From 2fb26f692349cfe9d5655384cfaa2dffa156c411 Mon Sep 17 00:00:00 2001 From: maxcooper Date: Tue, 10 Jun 2003 12:11:26 +0000 Subject: [PATCH] refactored some functionality into the TestBase class --- .../org/securityfilter/test/http/TestBase.java | 54 ++++++++++++++++------ .../test/http/form/DefaultPageTest.java | 29 +++--------- .../test/http/form/JustInTimeTest.java | 21 +++------ .../test/http/form/PathTricksTest.java | 43 ++++------------- .../org/securityfilter/test/http/form/UTFTest.java | 29 +++--------- 5 files changed, 67 insertions(+), 109 deletions(-) diff --git a/src/test/org/securityfilter/test/http/TestBase.java b/src/test/org/securityfilter/test/http/TestBase.java index 9b311cc..c04bfea 100644 --- a/src/test/org/securityfilter/test/http/TestBase.java +++ b/src/test/org/securityfilter/test/http/TestBase.java @@ -1,7 +1,7 @@ /* - * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/TestBase.java,v 1.3 2003/06/10 11:29:33 maxcooper Exp $ - * $Revision: 1.3 $ - * $Date: 2003/06/10 11:29:33 $ + * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/TestBase.java,v 1.4 2003/06/10 12:11:26 maxcooper Exp $ + * $Revision: 1.4 $ + * $Date: 2003/06/10 12:11:26 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 @@ -63,7 +63,7 @@ import org.securityfilter.example.Constants; * TestBase * * @author Max Cooper (max@maxcooper.com) - * @version $Revision: 1.3 $ $Date: 2003/06/10 11:29:33 $ + * @version $Revision: 1.4 $ $Date: 2003/06/10 12:11:26 $ */ public class TestBase extends TestCase { @@ -87,35 +87,33 @@ public class TestBase extends TestCase { HttpUnitOptions.setMatchesIgnoreCase(true); } + /** + * Assert that the baseUrl has been set + */ protected void assertBaseUrlIsSet() { assertNotNull("base.url is null", baseUrl); } /** - * Performs a just-in-time login for the contextRelativeUri passed in. + * Performs a just-in-time login for the (context-relative) uri passed in. * This method will assert that the login page is received, and then login with a valid * username and password. The response from the login form submit is what gets returned. * - * @param contextRelativeUri + * @param uri * @return response after valid login form submittal * @throws Exception */ - protected WebResponse performJustInTimeLogin(String contextRelativeUri) throws Exception { + protected WebResponse performJustInTimeLogin(String uri) throws Exception { // make sure the baseUrl was set assertBaseUrlIsSet(); // request the secure page WebConversation session = new WebConversation(); - WebRequest request = new GetMethodWebRequest(baseUrl + contextRelativeUri); + WebRequest request = new GetMethodWebRequest(baseUrl + uri); WebResponse response = session.getResponse(request); // make sure the response leads us to login page - String title = response.getTitle(); - assertEquals( - "On request for " + contextRelativeUri + ", expected login page, got:" + title, - Constants.LOGIN_TITLE, - title - ); + assertPageTitle(response, Constants.LOGIN_TITLE); // submit valid login credentials WebForm loginForm = response.getFormWithID(Constants.LOGIN_FORM_ID); @@ -123,4 +121,32 @@ public class TestBase extends TestCase { loginForm.setParameter(Constants.LOGIN_PASSWORD_FIELD, Constants.VALID_PASSWORD); return session.getResponse(loginForm.getRequest()); } + + /** + * Assert that the correct page title is received, including authentication along the way. + * + * @param uri the context-relative uri to request + * @param pageTitle the expected page title + * @throws Exception + */ + protected void assertPageTitleAfterLogin(String uri, String pageTitle) throws Exception { + WebResponse response = performJustInTimeLogin(uri); + assertPageTitle(response, pageTitle); + } + + /** + * Assert that the response has the expected page title. + * + * @param response the WebResponse to check + * @param pageTitle the expected page title + * @throws Exception + */ + protected void assertPageTitle(WebResponse response, String pageTitle) throws Exception { + String title = response.getTitle(); + assertEquals( + "Expected page title \"" + pageTitle + "\", got: \"" + title + "\"", + pageTitle, + title + ); + } } diff --git a/src/test/org/securityfilter/test/http/form/DefaultPageTest.java b/src/test/org/securityfilter/test/http/form/DefaultPageTest.java index 44349df..e3ad1fb 100644 --- a/src/test/org/securityfilter/test/http/form/DefaultPageTest.java +++ b/src/test/org/securityfilter/test/http/form/DefaultPageTest.java @@ -1,7 +1,7 @@ /* - * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/DefaultPageTest.java,v 1.1 2003/06/09 12:07:06 maxcooper Exp $ - * $Revision: 1.1 $ - * $Date: 2003/06/09 12:07:06 $ + * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/DefaultPageTest.java,v 1.2 2003/06/10 12:11:26 maxcooper Exp $ + * $Revision: 1.2 $ + * $Date: 2003/06/10 12:11:26 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 @@ -63,7 +63,7 @@ import com.meterware.httpunit.