Author: bdelacretaz Date: Tue Nov 5 15:17:18 2013 New Revision: 1539025 URL: http://svn.apache.org/r1539025 Log: SLING-3221 - Use JackrabbitOnly category to disable tests that fail on Oak
Modified: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java Modified: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java?rev=1539025&r1=1539024&r2=1539025&view=diff ============================================================================== --- sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java (original) +++ sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/auth/AuthenticationResponseCodeTest.java Tue Nov 5 15:17:18 2013 @@ -16,6 +16,10 @@ */ package org.apache.sling.launchpad.webapp.integrationtest.auth; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + import java.io.IOException; import java.net.URL; import java.util.ArrayList; @@ -31,48 +35,70 @@ import org.apache.commons.httpclient.Use import org.apache.commons.httpclient.auth.AuthScope; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.httpclient.methods.PostMethod; -import org.apache.sling.commons.testing.integration.HttpTestBase; +import org.apache.sling.commons.testing.integration.HttpTest; +import org.apache.sling.commons.testing.junit.categories.JackrabbitOnly; +import org.junit.After; +import org.junit.Before; +import org.junit.Test; +import org.junit.experimental.categories.Category; /** * Test of the response code from an authentication request depending on various * request parameters and headers including j_validate, Ajax detection, and * non-browser client detection. */ -public class AuthenticationResponseCodeTest extends HttpTestBase { - +public class AuthenticationResponseCodeTest { + + private final HttpTest H = new HttpTest(); + + @Before + public void setup() throws Exception { + H.setUp(); + } + + @After + public void cleanup() throws Exception { + H.tearDown(); + } + + @Test + @Category(JackrabbitOnly.class) // TODO: fails on Oak public void testValidatingCorrectFormCredentials() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_username", "admin")); params.add(new NameValuePair("j_password", "admin")); params.add(new NameValuePair("j_validate", "true")); - HttpMethod post = assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_OK, params, null); + HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_OK, params, null); assertTrue(post.getResponseBodyAsString().length() == 0); List<NameValuePair> params2 = new ArrayList<NameValuePair>(); params2.add(new NameValuePair("j_validate", "true")); - HttpMethod post2 = assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_OK, params2, null); + HttpMethod post2 = H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_OK, params2, null); assertTrue(post2.getResponseBodyAsString().length() == 0); } + @Test public void testValidatingCorrectHttpBasicCredentials() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_validate", "true")); - HttpMethod post = assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_OK, params, null); + HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_OK, params, null); assertTrue(post.getResponseBodyAsString().length() == 0); - HttpMethod get = assertHttpStatus(HTTP_BASE_URL + "/?j_validate=true", HttpServletResponse.SC_OK); + HttpMethod get = H.assertHttpStatus(HttpTest.HTTP_BASE_URL + "/?j_validate=true", HttpServletResponse.SC_OK); assertTrue(get.getResponseBodyAsString().length() == 0); } + @Test public void testValidatingIncorrectCredentials() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_username", "garbage")); params.add(new NameValuePair("j_password", "garbage")); params.add(new NameValuePair("j_validate", "true")); - HttpMethod post = assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null); + HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null); assertNotNull(post.getResponseHeader("X-Reason")); } + @Test public void testValidatingIncorrectCookie() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_validate", "true")); @@ -80,47 +106,50 @@ public class AuthenticationResponseCodeT List<Header> headers = new ArrayList<Header>(); headers.add(new Header("Cookie", "sling.formauth=garbage")); - HttpMethod post = assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, headers, null); + HttpMethod post = assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, headers, null); assertXReason(post); } + @Test public void testValidatingIncorrectHttpBasicCredentials() throws Exception { // assume http and webdav are on the same host + port - URL url = new URL(HTTP_BASE_URL); + URL url = new URL(HttpTest.HTTP_BASE_URL); Credentials defaultcreds = new UsernamePasswordCredentials("garbage", "garbage"); - httpClient.getState().setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds); + H.getHttpClient().getState().setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds); List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_validate", "true")); - HttpMethod post = assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null); + HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null); assertXReason(post); - HttpMethod get = assertHttpStatus(HTTP_BASE_URL + "/?j_validate=true", HttpServletResponse.SC_FORBIDDEN); + HttpMethod get = H.assertHttpStatus(HttpTest.HTTP_BASE_URL + "/?j_validate=true", HttpServletResponse.SC_FORBIDDEN); assertXReason(get); } + @Test public void testPreventLoopIncorrectHttpBasicCredentials() throws Exception { // assume http and webdav are on the same host + port - URL url = new URL(HTTP_BASE_URL); + URL url = new URL(HttpTest.HTTP_BASE_URL); Credentials defaultcreds = new UsernamePasswordCredentials("garbage", "garbage"); - httpClient.getState().setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds); + H.getHttpClient().getState().setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds); - final String requestUrl = HTTP_BASE_URL + "/junk?param1=1"; + final String requestUrl = HttpTest.HTTP_BASE_URL + "/junk?param1=1"; HttpMethod get = new GetMethod(requestUrl); get.setRequestHeader("Referer", requestUrl); get.setRequestHeader("User-Agent", "Mozilla/5.0 Sling Integration Test"); - int status = httpClient.executeMethod(get); + int status = H.getHttpClient().executeMethod(get); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, status); } + @Test public void testPreventLoopIncorrectFormCredentials() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_username", "garbage")); params.add(new NameValuePair("j_password", "garbage")); - final String requestUrl = HTTP_BASE_URL + "/j_security_check"; + final String requestUrl = HttpTest.HTTP_BASE_URL + "/j_security_check"; List<Header> headers = new ArrayList<Header>(); headers.add(new Header("Referer", requestUrl)); headers.add(new Header("User-Agent", "Mozilla/5.0 Sling Integration Test")); @@ -130,6 +159,7 @@ public class AuthenticationResponseCodeT assertEquals("Username and Password do not match", post.getResponseHeader("X-Reason").getValue()); } + @Test public void testXRequestedWithIncorrectCredentials() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_username", "garbage")); @@ -139,13 +169,14 @@ public class AuthenticationResponseCodeT headers.add(new Header("X-Requested-With", "XMLHttpRequest")); headers.add(new Header("User-Agent", "Mozilla/5.0 Sling Integration Test")); - HttpMethod post = assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, + HttpMethod post = assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, headers, null); assertNotNull(post.getResponseHeader("X-Reason")); assertEquals("Username and Password do not match", post.getResponseHeader("X-Reason").getValue()); } // this method assumes the use of the selector auth bundle + @Test public void testWithAcceptHeaderIncorrectCredentials() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_username", "garbage")); @@ -155,24 +186,26 @@ public class AuthenticationResponseCodeT List<Header> headers = new ArrayList<Header>(); headers.add(new Header("User-Agent", "Mozilla/5.0 Sling Integration Test")); - HttpMethod post = assertPostStatus(HTTP_BASE_URL + "/j_security_check", + HttpMethod post = assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_MOVED_TEMPORARILY, params, headers, null); final String location = post.getResponseHeader("Location").getValue(); assertNotNull(location); - assertTrue(location.startsWith(HTTP_BASE_URL + "/system/sling/selector/login?")); + assertTrue(location.startsWith(HttpTest.HTTP_BASE_URL + "/system/sling/selector/login?")); assertTrue(location.contains("resource=%2F")); assertTrue(location.contains("j_reason=INVALID_CREDENTIALS")); } + @Test public void testWithoutAcceptHeaderIncorrectCredentials() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_username", "garbage")); params.add(new NameValuePair("j_password", "garbage")); - assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_UNAUTHORIZED, params, null); + H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_UNAUTHORIZED, params, null); } + @Test public void testWithNonHtmlAcceptHeaderIncorrectCredentials() throws Exception { List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_username", "garbage")); @@ -181,7 +214,7 @@ public class AuthenticationResponseCodeT List<Header> headers = new ArrayList<Header>(); headers.add(new Header("User-Agent", "Mozilla/5.0 Sling Integration Test")); - assertPostStatus(HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_UNAUTHORIZED, params, null); + H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_UNAUTHORIZED, params, null); } // TODO - move this method into commons.testing @@ -201,7 +234,7 @@ public class AuthenticationResponseCodeT post.setRequestBody(postParams.toArray(nvp)); } - final int status = httpClient.executeMethod(post); + final int status = H.getHttpClient().executeMethod(post); if (assertMessage == null) { assertEquals(expectedStatusCode, status); } else {