Example 1 with MockHttpServletRequest
use of net.sourceforge.stripes.mock.MockHttpServletRequest in project jspwiki by apache.
the class WikiSessionTest method testUserPrincipal.
@Test
public void testUserPrincipal() throws ServletException, IOException {
MockHttpServletRequest request;
WikiSession wikiSession;
// Changing the UserPrincipal value should cause the user to be authenticated...
request = m_engine.newHttpRequest();
request.setUserPrincipal(new WikiPrincipal("Fred Flintstone"));
runSecurityFilter(m_engine, request);
wikiSession = WikiSession.getWikiSession(m_engine, request);
Assert.assertTrue(wikiSession.isAuthenticated());
Assert.assertEquals("Fred Flintstone", wikiSession.getUserPrincipal().getName());
}
Also used :
WikiPrincipal(org.apache.wiki.auth.WikiPrincipal)
MockHttpServletRequest(net.sourceforge.stripes.mock.MockHttpServletRequest)
Test(org.junit.Test)
Example 2 with MockHttpServletRequest
use of net.sourceforge.stripes.mock.MockHttpServletRequest in project jspwiki by apache.
the class WikiSessionTest method authenticatedSession.
public static WikiSession authenticatedSession(TestEngine engine, String id, String password) throws Exception {
// Build anon session
MockHttpServletRequest request = engine.newHttpRequest();
// Log in as anon
runSecurityFilter(engine, request);
// Log in the user with credentials
WikiSession session = WikiSession.getWikiSession(engine, request);
engine.getAuthenticationManager().login(session, request, id, password);
// Make sure the user is actually authenticated
if (!session.isAuthenticated()) {
throw new IllegalStateException("Could not log in authenticated user '" + id + "'");
}
return session;
}
Also used :
MockHttpServletRequest(net.sourceforge.stripes.mock.MockHttpServletRequest)
Example 3 with MockHttpServletRequest
use of net.sourceforge.stripes.mock.MockHttpServletRequest in project jspwiki by apache.
the class WikiSessionTest method assertedSession.
public static WikiSession assertedSession(TestEngine engine, String name, Principal[] roles) throws Exception {
// We can use cookies right?
if (!engine.getAuthenticationManager().allowsCookieAssertions()) {
throw new IllegalStateException("Couldn't set up asserted user: login config doesn't allow cookies.");
}
// Build anon session
MockHttpServletRequest request = engine.newHttpRequest();
Set<String> r = new HashSet<String>();
for (int i = 0; i < roles.length; i++) {
r.add(roles[i].getName());
}
request.setRoles(r);
// Set cookie
Cookie cookie = new Cookie(CookieAssertionLoginModule.PREFS_COOKIE_NAME, name);
request.setCookies(new Cookie[] { cookie });
// Log in
runSecurityFilter(engine, request);
// Make sure the user is actually asserted
WikiSession session = WikiSession.getWikiSession(engine, request);
return session;
}
Also used :
Cookie(javax.servlet.http.Cookie)
MockHttpServletRequest(net.sourceforge.stripes.mock.MockHttpServletRequest)
HashSet(java.util.HashSet)
Example 4 with MockHttpServletRequest
use of net.sourceforge.stripes.mock.MockHttpServletRequest in project jspwiki by apache.
the class WikiSessionTest method testAuthenticationCookieDefaults.
@Test
public void testAuthenticationCookieDefaults() throws ServletException, IOException {
MockHttpServletRequest request;
WikiSession wikiSession;
// Set the authentication cookie first
MockHttpServletResponse response = new MockHttpServletResponse();
CookieAuthenticationLoginModule.setLoginCookie(m_engine, response, "Fred Flintstone");
Cookie[] cookies = response.getCookies();
Assert.assertEquals(1, cookies.length);
String uid = cookies[0].getValue();
// Adding the magic "authentication cookie" should NOT count as authenticated in the default case
// (because cookie authentication is OFF).
request = m_engine.newHttpRequest();
request.setUserPrincipal(null);
request.setCookies(new Cookie[] { new Cookie("JSPWikiUID", uid) });
runSecurityFilter(m_engine, request);
wikiSession = WikiSession.getWikiSession(m_engine, request);
Assert.assertTrue(wikiSession.isAnonymous());
Assert.assertFalse(wikiSession.isAuthenticated());
Assert.assertEquals("127.0.0.1", wikiSession.getUserPrincipal().getName());
// Clear the authentication cookie
response = new MockHttpServletResponse();
CookieAuthenticationLoginModule.clearLoginCookie(m_engine, request, response);
}
Also used :
Cookie(javax.servlet.http.Cookie)
MockHttpServletRequest(net.sourceforge.stripes.mock.MockHttpServletRequest)
MockHttpServletResponse(net.sourceforge.stripes.mock.MockHttpServletResponse)
Test(org.junit.Test)
Example 5 with MockHttpServletRequest
use of net.sourceforge.stripes.mock.MockHttpServletRequest in project jspwiki by apache.
the class WikiSessionTest method testIPAddress.
@Test
public void testIPAddress() throws ServletException, IOException {
MockHttpServletRequest request;
WikiSession wikiSession;
// A naked HTTP request without userPrincipal/remoteUser should be anonymous
request = m_engine.newHttpRequest();
request.setUserPrincipal(null);
runSecurityFilter(m_engine, request);
wikiSession = WikiSession.getWikiSession(m_engine, request);
Assert.assertTrue(wikiSession.isAnonymous());
}
Also used :
MockHttpServletRequest(net.sourceforge.stripes.mock.MockHttpServletRequest)
Test(org.junit.Test)
Aggregations
MockHttpServletRequest (net.sourceforge.stripes.mock.MockHttpServletRequest)23
Test (org.junit.Test)10
Cookie (javax.servlet.http.Cookie)6
WikiPrincipal (org.apache.wiki.auth.WikiPrincipal)6
Principal (java.security.Principal)4
CallbackHandler (javax.security.auth.callback.CallbackHandler)4
LoginException (javax.security.auth.login.LoginException)4
LoginModule (javax.security.auth.spi.LoginModule)4
WikiContext (org.apache.wiki.WikiContext)4
Collection (java.util.Collection)3
HashSet (java.util.HashSet)2
MockHttpServletResponse (net.sourceforge.stripes.mock.MockHttpServletResponse)2
Locale (java.util.Locale)1
Properties (java.util.Properties)1
Subject (javax.security.auth.Subject)1
MockHttpSession (net.sourceforge.stripes.mock.MockHttpSession)1
WikiPage (org.apache.wiki.WikiPage)1
WikiSession (org.apache.wiki.WikiSession)1
GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)1
