Example 1 with MapRealm
use of org.apache.catalina.startup.TestTomcat.MapRealm in project tomcat70 by apache.
the class TestStandardContext method testBug50015.
@Test
public void testBug50015() throws Exception {
// Test that configuring servlet security constraints programmatically
// does work.
// Set up a container
Tomcat tomcat = getTomcatInstance();
// No file system docBase required
Context ctx = tomcat.addContext("", null);
// Setup realm
MapRealm realm = new MapRealm();
realm.addUser("tomcat", "tomcat");
realm.addUserRole("tomcat", "tomcat");
ctx.setRealm(realm);
// Configure app for BASIC auth
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("BASIC");
ctx.setLoginConfig(lc);
ctx.getPipeline().addValve(new BasicAuthenticator());
// Add ServletContainerInitializer
ServletContainerInitializer sci = new Bug50015SCI();
ctx.addServletContainerInitializer(sci, null);
// Start the context
tomcat.start();
// Request the first servlet
ByteChunk bc = new ByteChunk();
int rc = getUrl("http://localhost:" + getPort() + "/bug50015", bc, null);
// Check for a 401
Assert.assertNotSame("OK", bc.toString());
Assert.assertEquals(401, rc);
}
Also used :
Context(org.apache.catalina.Context)
ServletContext(javax.servlet.ServletContext)
ServletContainerInitializer(javax.servlet.ServletContainerInitializer)
Tomcat(org.apache.catalina.startup.Tomcat)
BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator)
ByteChunk(org.apache.tomcat.util.buf.ByteChunk)
LoginConfig(org.apache.catalina.deploy.LoginConfig)
MapRealm(org.apache.catalina.startup.TestTomcat.MapRealm)
TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest)
Test(org.junit.Test)
Example 2 with MapRealm
use of org.apache.catalina.startup.TestTomcat.MapRealm in project tomcat70 by apache.
the class TestDigestAuthenticator method setUp.
@Override
public void setUp() throws Exception {
super.setUp();
// Configure a context with digest auth and a single protected resource
Tomcat tomcat = getTomcatInstance();
// No file system docBase required
Context ctxt = tomcat.addContext(CONTEXT_PATH, null);
// Add protected servlet
Tomcat.addServlet(ctxt, "TesterServlet", new TesterServlet());
ctxt.addServletMapping(URI, "TesterServlet");
SecurityCollection collection = new SecurityCollection();
collection.addPattern(URI);
SecurityConstraint sc = new SecurityConstraint();
sc.addAuthRole(ROLE);
sc.addCollection(collection);
ctxt.addConstraint(sc);
// Configure the Realm
MapRealm realm = new MapRealm();
realm.addUser(USER, PWD);
realm.addUserRole(USER, ROLE);
ctxt.setRealm(realm);
// Configure the authenticator
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("DIGEST");
lc.setRealmName(REALM);
ctxt.setLoginConfig(lc);
ctxt.getPipeline().addValve(new DigestAuthenticator());
}
Also used :
Context(org.apache.catalina.Context)
TesterContext(org.apache.tomcat.unittest.TesterContext)
Tomcat(org.apache.catalina.startup.Tomcat)
LoginConfig(org.apache.catalina.deploy.LoginConfig)
MapRealm(org.apache.catalina.startup.TestTomcat.MapRealm)
TesterServlet(org.apache.catalina.startup.TesterServlet)
SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint)
SecurityCollection(org.apache.catalina.deploy.SecurityCollection)
Example 3 with MapRealm
use of org.apache.catalina.startup.TestTomcat.MapRealm in project tomcat70 by apache.
the class TestStandardWrapper method doTest.
private void doTest(String servletClassName, boolean usePost, boolean useRole, boolean expect200) throws Exception {
// Setup Tomcat instance
Tomcat tomcat = getTomcatInstance();
// No file system docBase required
Context ctx = tomcat.addContext("", null);
Wrapper wrapper = Tomcat.addServlet(ctx, "servlet", servletClassName);
wrapper.setAsyncSupported(true);
ctx.addServletMapping("/", "servlet");
if (useRole) {
MapRealm realm = new MapRealm();
realm.addUser("testUser", "testPwd");
realm.addUserRole("testUser", "testRole");
ctx.setRealm(realm);
ctx.setLoginConfig(new LoginConfig("BASIC", null, null, null));
ctx.getPipeline().addValve(new BasicAuthenticator());
}
tomcat.start();
ByteChunk bc = new ByteChunk();
Map<String, List<String>> reqHeaders = null;
if (useRole) {
reqHeaders = new HashMap<String, List<String>>();
List<String> authHeaders = new ArrayList<String>();
// testUser, testPwd
authHeaders.add("Basic dGVzdFVzZXI6dGVzdFB3ZA==");
reqHeaders.put("Authorization", authHeaders);
}
int rc;
if (usePost) {
rc = postUrl(null, "http://localhost:" + getPort() + "/", bc, reqHeaders, null);
} else {
rc = getUrl("http://localhost:" + getPort() + "/", bc, reqHeaders, null);
}
if (expect200) {
Assert.assertEquals("OK", bc.toString());
Assert.assertEquals(200, rc);
} else {
Assert.assertTrue(bc.getLength() > 0);
Assert.assertEquals(403, rc);
}
}
Also used :
Context(org.apache.catalina.Context)
ServletContext(javax.servlet.ServletContext)
Wrapper(org.apache.catalina.Wrapper)
Tomcat(org.apache.catalina.startup.Tomcat)
ByteChunk(org.apache.tomcat.util.buf.ByteChunk)
ArrayList(java.util.ArrayList)
HttpConstraint(javax.servlet.annotation.HttpConstraint)
HttpMethodConstraint(javax.servlet.annotation.HttpMethodConstraint)
BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator)
LoginConfig(org.apache.catalina.deploy.LoginConfig)
ArrayList(java.util.ArrayList)
List(java.util.List)
MapRealm(org.apache.catalina.startup.TestTomcat.MapRealm)
Example 4 with MapRealm
use of org.apache.catalina.startup.TestTomcat.MapRealm in project tomcat70 by apache.
