Package com.mockrunner.mock.web

Examples of com.mockrunner.mock.web.MockFilterChain

1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
        SecurityContextHolder.getContext().setAuthentication(null);
       
        // Test entry point               
        MockHttpServletRequest request= createRequest("/foo/bar");
        MockHttpServletResponse response= new MockHttpServletResponse();
        MockFilterChain chain = new MockFilterChain();               
       
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_FORBIDDEN,response.getErrorCode());
        SecurityContext ctx = (SecurityContext)request.getSession(true).getAttribute(
                HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);       
        assertNull(ctx);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
       
       
        for (org.geoserver.security.config.X509CertificateAuthenticationFilterConfig.J2EERoleSource rs :
            org.geoserver.security.config.X509CertificateAuthenticationFilterConfig.J2EERoleSource.values()) {
            config.setRoleSource(rs);
            getSecurityManager().saveFilter(config);
            request= createRequest("/foo/bar");
            response= new MockHttpServletResponse();
            chain = new MockFilterChain();
            if (rs==J2EERoleSource.Header) {
                request.setHeader("roles", derivedRole+";"+rootRole);
            }
            if(rs==J2EERoleSource.J2EE) {               
                request.setUserInRole(derivedRole,true);
                request.setUserInRole(rootRole,false);
            }
           
            setCertifacteForUser(testUserName, request);                       
            getProxy().doFilter(request, response, chain);           
            assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
            ctx = (SecurityContext)request.getSession(true).getAttribute(
                    HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);       
            assertNotNull(ctx);
            Authentication auth = ctx.getAuthentication();
            assertNotNull(auth);
            assertNull(SecurityContextHolder.getContext().getAuthentication());
            checkForAuthenticatedRole(auth);
            assertEquals(testUserName, auth.getPrincipal());
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
            assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));       
        }

        // unknown user
        for (org.geoserver.security.config.X509CertificateAuthenticationFilterConfig.J2EERoleSource rs :
            org.geoserver.security.config.X509CertificateAuthenticationFilterConfig.J2EERoleSource.values()) {
            config.setRoleSource(rs);
            getSecurityManager().saveFilter(config);

            config.setRoleSource(rs);
            request= createRequest("/foo/bar");
            response= new MockHttpServletResponse();
            chain = new MockFilterChain();
            if(rs==J2EERoleSource.J2EE) {               
                request.setUserInRole(derivedRole,false);
                request.setUserInRole(rootRole,false);
            }
            //TODO
            setCertifacteForUser("unknown", request);
            getProxy().doFilter(request, response, chain);           
            assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
            ctx = (SecurityContext)request.getSession(true).getAttribute(
                    HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);       
            assertNotNull(ctx);
            Authentication auth = ctx.getAuthentication();
            assertNotNull(auth);
            assertNull(SecurityContextHolder.getContext().getAuthentication());
            checkForAuthenticatedRole(auth);
            assertEquals("unknown", auth.getPrincipal());
        }

        // test disabled user
        updateUser("ug1", testUserName, false);
        config.setRoleSource(org.geoserver.security.config.X509CertificateAuthenticationFilterConfig.J2EERoleSource.UserGroupService);
        getSecurityManager().saveFilter(config);
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();
        setCertifacteForUser(testUserName, request);
        getProxy().doFilter(request, response, chain);           
        assertEquals(HttpServletResponse.SC_FORBIDDEN,response.getErrorCode());
        ctx = (SecurityContext)request.getSession(true).getAttribute(
                HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);       
        assertNull(ctx);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
       
        updateUser("ug1", testUserName, true);
       
        // Test anonymous
        insertAnonymousFilter();
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();                       
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        // Anonymous context is not stored in http session, no further testing
        removeAnonymousFilter();
View Full Code Here
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
        SecurityContextHolder.getContext().setAuthentication(null);
           
        // Test entry point, must be digest               
        MockHttpServletRequest request= createRequest("/foo/bar");
        MockHttpServletResponse response= new MockHttpServletResponse();
        MockFilterChain chain = new MockFilterChain();               
           
