "John Smith"
get "/secure/del.htm?contactId=1"
assert "Deleted"
assert "john@somewhere.com"
get /secure/index.htm
get "/secure/adminPermission.htm?contactId=4"
assert "Administer Permissions"
get "/secure/addPermission.htm?contactId=4"
assert "Add Permission"
post "recipient=bill&permission=16" "/secure/addPermission.htm?contactId=4"
get "/secure/adminPermission.htm?contactId=4"
assert "PrincipalSid\[bill\].*A....=16\]"
get /secure/index.htm
get "/j_spring_security_logout"
stop_jetty
echo "- Running ldap app... -"
cd ../ldap
start_jetty
servlet_path="$ROOT_URL/ldap"
get "/"
assert "Home Page"
get "/secure/"
assert "HTTP/1.1 302 Found"
assert "Location:.*/spring_security_login"
echo "- Logging in as Rod -"
post "j_username=rod&j_password=koala" "/j_spring_security_check"
assert "HTTP/1.1 302 Found"
assert "Location:.*/secure"
get "/secure/"
assert "Secure Page"
get "/j_spring_security_logout"
stop_jetty
echo "- Running preauth app... -"
cd ../preauth
servlet_path="$ROOT_URL/preauth"
start_jetty
get "/"
assert "HTTP/1.1 401 Unauthorized"
assert "WWW-Authenticate: Basic realm=\"Preauth Realm\""
curl -b cookies.txt -c cookies.txt -u rod:koala -i -o $CONTENT "$servlet_path/"
assert "Home Page"
get "/j_spring_security_logout"
stop_jetty
cd ../cas
if [[ -e ./server/cas-server-webapp-3.3.5.war ]]
then
echo "Found cas server war. Running cas sample"
cd server
mvn jetty:run-war &
SERVERPID=$!
cd ../client
start_jetty
get "/"
assert "Home Page"
get "/secure/index.jsp"
assert "HTTP/1.1 302 Found"
assert "Location: https://localhost:9443/cas/login?service=https%3A%2F%2Flocalhost%3A8443%2Fcas-sample%2Fj_spring_cas_security_check"
get "https://localhost:9443/cas/login?service=https%3A%2F%2Flocalhost%3A8443%2Fcas-sample%2Fj_spring_cas_security_check"
kill $SERVERPID
stop_jetty
fi
cd ..
cleanup