Search in sources :

Example 6 with DefaultAcceptedPatternsChecker

use of com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker in project struts by apache.

the class CookieInterceptorTest method testInterceptSelectedCookiesNameOnly1.

public void testInterceptSelectedCookiesNameOnly1() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setCookies(new Cookie("cookie1", "cookie1value"), new Cookie("cookie2", "cookie2value"), new Cookie("cookie3", "cookie3value"));
    ServletActionContext.setRequest(request);
    MockActionWithCookieAware action = new MockActionWithCookieAware();
    ActionContext.getContext().getValueStack().push(action);
    ActionInvocation invocation = (ActionInvocation) createMock(ActionInvocation.class);
    expect(invocation.getAction()).andReturn(action);
    expect(invocation.invoke()).andReturn(Action.SUCCESS);
    replay(invocation);
    CookieInterceptor interceptor = new CookieInterceptor();
    interceptor.setExcludedPatternsChecker(new DefaultExcludedPatternsChecker());
    interceptor.setAcceptedPatternsChecker(new DefaultAcceptedPatternsChecker());
    interceptor.setCookiesName("cookie1, cookie3");
    interceptor.setCookiesValue("cookie1value, cookie2value, cookie3value");
    interceptor.intercept(invocation);
    assertFalse(action.getCookiesMap().isEmpty());
    assertEquals(action.getCookiesMap().size(), 2);
    assertEquals(action.getCookiesMap().get("cookie1"), "cookie1value");
    assertEquals(action.getCookiesMap().get("cookie2"), null);
    assertEquals(action.getCookiesMap().get("cookie3"), "cookie3value");
    assertEquals(action.getCookie1(), "cookie1value");
    assertEquals(action.getCookie2(), null);
    assertEquals(action.getCookie3(), "cookie3value");
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie1"), "cookie1value");
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie2"), null);
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie3"), "cookie3value");
    verify(invocation);
}
Also used : Cookie(javax.servlet.http.Cookie) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockActionInvocation(com.opensymphony.xwork2.mock.MockActionInvocation) ActionInvocation(com.opensymphony.xwork2.ActionInvocation) DefaultAcceptedPatternsChecker(com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker) DefaultExcludedPatternsChecker(com.opensymphony.xwork2.security.DefaultExcludedPatternsChecker)

Example 7 with DefaultAcceptedPatternsChecker

use of com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker in project struts by apache.

the class CookieInterceptorTest method testInterceptSelectedCookiesNameAndValue.

public void testInterceptSelectedCookiesNameAndValue() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setCookies(new Cookie("cookie1", "cookie1value"), new Cookie("cookie2", "cookie2value"), new Cookie("cookie3", "cookie3value"));
    ServletActionContext.setRequest(request);
    MockActionWithCookieAware action = new MockActionWithCookieAware();
    ActionContext.getContext().getValueStack().push(action);
    ActionInvocation invocation = (ActionInvocation) createMock(ActionInvocation.class);
    expect(invocation.getAction()).andReturn(action);
    expect(invocation.invoke()).andReturn(Action.SUCCESS);
    replay(invocation);
    CookieInterceptor interceptor = new CookieInterceptor();
    interceptor.setExcludedPatternsChecker(new DefaultExcludedPatternsChecker());
    interceptor.setAcceptedPatternsChecker(new DefaultAcceptedPatternsChecker());
    interceptor.setCookiesName("cookie1, cookie3");
    interceptor.setCookiesValue("cookie1value");
    interceptor.intercept(invocation);
    assertFalse(action.getCookiesMap().isEmpty());
    assertEquals(action.getCookiesMap().size(), 1);
    assertEquals(action.getCookiesMap().get("cookie1"), "cookie1value");
    assertEquals(action.getCookiesMap().get("cookie2"), null);
    assertEquals(action.getCookiesMap().get("cookie3"), null);
    assertEquals(action.getCookie1(), "cookie1value");
    assertEquals(action.getCookie2(), null);
    assertEquals(action.getCookie3(), null);
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie1"), "cookie1value");
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie2"), null);
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie3"), null);
    verify(invocation);
}
Also used : Cookie(javax.servlet.http.Cookie) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockActionInvocation(com.opensymphony.xwork2.mock.MockActionInvocation) ActionInvocation(com.opensymphony.xwork2.ActionInvocation) DefaultAcceptedPatternsChecker(com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker) DefaultExcludedPatternsChecker(com.opensymphony.xwork2.security.DefaultExcludedPatternsChecker)

Example 8 with DefaultAcceptedPatternsChecker

use of com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker in project struts by apache.

the class CookieInterceptorTest method testInterceptAll2.

public void testInterceptAll2() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setCookies(new Cookie("cookie1", "cookie1value"), new Cookie("cookie2", "cookie2value"), new Cookie("cookie3", "cookie3value"));
    ServletActionContext.setRequest(request);
    MockActionWithCookieAware action = new MockActionWithCookieAware();
    ActionContext.getContext().getValueStack().push(action);
    ActionInvocation invocation = (ActionInvocation) createMock(ActionInvocation.class);
    expect(invocation.getAction()).andReturn(action);
    expect(invocation.invoke()).andReturn(Action.SUCCESS);
    replay(invocation);
    CookieInterceptor interceptor = new CookieInterceptor();
    interceptor.setExcludedPatternsChecker(new DefaultExcludedPatternsChecker());
    interceptor.setAcceptedPatternsChecker(new DefaultAcceptedPatternsChecker());
    interceptor.setCookiesName("cookie1, cookie2, cookie3");
    interceptor.setCookiesValue("cookie1value, cookie2value, cookie3value");
    interceptor.intercept(invocation);
    assertFalse(action.getCookiesMap().isEmpty());
    assertEquals(action.getCookiesMap().size(), 3);
    assertEquals(action.getCookiesMap().get("cookie1"), "cookie1value");
    assertEquals(action.getCookiesMap().get("cookie2"), "cookie2value");
    assertEquals(action.getCookiesMap().get("cookie3"), "cookie3value");
    assertEquals(action.getCookie1(), "cookie1value");
    assertEquals(action.getCookie2(), "cookie2value");
    assertEquals(action.getCookie3(), "cookie3value");
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie1"), "cookie1value");
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie2"), "cookie2value");
    assertEquals(ActionContext.getContext().getValueStack().findValue("cookie3"), "cookie3value");
    verify(invocation);
}
Also used : Cookie(javax.servlet.http.Cookie) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockActionInvocation(com.opensymphony.xwork2.mock.MockActionInvocation) ActionInvocation(com.opensymphony.xwork2.ActionInvocation) DefaultAcceptedPatternsChecker(com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker) DefaultExcludedPatternsChecker(com.opensymphony.xwork2.security.DefaultExcludedPatternsChecker)

