use of org.apache.catalina.realm.MessageDigestCredentialHandler in project tomcat by apache.
the class TestStandardWrapper method doTestRoleMapping.
private void doTestRoleMapping(String realmContainer) throws Exception {
// Setup Tomcat instance
Tomcat tomcat = getTomcatInstance();
// No file system docBase required
Context ctx = tomcat.addContext("", null);
ctx.addRoleMapping("testRole", "very-complex-role-name");
Wrapper wrapper = Tomcat.addServlet(ctx, "servlet", RoleAllowServlet.class.getName());
ctx.addServletMappingDecoded("/", "servlet");
ctx.setLoginConfig(new LoginConfig("BASIC", null, null, null));
ctx.getPipeline().addValve(new BasicAuthenticator());
TesterMapRealm realm = new TesterMapRealm();
MessageDigestCredentialHandler ch = new MessageDigestCredentialHandler();
ch.setAlgorithm("SHA");
realm.setCredentialHandler(ch);
/* Attach the realm to the appropriate container, but role mapping must
* always succeed because it is evaluated at context level.
*/
if (realmContainer.equals("engine")) {
tomcat.getEngine().setRealm(realm);
} else if (realmContainer.equals("host")) {
tomcat.getHost().setRealm(realm);
} else if (realmContainer.equals("context")) {
ctx.setRealm(realm);
} else {
throw new IllegalArgumentException("realmContainer is invalid");
}
realm.addUser("testUser", ch.mutate("testPwd"));
realm.addUserRole("testUser", "testRole1");
realm.addUserRole("testUser", "very-complex-role-name");
realm.addUserRole("testUser", "another-very-complex-role-name");
tomcat.start();
Principal p = realm.authenticate("testUser", "testPwd");
Assert.assertNotNull(p);
Assert.assertEquals("testUser", p.getName());
// This one is mapped
Assert.assertTrue(realm.hasRole(wrapper, p, "testRole"));
Assert.assertTrue(realm.hasRole(wrapper, p, "testRole1"));
Assert.assertFalse(realm.hasRole(wrapper, p, "testRole2"));
Assert.assertTrue(realm.hasRole(wrapper, p, "very-complex-role-name"));
Assert.assertTrue(realm.hasRole(wrapper, p, "another-very-complex-role-name"));
// This now tests RealmBase#hasResourcePermission() because we need a wrapper
// to be passed from an authenticator
ByteChunk bc = new ByteChunk();
Map<String, List<String>> reqHeaders = new HashMap<>();
List<String> authHeaders = new ArrayList<>();
// testUser, testPwd
authHeaders.add("Basic dGVzdFVzZXI6dGVzdFB3ZA==");
reqHeaders.put("Authorization", authHeaders);
int rc = getUrl("http://localhost:" + getPort() + "/", bc, reqHeaders, null);
Assert.assertEquals("OK", bc.toString());
Assert.assertEquals(200, rc);
}
Aggregations