Author: bdelacretaz
Date: Tue Nov 5 15:17:18 2013
New Revision: 1539025
URL: http://svn.apache.org/r1539025
Log:
SLING-3221 - Use JackrabbitOnly category to disable tests that fail on Oak
Modified:
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java
Modified:
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java
URL:
http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java?rev=1539025&r1=1539024&r2=1539025&view=diff
==============================================================================
---
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java
(original)
+++
sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java
Tue Nov 5 15:17:18 2013
@@ -16,6 +16,10 @@
*/
package org.apache.sling.launchpad.webapp.integrationtest.auth;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
@@ -31,48 +35,70 @@ import org.apache.commons.httpclient.Use
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
-import org.apache.sling.commons.testing.integration.HttpTestBase;
+import org.apache.sling.commons.testing.integration.HttpTest;
+import org.apache.sling.commons.testing.junit.categories.JackrabbitOnly;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
/**
* Test of the response code from an authentication request depending on
various
* request parameters and headers including j_validate, Ajax detection, and
* non-browser client detection.
*/
-public class AuthenticationResponseCodeTest extends HttpTestBase {
-
+public class AuthenticationResponseCodeTest {
+
+ private final HttpTest H = new HttpTest();
+
+ @Before
+ public void setup() throws Exception {
+ H.setUp();
+ }
+
+ @After
+ public void cleanup() throws Exception {
+ H.tearDown();
+ }
+
+ @Test
+ @Category(JackrabbitOnly.class) // TODO: fails on Oak
public void testValidatingCorrectFormCredentials() throws Exception {
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_username", "admin"));
params.add(new NameValuePair("j_password", "admin"));
params.add(new NameValuePair("j_validate", "true"));
- HttpMethod post = assertPostStatus(HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_OK, params, null);
+ HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_OK, params, null);
assertTrue(post.getResponseBodyAsString().length() == 0);
List<NameValuePair> params2 = new ArrayList<NameValuePair>();
params2.add(new NameValuePair("j_validate", "true"));
- HttpMethod post2 = assertPostStatus(HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_OK, params2, null);
+ HttpMethod post2 = H.assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_OK, params2, null);
assertTrue(post2.getResponseBodyAsString().length() == 0);
}
+ @Test
public void testValidatingCorrectHttpBasicCredentials() throws Exception {
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_validate", "true"));
- HttpMethod post = assertPostStatus(HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_OK, params, null);
+ HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_OK, params, null);
assertTrue(post.getResponseBodyAsString().length() == 0);
- HttpMethod get = assertHttpStatus(HTTP_BASE_URL + "/?j_validate=true",
HttpServletResponse.SC_OK);
+ HttpMethod get = H.assertHttpStatus(HttpTest.HTTP_BASE_URL +
"/?j_validate=true", HttpServletResponse.SC_OK);
assertTrue(get.getResponseBodyAsString().length() == 0);
}
+ @Test
public void testValidatingIncorrectCredentials() throws Exception {
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_username", "garbage"));
params.add(new NameValuePair("j_password", "garbage"));
params.add(new NameValuePair("j_validate", "true"));
- HttpMethod post = assertPostStatus(HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null);
+ HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null);
assertNotNull(post.getResponseHeader("X-Reason"));
}
+ @Test
public void testValidatingIncorrectCookie() throws Exception {
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_validate", "true"));
@@ -80,47 +106,50 @@ public class AuthenticationResponseCodeT
List<Header> headers = new ArrayList<Header>();
headers.add(new Header("Cookie", "sling.formauth=garbage"));
- HttpMethod post = assertPostStatus(HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, headers, null);
+ HttpMethod post = assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, headers, null);
assertXReason(post);
}
+ @Test
public void testValidatingIncorrectHttpBasicCredentials() throws Exception
{
// assume http and webdav are on the same host + port
- URL url = new URL(HTTP_BASE_URL);
+ URL url = new URL(HttpTest.HTTP_BASE_URL);
Credentials defaultcreds = new UsernamePasswordCredentials("garbage",
"garbage");
- httpClient.getState().setCredentials(new AuthScope(url.getHost(),
url.getPort(), AuthScope.ANY_REALM), defaultcreds);
+ H.getHttpClient().getState().setCredentials(new
AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds);
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_validate", "true"));
- HttpMethod post = assertPostStatus(HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null);
+ HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null);