the class TestRequest method testLoginLogout.
/**
* Test case for {@link Request#login(String, String)} and
* {@link Request#logout()}.
*/
@Test
public void testLoginLogout() throws Exception {
// Setup Tomcat instance
Tomcat tomcat = getTomcatInstance();
// No file system docBase required
Context ctx = tomcat.addContext("", null);
LoginConfig config = new LoginConfig();
config.setAuthMethod("BASIC");
ctx.setLoginConfig(config);
ctx.getPipeline().addValve(new BasicAuthenticator());
Tomcat.addServlet(ctx, "servlet", new LoginLogoutServlet());
ctx.addServletMapping("/", "servlet");
MapRealm realm = new MapRealm();
realm.addUser(LoginLogoutServlet.USER, LoginLogoutServlet.PWD);
ctx.setRealm(realm);
tomcat.start();
ByteChunk res = getUrl("http://localhost:" + getPort() + "/");
Assert.assertEquals(LoginLogoutServlet.OK, res.toString());
}
Also used :
Context(org.apache.catalina.Context)
Tomcat(org.apache.catalina.startup.Tomcat)
BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator)
ByteChunk(org.apache.tomcat.util.buf.ByteChunk)
LoginConfig(org.apache.catalina.deploy.LoginConfig)
MapRealm(org.apache.catalina.startup.TestTomcat.MapRealm)
TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest)
Test(org.junit.Test)
Example 5 with MapRealm
use of org.apache.catalina.startup.TestTomcat.MapRealm in project tomcat70 by apache.
the class TesterSupport method configureClientCertContext.
protected static void configureClientCertContext(Tomcat tomcat) {
TesterSupport.initSsl(tomcat);
// Need a web application with a protected and unprotected URL
// No file system docBase required
Context ctx = tomcat.addContext("", null);
Tomcat.addServlet(ctx, "simple", new SimpleServlet());
ctx.addServletMapping("/unprotected", "simple");
ctx.addServletMapping("/protected", "simple");
// Security constraints
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/protected");
SecurityConstraint sc = new SecurityConstraint();
sc.addAuthRole(ROLE);
sc.addCollection(collection);
ctx.addConstraint(sc);
// Configure the Realm
MapRealm realm = new MapRealm();
String cn = "NOTFOUND";
try {
KeyStore ks = getKeyStore(CLIENT_JKS);
X509Certificate cert = (X509Certificate) ks.getCertificate(CLIENT_ALIAS);
cn = cert.getSubjectDN().getName();
} catch (Exception ex) {
// Ignore
}
realm.addUser(cn, "not used");
realm.addUserRole(cn, ROLE);
ctx.setRealm(realm);
// Configure the authenticator
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("CLIENT-CERT");
ctx.setLoginConfig(lc);
ctx.getPipeline().addValve(new SSLAuthenticator());
}
Also used :
SSLContext(javax.net.ssl.SSLContext)
Context(org.apache.catalina.Context)
SSLAuthenticator(org.apache.catalina.authenticator.SSLAuthenticator)
LoginConfig(org.apache.catalina.deploy.LoginConfig)
MapRealm(org.apache.catalina.startup.TestTomcat.MapRealm)
KeyStore(java.security.KeyStore)
SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint)
X509Certificate(java.security.cert.X509Certificate)
ServletException(javax.servlet.ServletException)
URISyntaxException(java.net.URISyntaxException)
IOException(java.io.IOException)
KeyManagementException(java.security.KeyManagementException)
UnknownHostException(java.net.UnknownHostException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SecurityCollection(org.apache.catalina.deploy.SecurityCollection)
Aggregations
Context (org.apache.catalina.Context)6
MapRealm (org.apache.catalina.startup.TestTomcat.MapRealm)6
LoginConfig (org.apache.catalina.deploy.LoginConfig)5
Tomcat (org.apache.catalina.startup.Tomcat)4
BasicAuthenticator (org.apache.catalina.authenticator.BasicAuthenticator)3
ByteChunk (org.apache.tomcat.util.buf.ByteChunk)3
ServletContext (javax.servlet.ServletContext)2
SecurityCollection (org.apache.catalina.deploy.SecurityCollection)2
SecurityConstraint (org.apache.catalina.deploy.SecurityConstraint)2
TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)2
Test (org.junit.Test)2
IOException (java.io.IOException)1
URISyntaxException (java.net.URISyntaxException)1
UnknownHostException (java.net.UnknownHostException)1
KeyManagementException (java.security.KeyManagementException)1
KeyStore (java.security.KeyStore)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
X509Certificate (java.security.cert.X509Certificate)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