*; * DefaultPageTest * * @author Max Cooper (max@maxcooper.com) - * @version $Revision: 1.1 $ $Date: 2003/06/09 12:07:06 $ + * @version $Revision: 1.2 $ $Date: 2003/06/10 12:11:26 $ */ public class DefaultPageTest extends TestBase { @@ -98,12 +98,7 @@ public class DefaultPageTest extends TestBase { WebResponse response = session.getResponse(request); // make sure the response leads us to login page - String title = response.getTitle(); - assertEquals( - "Expected login page, got:" + title, - Constants.LOGIN_TITLE, - title - ); + assertPageTitle(response, Constants.LOGIN_TITLE); // submit valid login credentials WebForm loginForm = response.getFormWithID(Constants.LOGIN_FORM_ID); @@ -112,12 +107,7 @@ public class DefaultPageTest extends TestBase { response = session.getResponse(loginForm.getRequest()); // make sure the response leads to the default page (Home page -- index.jsp) - title = response.getTitle(); - assertEquals( - "Expected home page, got:" + title, - Constants.HOME_TITLE, - title - ); + assertPageTitle(response, Constants.HOME_TITLE); } /** @@ -142,11 +132,6 @@ public class DefaultPageTest extends TestBase { WebResponse response = session.getResponse(request); // make sure the response leads to the default page (Home page -- index.jsp) - String title = response.getTitle(); - assertEquals( - "Expected home page, got:" + title, - Constants.HOME_TITLE, - title - ); + assertPageTitle(response, Constants.HOME_TITLE); } } diff --git a/src/test/org/securityfilter/test/http/form/JustInTimeTest.java b/src/test/org/securityfilter/test/http/form/JustInTimeTest.java index a3f68c0..84286d5 100644 --- a/src/test/org/securityfilter/test/http/form/JustInTimeTest.java +++ b/src/test/org/securityfilter/test/http/form/JustInTimeTest.java @@ -1,7 +1,7 @@ /* - * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/JustInTimeTest.java,v 1.4 2003/06/10 11:36:21 maxcooper Exp $ - * $Revision: 1.4 $ - * $Date: 2003/06/10 11:36:21 $ + * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/JustInTimeTest.java,v 1.5 2003/06/10 12:11:26 maxcooper Exp $ + * $Revision: 1.5 $ + * $Date: 2003/06/10 12:11:26 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 @@ -63,10 +63,9 @@ import org.securityfilter.test.http.TestBase; * JustInTimeTest - This tests basic just-in-time login behavior. * * @author Max Cooper (max@maxcooper.com) - * @version $Revision: 1.4 $ $Date: 2003/06/10 11:36:21 $ + * @version $Revision: 1.5 $ $Date: 2003/06/10 12:11:26 $ */ public class JustInTimeTest extends TestBase { - /** * Constructor * @@ -82,15 +81,7 @@ public class JustInTimeTest extends TestBase { * @throws Exception */ public void testJustInTime() throws Exception { - // request the secure page and login - WebResponse response = performJustInTimeLogin("/securePage.jsp"); - - // make sure the response leads to the secure page - String title = response.getTitle(); - assertEquals( - "Expected secure page, got:" + title, - Constants.SECURE_TITLE, - title - ); + // ensure that we get the secure page, loggin in on the way + assertPageTitleAfterLogin("/securePage.jsp", Constants.SECURE_TITLE); } } diff --git a/src/test/org/securityfilter/test/http/form/PathTricksTest.java b/src/test/org/securityfilter/test/http/form/PathTricksTest.java index 47a89fe..5206ae6 100644 --- a/src/test/org/securityfilter/test/http/form/PathTricksTest.java +++ b/src/test/org/securityfilter/test/http/form/PathTricksTest.java @@ -1,7 +1,7 @@ /* - * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/PathTricksTest.java,v 1.2 2003/06/10 11:40:41 maxcooper Exp $ - * $Revision: 1.2 $ - * $Date: 2003/06/10 11:40:41 $ + * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/PathTricksTest.java,v 1.3 2003/06/10 12:11:26 maxcooper Exp $ + * $Revision: 1.3 $ + * $Date: 2003/06/10 12:11:26 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 @@ -55,17 +55,14 @@ package org.securityfilter.test.http.form; -import com.meterware.httpunit.WebResponse; import org.securityfilter.example.Constants; import org.securityfilter.test.http.TestBase; /** - * PathTricksTest - tests for proper operation when "path tricks" are employed in URLs: - * /./securePage.jsp - * /public/../securePage.jsp + * PathTricksTest - tests for proper operation when "path tricks" are employed in URLs * * @author Max Cooper (max@maxcooper.com) - * @version $Revision: 1.2 $ $Date: 2003/06/10 11:40:41 $ + * @version $Revision: 1.3 $ $Date: 2003/06/10 12:11:26 $ */ public class PathTricksTest extends TestBase { /** @@ -84,15 +81,7 @@ public class PathTricksTest extends TestBase { */ public void testSingleDotURLTrick() throws Exception { // request the secure page and login - WebResponse response = performJustInTimeLogin("/./securePage.jsp"); - - // make sure the response leads to the secure page - String title = response.getTitle(); - assertEquals( - "Expected secure page, got:" + title, - Constants.SECURE_TITLE, - title - ); + assertPageTitleAfterLogin("/./securePage.jsp", Constants.SECURE_TITLE); } /** @@ -102,15 +91,7 @@ public class PathTricksTest extends TestBase { */ public void testDoubleDotURLTrick() throws Exception { // request the secure page and login - WebResponse response = performJustInTimeLogin("/public/../securePage.jsp"); - - // make sure the response leads to the secure page - String title = response.getTitle(); - assertEquals( - "Expected secure page, got:" + title, - Constants.SECURE_TITLE, - title - ); + assertPageTitleAfterLogin("/public/../securePage.jsp", Constants.SECURE_TITLE); } /** @@ -120,14 +101,6 @@ public class PathTricksTest extends TestBase { */ public void testMultipleSlashURLTrick() throws Exception { // request the secure page and login - WebResponse response = performJustInTimeLogin("//securePage.jsp"); - - // make sure the response leads to the secure page - String title = response.getTitle(); - assertEquals( - "Expected secure page, got:" + title, - Constants.SECURE_TITLE, - title - ); + assertPageTitleAfterLogin("//securePage.jsp", Constants.SECURE_TITLE); } } diff --git a/src/test/org/securityfilter/test/http/form/UTFTest.java b/src/test/org/securityfilter/test/http/form/UTFTest.java index 2caa1e0..bbd3be8 100644 --- a/src/test/org/securityfilter/test/http/form/UTFTest.java +++ b/src/test/org/securityfilter/test/http/form/UTFTest.java @@ -1,7 +1,7 @@ /* - * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/UTFTest.java,v 1.1 2003/06/10 11:30:07 maxcooper Exp $ - * $Revision: 1.1 $ - * $Date: 2003/06/10 11:30:07 $ + * $Header: /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form/UTFTest.java,v 1.2 2003/06/10 12:11:26 maxcooper Exp $ + * $Revision: 1.2 $ + * $Date: 2003/06/10 12:11:26 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 @@ -55,7 +55,6 @@ package org.securityfilter.test.http.form; -import com.meterware.httpunit.WebResponse; import org.securityfilter.example.Constants; import org.securityfilter.test.http.TestBase; @@ -64,7 +63,7 @@ import org.securityfilter.test.http.TestBase; * are used. Failures would indicate a security vulnerability. * * @author Max Cooper (max@maxcooper.com) - * @version $Revision: 1.1 $ $Date: 2003/06/10 11:30:07 $ + * @version $Revision: 1.2 $ $Date: 2003/06/10 12:11:26 $ */ public class UTFTest extends TestBase { /** @@ -84,15 +83,7 @@ public class UTFTest extends TestBase { */ public void testUTFEncodedDirectorySeparator() throws Exception { // request the secure page and login - WebResponse response = performJustInTimeLogin("%2FsecurePage.jsp"); - - // make sure the response leads to the secure page - String title = response.getTitle(); - assertEquals( - "Expected secure page, got:" + title, - Constants.SECURE_TITLE, - title - ); + assertPageTitleAfterLogin("%2FsecurePage.jsp", Constants.SECURE_TITLE); } /** @@ -103,14 +94,6 @@ public class UTFTest extends TestBase { */ public void testUTFEncodedPageName() throws Exception { // request the secure page and login - WebResponse response = performJustInTimeLogin("/%73ecurePage.jsp"); - - // make sure the response leads to the secure page - String title = response.getTitle(); - assertEquals( - "Expected secure page, got:" + title, - Constants.SECURE_TITLE, - title - ); + assertPageTitleAfterLogin("/%73ecurePage.jsp", Constants.SECURE_TITLE); } } -- 2.11.0