assertXReason(post);
- HttpMethod get = assertHttpStatus(HTTP_BASE_URL + "/?j_validate=true",
HttpServletResponse.SC_FORBIDDEN);
+ HttpMethod get = H.assertHttpStatus(HttpTest.HTTP_BASE_URL +
"/?j_validate=true", HttpServletResponse.SC_FORBIDDEN);
assertXReason(get);
}
+ @Test
public void testPreventLoopIncorrectHttpBasicCredentials() throws
Exception {
// assume http and webdav are on the same host + port
- URL url = new URL(HTTP_BASE_URL);
+ URL url = new URL(HttpTest.HTTP_BASE_URL);
Credentials defaultcreds = new UsernamePasswordCredentials("garbage",
"garbage");
- httpClient.getState().setCredentials(new AuthScope(url.getHost(),
url.getPort(), AuthScope.ANY_REALM), defaultcreds);
+ H.getHttpClient().getState().setCredentials(new
AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds);
- final String requestUrl = HTTP_BASE_URL + "/junk?param1=1";
+ final String requestUrl = HttpTest.HTTP_BASE_URL + "/junk?param1=1";
HttpMethod get = new GetMethod(requestUrl);
get.setRequestHeader("Referer", requestUrl);
get.setRequestHeader("User-Agent", "Mozilla/5.0 Sling Integration
Test");
- int status = httpClient.executeMethod(get);
+ int status = H.getHttpClient().executeMethod(get);
assertEquals(HttpServletResponse.SC_UNAUTHORIZED, status);
}
+ @Test
public void testPreventLoopIncorrectFormCredentials() throws Exception {
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_username", "garbage"));
params.add(new NameValuePair("j_password", "garbage"));
- final String requestUrl = HTTP_BASE_URL + "/j_security_check";
+ final String requestUrl = HttpTest.HTTP_BASE_URL + "/j_security_check";
List<Header> headers = new ArrayList<Header>();
headers.add(new Header("Referer", requestUrl));
headers.add(new Header("User-Agent", "Mozilla/5.0 Sling Integration
Test"));
@@ -130,6 +159,7 @@ public class AuthenticationResponseCodeT
assertEquals("Username and Password do not match",
post.getResponseHeader("X-Reason").getValue());
}
+ @Test
public void testXRequestedWithIncorrectCredentials() throws Exception {
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_username", "garbage"));
@@ -139,13 +169,14 @@ public class AuthenticationResponseCodeT
headers.add(new Header("X-Requested-With", "XMLHttpRequest"));
headers.add(new Header("User-Agent", "Mozilla/5.0 Sling Integration
Test"));
- HttpMethod post = assertPostStatus(HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN,
+ HttpMethod post = assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN,
params, headers, null);
assertNotNull(post.getResponseHeader("X-Reason"));
assertEquals("Username and Password do not match",
post.getResponseHeader("X-Reason").getValue());
}
// this method assumes the use of the selector auth bundle
+ @Test
public void testWithAcceptHeaderIncorrectCredentials() throws Exception {
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_username", "garbage"));
@@ -155,24 +186,26 @@ public class AuthenticationResponseCodeT
List<Header> headers = new ArrayList<Header>();
headers.add(new Header("User-Agent", "Mozilla/5.0 Sling Integration
Test"));
- HttpMethod post = assertPostStatus(HTTP_BASE_URL + "/j_security_check",
+ HttpMethod post = assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check",
HttpServletResponse.SC_MOVED_TEMPORARILY, params, headers,
null);
final String location = post.getResponseHeader("Location").getValue();
assertNotNull(location);
- assertTrue(location.startsWith(HTTP_BASE_URL +
"/system/sling/selector/login?"));
+ assertTrue(location.startsWith(HttpTest.HTTP_BASE_URL +
"/system/sling/selector/login?"));
assertTrue(location.contains("resource=%2F"));
assertTrue(location.contains("j_reason=INVALID_CREDENTIALS"));
}
+ @Test
public void testWithoutAcceptHeaderIncorrectCredentials() throws Exception
{
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_username", "garbage"));
params.add(new NameValuePair("j_password", "garbage"));
- assertPostStatus(HTTP_BASE_URL + "/j_security_check",
HttpServletResponse.SC_UNAUTHORIZED, params, null);
+ H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check",
HttpServletResponse.SC_UNAUTHORIZED, params, null);
}
+ @Test
public void testWithNonHtmlAcceptHeaderIncorrectCredentials() throws
Exception {
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new NameValuePair("j_username", "garbage"));
@@ -181,7 +214,7 @@ public class AuthenticationResponseCodeT
List<Header> headers = new ArrayList<Header>();
headers.add(new Header("User-Agent", "Mozilla/5.0 Sling Integration
Test"));
- assertPostStatus(HTTP_BASE_URL + "/j_security_check",
HttpServletResponse.SC_UNAUTHORIZED, params, null);
+ H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check",
HttpServletResponse.SC_UNAUTHORIZED, params, null);
}
// TODO - move this method into commons.testing
@@ -201,7 +234,7 @@ public class AuthenticationResponseCodeT
post.setRequestBody(postParams.toArray(nvp));
}
- final int status = httpClient.executeMethod(post);
+ final int status = H.getHttpClient().executeMethod(post);
if (assertMessage == null) {
assertEquals(expectedStatusCode, status);
} else {