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_UNAUTHORIZED,response.getErrorCode());
        String tmp = response.getHeader("WWW-Authenticate");
        assertNotNull(tmp);
        assert(tmp.indexOf(GeoServerSecurityManager.REALM) !=-1 );
        assert(tmp.indexOf("Digest") !=-1 );
        SecurityContext ctx = (SecurityContext)request.getSession(true).getAttribute(
                    HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);       
        assertNull(ctx);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
       
       
        // test successful login for digest
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       

        String headerValue=clientDigestString(tmp, testUserName, testPassword, request.getMethod());
        request.addHeader("Authorization",  headerValue);
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
        ctx = (SecurityContext)request.getSession(true).getAttribute(
                HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);       
        assertNotNull(ctx);
        Authentication auth = ctx.getAuthentication();
        assertNotNull(auth);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        checkForAuthenticatedRole(auth);
        assertEquals(testUserName, ((UserDetails) auth.getPrincipal()).getUsername());
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole)));
        assertTrue(auth.getAuthorities().contains(new GeoServerRole(derivedRole)));
       
        // check success for basic authentication
        request= createRequest("/foo/bar");
        response= new MockHttpServletResponse();
        chain = new MockFilterChain();       

        request.addHeader("Authorization""Basic " +
                new String(Base64.encodeBytes((testUserName+":"+testPassword).getBytes())));
        getProxy().doFilter(request, response, chain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
View Full Code Here
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
       
        MockHttpServletRequest request= createRequest("/foo/bar?request=getCapabilities&a=b");
        request.setProtocol("https");
        MockHttpServletResponse response= new MockHttpServletResponse();
       
        MockFilterChain authchain = new MockFilterChain();                           
        getProxy().doFilter(request, response, authchain);
        assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());

        request= createRequest("/foo/bar?request=getCapabilities&a=b");       
        response= new MockHttpServletResponse();
       
        authchain = new MockFilterChain();                           
        getProxy().doFilter(request, response, authchain);
        assertTrue(response.wasRedirectSent());
        String urlString = response.getHeader("Location");
        assertNotNull(urlString);
        assertTrue(urlString.startsWith("https"));
View Full Code Here
20
21
22
23
24
25
26
27
28
29
30
   
    @Test
    public void testRetrieveSameOutputStream() throws Exception {
        MockHttpServletRequest request = new MockHttpServletRequest();
        MockHttpServletResponse response = new MockHttpServletResponse();
        MockFilterChain chain = new MockFilterChain() {
            @Override
            public void doFilter(ServletRequest request, ServletResponse response) throws IOException,
                    ServletException {
                // make sure repeated calls to get output stream give us back the same output stream,
                // e.g., that we're not creating a new wrapper each time
View Full Code Here
81
82
83
84
85
86
87
88
89
90
91
                }

                return os;
            }
        };
        MockFilterChain chain = new MockFilterChain() {
            @Override
            public void doFilter(ServletRequest request, ServletResponse response) throws IOException,
                    ServletException {
                ServletOutputStream os = response.getOutputStream();
                os.print("Some random text");
View Full Code Here
38
39
40
41
42
43
44
45
46
47
48
        MockServletContext context = new MockServletContext();
        context.setInitParameter("compressed-types", "text/plain");
        config.setupServletContext(context);
        filter.init(config);

        MockFilterChain chain = new MockFilterChain() {
            @Override
            public void doFilter(ServletRequest request, ServletResponse response) throws IOException,
                    ServletException {
                AlternativesResponseStream alternatives = (AlternativesResponseStream) response
                        .getOutputStream();
View Full Code Here
TOP

Related Classes of com.mockrunner.mock.web.MockFilterChain

  • org.apache.cayenne.conf.WebApplicationContextFilterTest
  • org.apache.cayenne.configuration.web.CayenneFilterTest
  • org.geoserver.filters.FlushSafeFilterTest
  • org.geoserver.filters.GZipFilterTest
  • org.geoserver.filters.ReverseProxyFilterTest
  • org.geoserver.flow.controller.IpBlacklistFilterTest
  • org.geoserver.monitor.MonitorFilterTest
  • org.geoserver.platform.AdvancedDispatchFilterTest
  • org.geoserver.security.auth.AuthenticationCacheFilterTest
  • org.geoserver.security.auth.AuthenticationFilterTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.