From: maxcooper Date: Mon, 9 Jun 2003 12:06:23 +0000 (+0000) Subject: tests to ensure that the user gets to the default page when they login spontaneously X-Git-Tag: rel-2_0-alpha1~74 X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=a13f9b50e04d44b4c31a225b654308f2aa4f2fb4;p=securityfilter.git tests to ensure that the user gets to the default page when they login spontaneously one test requests the login page first the other test simply submits a login request --- diff --git a/src/test/org/securityfilter/test/http/TestBase.java b/src/test/org/securityfilter/test/http/TestBase.java index 6127869..a1c573f 100644 --- a/src/test/org/securityfilter/test/http/TestBase.java +++ b/src/test/org/securityfilter/test/http/TestBase.java @@ -1,7 +1,7 @@ /* - * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/TestBase.java,v 1.1 2003/06/09 11:00:55 maxcooper Exp $ - * $Revision: 1.1 $ - * $Date: 2003/06/09 11:00:55 $ + * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/TestBase.java,v 1.2 2003/06/09 12:06:23 maxcooper Exp $ + * $Revision: 1.2 $ + * $Date: 2003/06/09 12:06:23 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 @@ -62,7 +62,7 @@ import junit.framework.TestCase; * TestBase * * @author Max Cooper (max@maxcooper.com) - * @version $Revision: 1.1 $ $Date: 2003/06/09 11:00:55 $ + * @version $Revision: 1.2 $ $Date: 2003/06/09 12:06:23 $ */ public class TestBase extends TestCase { @@ -85,4 +85,8 @@ public class TestBase extends TestCase { HttpUnitOptions.setExceptionsThrownOnErrorStatus(true); HttpUnitOptions.setMatchesIgnoreCase(true); } + + protected void assertBaseUrlIsSet() { + assertNotNull("base.url is null", baseUrl); + } } diff --git a/src/test/org/securityfilter/test/http/form/DefaultPageTest.java b/src/test/org/securityfilter/test/http/form/DefaultPageTest.java new file mode 100644 index 0000000..44349df --- /dev/null +++ b/src/test/org/securityfilter/test/http/form/DefaultPageTest.java @@ -0,0 +1,152 @@ +/* + * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/DefaultPageTest.java,v 1.1 2003/06/09 12:07:06 maxcooper Exp $ + * $Revision: 1.1 $ + * $Date: 2003/06/09 12:07:06 $ + * + * ==================================================================== + * The SecurityFilter Software License, Version 1.1 + * + * (this license is derived and fully compatible with the Apache Software + * License - see http://www.apache.org/LICENSE.txt) + * + * Copyright (c) 2002 SecurityFilter.org. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The end-user documentation included with the redistribution, + * if any, must include the following acknowledgment: + * "This product includes software developed by + * SecurityFilter.org (http://www.securityfilter.org/)." + * Alternately, this acknowledgment may appear in the software itself, + * if and wherever such third-party acknowledgments normally appear. + * + * 4. The name "SecurityFilter" must not be used to endorse or promote + * products derived from this software without prior written permission. + * For written permission, please contact license@securityfilter.org . + * + * 5. Products derived from this software may not be called "SecurityFilter", + * nor may "SecurityFilter" appear in their name, without prior written + * permission of SecurityFilter.org. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE SECURITY FILTER PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * ==================================================================== + */ + +package org.securityfilter.test.http.form; + +import org.securityfilter.test.http.TestBase; +import org.securityfilter.example.Constants; +import com.meterware.httpunit.*; + +/** + * DefaultPageTest + * + * @author Max Cooper (max@maxcooper.com) + * @version $Revision: 1.1 $ $Date: 2003/06/09 12:07:06 $ + */ +public class DefaultPageTest extends TestBase { + + /** + * Constructor + * + * @param name + */ + public DefaultPageTest(String name) { + super(name); + } + + /** + * Test that the user is sent to the default page after they request the login page and login. + * + * Sequence of events: + * 1. ASSERT: baseUrl (set from base.url system property) is not null + * 2. request loginPage.jsp + * 3. ASSERT: response should be the login page + * 4. submit valid login credentials + * 5. ASSERT: response should be the