From 280a0ca3792c2b4dbc26eecfcee99f32e700bb60 Mon Sep 17 00:00:00 2001 From: markt Date: Thu, 3 Mar 2011 19:13:52 +0000 Subject: [PATCH] Test that individual roles are correctly handled git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1076731 13f79535-47bb-0310-9956-ffa450edef68 --- .../apache/catalina/core/TestStandardWrapper.java | 63 ++++++++++++++++++---- .../apache/catalina/startup/TomcatBaseTest.java | 38 +++++++++++++ 2 files changed, 92 insertions(+), 9 deletions(-) diff --git a/test/org/apache/catalina/core/TestStandardWrapper.java b/test/org/apache/catalina/core/TestStandardWrapper.java index f059fe049..c5efae461 100644 --- a/test/org/apache/catalina/core/TestStandardWrapper.java +++ b/test/org/apache/catalina/core/TestStandardWrapper.java @@ -18,6 +18,10 @@ package org.apache.catalina.core; import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; import javax.servlet.ServletException; import javax.servlet.annotation.HttpConstraint; @@ -30,6 +34,9 @@ import javax.servlet.http.HttpServletResponse; import org.apache.catalina.Context; import org.apache.catalina.Wrapper; +import org.apache.catalina.authenticator.BasicAuthenticator; +import org.apache.catalina.deploy.LoginConfig; +import org.apache.catalina.startup.TestTomcat.MapRealm; import org.apache.catalina.startup.Tomcat; import org.apache.catalina.startup.TomcatBaseTest; import org.apache.tomcat.util.buf.ByteChunk; @@ -37,27 +44,35 @@ import org.apache.tomcat.util.buf.ByteChunk; public class TestStandardWrapper extends TomcatBaseTest { public void testSecurityAnnotationsSimple() throws Exception { - doTest(DenyAllServlet.class.getName(), false, false); + doTest(DenyAllServlet.class.getName(), false, false, false); } public void testSecurityAnnotationsSubclass1() throws Exception { - doTest(SubclassDenyAllServlet.class.getName(), false, false); + doTest(SubclassDenyAllServlet.class.getName(), false, false, false); } public void testSecurityAnnotationsSubclass2() throws Exception { - doTest(SubclassAllowAllServlet.class.getName(), false, true); + doTest(SubclassAllowAllServlet.class.getName(), false, false, true); } public void testSecurityAnnotationsMethods1() throws Exception { - doTest(MethodConstraintServlet.class.getName(), false, false); + doTest(MethodConstraintServlet.class.getName(), false, false, false); } public void testSecurityAnnotationsMethods2() throws Exception { - doTest(MethodConstraintServlet.class.getName(), true, true); + doTest(MethodConstraintServlet.class.getName(), true, false, true); + } + + public void testSecurityAnnotationsRole1() throws Exception { + doTest(RoleAllowServlet.class.getName(), false, true, true); + } + + public void testSecurityAnnotationsRole2() throws Exception { + doTest(RoleDenyServlet.class.getName(), false, true, false); } private void doTest(String servletClassName, boolean usePost, - boolean expect200) throws Exception { + boolean useRole, boolean expect200) throws Exception { // Setup Tomcat instance Tomcat tomcat = getTomcatInstance(); @@ -70,15 +85,35 @@ public class TestStandardWrapper extends TomcatBaseTest { wrapper.setAsyncSupported(true); ctx.addServletMapping("/", "servlet"); + if (useRole) { + MapRealm realm = new MapRealm(); + realm.addUser("testUser", "testPwd"); + realm.addUserRole("testUser", "testRole"); + ctx.setRealm(realm); + + ctx.setLoginConfig(new LoginConfig("BASIC", null, null, null)); + ctx.getPipeline().addValve(new BasicAuthenticator()); + } + tomcat.start(); - // Call the servlet once ByteChunk bc = new ByteChunk(); + Map> reqHeaders = null; + if (useRole) { + reqHeaders = new HashMap>(); + List authHeaders = new ArrayList(); + // testUser, testPwd + authHeaders.add("Basic dGVzdFVzZXI6dGVzdFB3ZA=="); + reqHeaders.put("Authorization", authHeaders); + } + int rc; if (usePost) { - rc = postUrl(null, "http://localhost:" + getPort() + "/", bc, null); + rc = postUrl(null, "http://localhost:" + getPort() + "/", bc, + reqHeaders, null); } else { - rc = getUrl("http://localhost:" + getPort() + "/", bc, null); + rc = getUrl("http://localhost:" + getPort() + "/", bc, reqHeaders, + null); } if (expect200) { @@ -131,4 +166,14 @@ public class TestStandardWrapper extends TomcatBaseTest { public static class MethodConstraintServlet extends TestServlet { private static final long serialVersionUID = 1L; } + + @ServletSecurity(@HttpConstraint(rolesAllowed = "testRole")) + public static class RoleAllowServlet extends TestServlet { + private static final long serialVersionUID = 1L; + } + + @ServletSecurity(@HttpConstraint(rolesAllowed = "otherRole")) + public static class RoleDenyServlet extends TestServlet { + private static final long serialVersionUID = 1L; + } } diff --git a/test/org/apache/catalina/startup/TomcatBaseTest.java b/test/org/apache/catalina/startup/TomcatBaseTest.java index ee4aa48e7..21a499a80 100644 --- a/test/org/apache/catalina/startup/TomcatBaseTest.java +++ b/test/org/apache/catalina/startup/TomcatBaseTest.java @@ -183,11 +183,30 @@ public abstract class TomcatBaseTest extends TestCase { public static int getUrl(String path, ByteChunk out, Map> resHead) throws IOException { + return getUrl(path, out, null, resHead); + } + + public static int getUrl(String path, ByteChunk out, + Map> reqHead, + Map> resHead) throws IOException { URL url = new URL(path); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setReadTimeout(1000000); + if (reqHead != null) { + for (Map.Entry> entry : reqHead.entrySet()) { + StringBuilder valueList = new StringBuilder(); + for (String value : entry.getValue()) { + if (valueList.length() > 0) { + valueList.append(','); + } + valueList.append(value); + } + connection.setRequestProperty(entry.getKey(), + valueList.toString()); + } + } connection.connect(); int rc = connection.getResponseCode(); if (resHead != null) { @@ -226,12 +245,31 @@ public abstract class TomcatBaseTest extends TestCase { public static int postUrl(byte[] body, String path, ByteChunk out, Map> resHead) throws IOException { + return postUrl(body, path, out, null, resHead); + } + + public static int postUrl(byte[] body, String path, ByteChunk out, + Map> reqHead, + Map> resHead) throws IOException { URL url = new URL(path); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setDoOutput(true); connection.setReadTimeout(1000000); + if (reqHead != null) { + for (Map.Entry> entry : reqHead.entrySet()) { + StringBuilder valueList = new StringBuilder(); + for (String value : entry.getValue()) { + if (valueList.length() > 0) { + valueList.append(','); + } + valueList.append(value); + } + connection.setRequestProperty(entry.getKey(), + valueList.toString()); + } + } connection.connect(); // Write the request body -- 2.11.0