Example 9 with DefaultAcceptedPatternsChecker

use of com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker in project struts by apache.

the class CookieInterceptorTest method testCookiesWithStrutsInternalsAccess.

public void testCookiesWithStrutsInternalsAccess() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    String sessionCookieName = "session.userId";
    String sessionCookieValue = "session.userId=1";
    String appCookieName = "application.userId";
    String appCookieValue = "application.userId=1";
    String reqCookieName = "request.userId";
    String reqCookieValue = "request.userId=1";
    request.setCookies(new Cookie(sessionCookieName, "1"), new Cookie("1", sessionCookieValue), new Cookie(appCookieName, "1"), new Cookie("1", appCookieValue), new Cookie(reqCookieName, "1"), new Cookie("1", reqCookieValue));
    ServletActionContext.setRequest(request);
    final Map<String, Boolean> excludedName = new HashMap<String, Boolean>();
    CookieInterceptor interceptor = new CookieInterceptor() {

        @Override
        protected boolean isAcceptableName(String name) {
            boolean accepted = super.isAcceptableName(name);
            excludedName.put(name, accepted);
            return accepted;
        }
    };
    interceptor.setExcludedPatternsChecker(new DefaultExcludedPatternsChecker());
    interceptor.setAcceptedPatternsChecker(new DefaultAcceptedPatternsChecker());
    interceptor.setCookiesName("*");
    MockActionInvocation invocation = new MockActionInvocation();
    invocation.setAction(new MockActionWithCookieAware());
    interceptor.intercept(invocation);
    assertFalse(excludedName.get(sessionCookieName));
    assertFalse(excludedName.get(appCookieName));
    assertFalse(excludedName.get(reqCookieName));
}
Also used : Cookie(javax.servlet.http.Cookie) HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) DefaultAcceptedPatternsChecker(com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker) MockActionInvocation(com.opensymphony.xwork2.mock.MockActionInvocation) DefaultExcludedPatternsChecker(com.opensymphony.xwork2.security.DefaultExcludedPatternsChecker)

Example 10 with DefaultAcceptedPatternsChecker

use of com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker in project struts by apache.

the class CookieInterceptorTest method testActionCookieAwareWithStrutsInternalsAccess.

public void testActionCookieAwareWithStrutsInternalsAccess() throws Exception {
    MockHttpServletRequest request = new MockHttpServletRequest();
    String sessionCookieName = "session.userId";
    String sessionCookieValue = "session.userId=1";
    String appCookieName = "application.userId";
    String appCookieValue = "application.userId=1";
    String reqCookieName = "request.userId";
    String reqCookieValue = "request.userId=1";
    request.setCookies(new Cookie(sessionCookieName, "1"), new Cookie("1", sessionCookieValue), new Cookie(appCookieName, "1"), new Cookie("1", appCookieValue), new Cookie(reqCookieName, "1"), new Cookie("1", reqCookieValue));
    ServletActionContext.setRequest(request);
    final Map<String, Boolean> excludedName = new HashMap<>();
    CookieInterceptor interceptor = new CookieInterceptor() {

        @Override
        protected boolean isAcceptableName(String name) {
            boolean accepted = super.isAcceptableName(name);
            excludedName.put(name, accepted);
            return accepted;
        }
    };
    interceptor.setExcludedPatternsChecker(new DefaultExcludedPatternsChecker());
    interceptor.setAcceptedPatternsChecker(new DefaultAcceptedPatternsChecker());
    interceptor.setCookiesName("*");
    MockActionInvocation invocation = new MockActionInvocation();
    invocation.setAction(new MockActionWithActionCookieAware());
    interceptor.intercept(invocation);
    assertFalse(excludedName.get(sessionCookieName));
    assertFalse(excludedName.get(appCookieName));
    assertFalse(excludedName.get(reqCookieName));
}
Also used : Cookie(javax.servlet.http.Cookie) HashMap(java.util.HashMap) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) DefaultAcceptedPatternsChecker(com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker) MockActionInvocation(com.opensymphony.xwork2.mock.MockActionInvocation) DefaultExcludedPatternsChecker(com.opensymphony.xwork2.security.DefaultExcludedPatternsChecker)

Aggregations

MockActionInvocation (com.opensymphony.xwork2.mock.MockActionInvocation)10 DefaultAcceptedPatternsChecker (com.opensymphony.xwork2.security.DefaultAcceptedPatternsChecker)10 DefaultExcludedPatternsChecker (com.opensymphony.xwork2.security.DefaultExcludedPatternsChecker)10 Cookie (javax.servlet.http.Cookie)10 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)10 ActionInvocation (com.opensymphony.xwork2.ActionInvocation)7 HashMap (java.util.HashMap)3