[OpenbravoERP-commits] devel/pi: Verifies issue 37667: Cookie should be regenerated whe...

Tue, 20 Feb 2018 01:49:48 -0800 

details:   https://code.openbravo.com/erp/devel/pi/rev/1f779d1c4bf0
changeset: 33492:1f779d1c4bf0
user:      Jorge Garcia <jorge.garcia <at> openbravo.com>
date:      Tue Feb 20 10:48:55 2018 +0100
summary:   Verifies issue 37667: Cookie should be regenerated when logging in 
the application

Added ResetCookieOnLogin test.

diffstat:

 src-test/src/org/openbravo/test/AllWebserviceTests.java            |   4 +-
 src-test/src/org/openbravo/test/datasource/ResetCookieOnLogin.java |  70 
++++++++++
 2 files changed, 73 insertions(+), 1 deletions(-)

diffs (95 lines):

diff -r b13652428b1c -r 1f779d1c4bf0 
src-test/src/org/openbravo/test/AllWebserviceTests.java
--- a/src-test/src/org/openbravo/test/AllWebserviceTests.java   Fri Feb 09 
18:44:25 2018 -0500
+++ b/src-test/src/org/openbravo/test/AllWebserviceTests.java   Tue Feb 20 
10:48:55 2018 +0100
@@ -34,6 +34,7 @@
 import org.openbravo.test.datasource.OrganizationSelectorDataSourceTest;
 import org.openbravo.test.datasource.OtherDatasourceRequests;
 import org.openbravo.test.datasource.ProductSelectorDataSourceTest;
+import org.openbravo.test.datasource.ResetCookieOnLogin;
 import org.openbravo.test.datasource.SelectorFieldPropertySelectorDSTest;
 import org.openbravo.test.datasource.SelectorPickListFieldsDataSourceTest;
 import org.openbravo.test.datasource.TestAllowUnpagedDatasourcePreference;
@@ -90,7 +91,8 @@
     UserInfoSessionDataTest.class, //
     LinkToParentTreeDataSourceTest.class, //
     OtherDatasourceRequests.class, //
-    NonIdForeignKeyFilters.class //
+    NonIdForeignKeyFilters.class, //
+    ResetCookieOnLogin.class //
 })
 public class AllWebserviceTests {
 }
diff -r b13652428b1c -r 1f779d1c4bf0 
src-test/src/org/openbravo/test/datasource/ResetCookieOnLogin.java
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/src-test/src/org/openbravo/test/datasource/ResetCookieOnLogin.java        
Tue Feb 20 10:48:55 2018 +0100
@@ -0,0 +1,70 @@
+/*
+ *************************************************************************
+ * The contents of this file are subject to the Openbravo  Public  License
+ * Version  1.1  (the  "License"),  being   the  Mozilla   Public  License
+ * Version 1.1  with a permitted attribution clause; you may not  use this
+ * file except in compliance with the License. You  may  obtain  a copy of
+ * the License at http://www.openbravo.com/legal/license.html
+ * Software distributed under the License  is  distributed  on  an "AS IS"
+ * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
+ * License for the specific  language  governing  rights  and  limitations
+ * under the License.
+ * The Original Code is Openbravo ERP.
+ * The Initial Developer of the Original Code is Openbravo SLU
+ * All portions are Copyright (C) 2018 Openbravo SLU
+ * All Rights Reserved.
+ * Contributor(s):  ______________________________________.
+ ************************************************************************
+ */
+
+package org.openbravo.test.datasource;
+
+import java.io.OutputStream;
+import java.net.HttpURLConnection;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.junit.Test;
+import org.openbravo.base.exception.OBException;
+
+/**
+ * Test case to ensure the cookie is regenerated each time the user log in the 
application
+ *
+ * @author jorge.garcia
+ *
+ */
+public class ResetCookieOnLogin extends BaseDataSourceTestDal {
+  private String cookie;
+  private String JSESSIONID1;
+  private String JSESSIONID2;
+
+  @Test
+  public void roleShouldBeResetOnLogin() throws Exception {
+    Matcher matcher;
+    String pattern = "JSESSIONID=([a-zA-Z0-9]+).*";
+    final HttpURLConnection hc = 
DatasourceTestUtil.createConnection(getOpenbravoURL(),
+        "/security/Login_FS.html", "GET", null);
+    final OutputStream os = hc.getOutputStream();
+    os.flush();
+    os.close();
+    hc.connect();
+    cookie = hc.getHeaderField("Set-Cookie");
+    matcher = Pattern.compile(pattern).matcher(cookie);
+    if (!matcher.find()) {
+      throw new OBException("No JSESSIONID found in cookie");
+    }
+    JSESSIONID1 = matcher.group(1);
+    cookie = DatasourceTestUtil.authenticate(getOpenbravoURL(), getLogin(), 
getPassword());
+    matcher = Pattern.compile(pattern).matcher(cookie);
+    if (!matcher.find()) {
+      throw new OBException("No JSESSIONID found in cookie");
+    }
+    JSESSIONID2 = matcher.group(1);
+
+    if (JSESSIONID1.equals(JSESSIONID2)) {
+      throw new OBException("JSESSIONID after loginshould be different from: " 
+ JSESSIONID1);
+    }
+
+  }
+
+}

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openbravo-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openbravo-commits

Reply via email to