--- /dev/null
+/*
+ * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/DefaultPageTest.java,v 1.1 2003/06/09 12:07:06 maxcooper Exp $
+ * $Revision: 1.1 $
+ * $Date: 2003/06/09 12:07:06 $
+ *
+ * ====================================================================
+ * The SecurityFilter Software License, Version 1.1
+ *
+ * (this license is derived and fully compatible with the Apache Software
+ * License - see http://www.apache.org/LICENSE.txt)
+ *
+ * Copyright (c) 2002 SecurityFilter.org. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. The end-user documentation included with the redistribution,
+ * if any, must include the following acknowledgment:
+ * "This product includes software developed by
+ * SecurityFilter.org (http://www.securityfilter.org/)."
+ * Alternately, this acknowledgment may appear in the software itself,
+ * if and wherever such third-party acknowledgments normally appear.
+ *
+ * 4. The name "SecurityFilter" must not be used to endorse or promote
+ * products derived from this software without prior written permission.
+ * For written permission, please contact license@securityfilter.org .
+ *
+ * 5. Products derived from this software may not be called "SecurityFilter",
+ * nor may "SecurityFilter" appear in their name, without prior written
+ * permission of SecurityFilter.org.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE SECURITY FILTER PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * ====================================================================
+ */
+
+package org.securityfilter.test.http.form;
+
+import org.securityfilter.test.http.TestBase;
+import org.securityfilter.example.Constants;
+import com.meterware.httpunit.*;
+
+/**
+ * DefaultPageTest
+ *
+ * @author Max Cooper (max@maxcooper.com)
+ * @version $Revision: 1.1 $ $Date: 2003/06/09 12:07:06 $
+ */
+public class DefaultPageTest extends TestBase {
+
+ /**
+ * Constructor
+ *
+ * @param name
+ */
+ public DefaultPageTest(String name) {
+ super(name);
+ }
+
+ /**
+ * Test that the user is sent to the default page after they request the login page and login.
+ *
+ * Sequence of events:
+ * 1. ASSERT: baseUrl (set from base.url system property) is not null
+ * 2. request loginPage.jsp
+ * 3. ASSERT: response should be the login page
+ * 4. submit valid login credentials
+ * 5. ASSERT: response should be the default page (after auto-redirect)
+ *
+ * @throws Exception
+ */
+ public void testDefaultPageAfterLoginPage() throws Exception {
+ // make sure the baseUrl was set
+ assertBaseUrlIsSet();
+
+ // request the login page
+ WebConversation session = new WebConversation();
+ WebRequest request = new GetMethodWebRequest(baseUrl + "/loginForm.jsp");
+ WebResponse response = session.getResponse(request);
+
+ // make sure the response leads us to login page
+ String title = response.getTitle();
+ assertEquals(
+ "Expected login page, got:" + title,
+ Constants.LOGIN_TITLE,
+ title
+ );
+
+ // submit valid login credentials
+ WebForm loginForm = response.getFormWithID(Constants.LOGIN_FORM_ID);
+ loginForm.setParameter(Constants.LOGIN_USERNAME_FIELD, Constants.VALID_USERNAME);
+ loginForm.setParameter(Constants.LOGIN_PASSWORD_FIELD, Constants.VALID_PASSWORD);
+ response = session.getResponse(loginForm.getRequest());
+
+ // make sure the response leads to the default page (Home page -- index.jsp)
+ title = response.getTitle();
+ assertEquals(
+ "Expected home page, got:" + title,
+ Constants.HOME_TITLE,
+ title
+ );
+ }
+
+ /**
+ * Test that the user is sent to the default page after they spontaneously login.
+ *
+ * Sequence of events:
+ * 1. ASSERT: baseUrl (set from base.url system property) is not null
+ * 2. submit valid login credentials
+ * 3. ASSERT: response should be the default page (after auto-redirect)
+ *
+ * @throws Exception
+ */
+ public void testDefaultPageAfterSpontaneousLogin() throws Exception {
+ // make sure the baseUrl was set
+ assertBaseUrlIsSet();
+
+ // submit valid login credentials
+ WebConversation session = new WebConversation();
+ WebRequest request = new PostMethodWebRequest(baseUrl + "/j_security_check");
+ request.setParameter(Constants.LOGIN_USERNAME_FIELD, Constants.VALID_USERNAME);
+ request.setParameter(Constants.LOGIN_PASSWORD_FIELD, Constants.VALID_PASSWORD);
+ WebResponse response = session.getResponse(request);
+
+ // make sure the response leads to the default page (Home page -- index.jsp)
+ String title = response.getTitle();
+ assertEquals(
+ "Expected home page, got:" + title,
+ Constants.HOME_TITLE,
+ title
+ );
+ }
+}
/*
- * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/JustInTimeTest.java,v 1.1 2003/06/09 11:00:55 maxcooper Exp $
- * $Revision: 1.1 $
- * $Date: 2003/06/09 11:00:55 $
+ * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/JustInTimeTest.java,v 1.2 2003/06/09 12:07:06 maxcooper Exp $
+ * $Revision: 1.2 $
+ * $Date: 2003/06/09 12:07:06 $
*
* ====================================================================
* The SecurityFilter Software License, Version 1.1
/**
* JustInTimeTest - This tests basic just-in-time login behavior.
*
- * Sequence of events:
- * 1. ASSERT: baseUrl (set from base.url system property) is not null
- * 2. request securePage.jsp
- * 3. ASSERT: response should be the login page (after auto-redirect)
- * 4. submit valid login credentials
- * 5. ASSERT: response should be the secure page (after auto-redirect)
- *
* @author Max Cooper (max@maxcooper.com)
- * @version $Revision: 1.1 $ $Date: 2003/06/09 11:00:55 $
+ * @version $Revision: 1.2 $ $Date: 2003/06/09 12:07:06 $
*/
public class JustInTimeTest extends TestBase {
super(name);
}
+ /**
+ * Test that the user is asked to login before accessing a secure page.
+ *
+ * Sequence of events:
+ * 1. ASSERT: baseUrl (set from base.url system property) is not null
+ * 2. request securePage.jsp
+ * 3. ASSERT: response should be the login page (after auto-redirect)
+ * 4. submit valid login credentials
+ * 5. ASSERT: response should be the secure page (after auto-redirect)
+ *
+ * @throws Exception
+ */
public void testJustInTime() throws Exception {
// make sure the baseUrl was set
- assertNotNull("base.url is null", baseUrl);
+ assertBaseUrlIsSet();
// request the secure page
WebConversation session = new WebConversation();
projects / securityfilter.git / commitdiff