Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #4072 Add test for SessionAuthentication serialization (#4074) 

Signed-off-by: Jan Bartel <janb@webtide.com>
This commit is contained in:
Jan Bartel 2019-09-10 14:48:20 +10:00 committed by GitHub
parent f90a07371c
commit 10de54fa07
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 93 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
jetty-security/src/test/java/org/eclipse/jetty/security/SessionAuthenticationTest.java Normal file
View File

@ -0,0 +1,93 @@
//
// ========================================================================
// Copyright (c) 1995-2019 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.security;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import org.eclipse.jetty.security.authentication.SessionAuthentication;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.util.security.Password;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.junit.jupiter.api.Assertions.fail;
/**
* SessionAuthenticationTest
*
*/
public class SessionAuthenticationTest
{
/**
* Check that a SessionAuthenticator is serializable, and that
* the deserialized SessionAuthenticator contains the same authentication
* and authorization information.
*/
@Test
public void testSessionAuthenticationSerialization()
throws Exception
{
ContextHandler contextHandler = new ContextHandler();
SecurityHandler securityHandler = new ConstraintSecurityHandler();
contextHandler.setHandler(securityHandler);
TestLoginService loginService = new TestLoginService("SessionAuthTest");
Password pwd = new Password("foo");
loginService.putUser("foo", pwd, new String[]{"boss", "worker"});
securityHandler.setLoginService(loginService);
securityHandler.setAuthMethod("FORM");
UserIdentity user = loginService.login("foo", pwd, null);
assertNotNull(user);
assertNotNull(user.getUserPrincipal());
assertEquals("foo", user.getUserPrincipal().getName());
SessionAuthentication sessionAuth = new SessionAuthentication("FORM", user, pwd);
assertTrue(sessionAuth.isUserInRole(null, "boss"));
contextHandler.handle(new Runnable()
{
public void run()
{
try
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(baos);
oos.writeObject(sessionAuth);
oos.close();
ObjectInputStream ois = new ObjectInputStream(new ByteArrayInputStream(baos.toByteArray()));
SessionAuthentication reactivatedSessionAuth = (SessionAuthentication)ois.readObject();
assertNotNull(reactivatedSessionAuth);
assertNotNull(reactivatedSessionAuth.getUserIdentity());
assertNotNull(reactivatedSessionAuth.getUserIdentity().getUserPrincipal());
assertEquals("foo", reactivatedSessionAuth.getUserIdentity().getUserPrincipal().getName());
assertNotNull(reactivatedSessionAuth.getUserIdentity().getSubject());
assertTrue(reactivatedSessionAuth.isUserInRole(null, "boss"));
}
catch (Exception e)
{
fail(e);
}
}
});
}
}