default page (after auto-redirect) + * + * @throws Exception + */ + public void testDefaultPageAfterLoginPage() throws Exception { + // make sure the baseUrl was set + assertBaseUrlIsSet(); + + // request the login page + WebConversation session = new WebConversation(); + WebRequest request = new GetMethodWebRequest(baseUrl + "/loginForm.jsp"); + WebResponse response = session.getResponse(request); + + // make sure the response leads us to login page + String title = response.getTitle(); + assertEquals( + "Expected login page, got:" + title, + Constants.LOGIN_TITLE, + title + ); + + // submit valid login credentials + WebForm loginForm = response.getFormWithID(Constants.LOGIN_FORM_ID); + loginForm.setParameter(Constants.LOGIN_USERNAME_FIELD, Constants.VALID_USERNAME); + loginForm.setParameter(Constants.LOGIN_PASSWORD_FIELD, Constants.VALID_PASSWORD); + response = session.getResponse(loginForm.getRequest()); + + // make sure the response leads to the default page (Home page -- index.jsp) + title = response.getTitle(); + assertEquals( + "Expected home page, got:" + title, + Constants.HOME_TITLE, + title + ); + } + + /** + * Test that the user is sent to the default page after they spontaneously login. + * + * Sequence of events: + * 1. ASSERT: baseUrl (set from base.url system property) is not null + * 2. submit valid login credentials + * 3. ASSERT: response should be the default page (after auto-redirect) + * + * @throws Exception + */ + public void testDefaultPageAfterSpontaneousLogin() throws Exception { + // make sure the baseUrl was set + assertBaseUrlIsSet(); + + // submit valid login credentials + WebConversation session = new WebConversation(); + WebRequest request = new PostMethodWebRequest(baseUrl + "/j_security_check"); + request.setParameter(Constants.LOGIN_USERNAME_FIELD, Constants.VALID_USERNAME); + request.setParameter(Constants.LOGIN_PASSWORD_FIELD, Constants.VALID_PASSWORD); + WebResponse response = session.getResponse(request); + + // make sure the response leads to the default page (Home page -- index.jsp) + String title = response.getTitle(); + assertEquals( + "Expected home page, got:" + title, + Constants.HOME_TITLE, + title + ); + } +} diff --git a/src/test/org/securityfilter/test/http/form/JustInTimeTest.java b/src/test/org/securityfilter/test/http/form/JustInTimeTest.java index a2beab1..9e7f1e4 100644 --- a/src/test/org/securityfilter/test/http/form/JustInTimeTest.java +++ b/src/test/org/securityfilter/test/http/form/JustInTimeTest.java @@ -1,7 +1,7 @@ /* - * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/JustInTimeTest.java,v 1.1 2003/06/09 11:00:55 maxcooper Exp $ - * $Revision: 1.1 $ - * $Date: 2003/06/09 11:00:55 $ + * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/JustInTimeTest.java,v 1.2 2003/06/09 12:07:06 maxcooper Exp $ + * $Revision: 1.2 $ + * $Date: 2003/06/09 12:07:06 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 @@ -62,15 +62,8 @@ import org.securityfilter.test.http.TestBase; /** * JustInTimeTest - This tests basic just-in-time login behavior. * - * Sequence of events: - * 1. ASSERT: baseUrl (set from base.url system property) is not null - * 2. request securePage.jsp - * 3. ASSERT: response should be the login page (after auto-redirect) - * 4. submit valid login credentials - * 5. ASSERT: response should be the secure page (after auto-redirect) - * * @author Max Cooper (max@maxcooper.com) - * @version $Revision: 1.1 $ $Date: 2003/06/09 11:00:55 $ + * @version $Revision: 1.2 $ $Date: 2003/06/09 12:07:06 $ */ public class JustInTimeTest extends TestBase { @@ -83,9 +76,21 @@ public class JustInTimeTest extends TestBase { super(name); } + /** + * Test that the user is asked to login before accessing a secure page. + * + * Sequence of events: + * 1. ASSERT: baseUrl (set from base.url system property) is not null + * 2. request securePage.jsp + * 3. ASSERT: response should be the login page (after auto-redirect) + * 4. submit valid login credentials + * 5. ASSERT: response should be the secure page (after auto-redirect) + * + * @throws Exception + */ public void testJustInTime() throws Exception { // make sure the baseUrl was set - assertNotNull("base.url is null", baseUrl); + assertBaseUrlIsSet(); // request the secure page WebConversation session = new WebConversation();