Search in sources :

Example 26 with TesterServlet

use of org.apache.catalina.startup.TesterServlet in project tomcat by apache.

the class TestHttp11Processor method testInconsistentHostHeader01.

@Test
public void testInconsistentHostHeader01() throws Exception {
    Tomcat tomcat = getTomcatInstance();
    // This setting means the connection will be closed at the end of the
    // request
    Assert.assertTrue(tomcat.getConnector().setProperty("maxKeepAliveRequests", "1"));
    // No file system docBase required
    Context ctx = tomcat.addContext("", null);
    // Add servlet
    Tomcat.addServlet(ctx, "TesterServlet", new TesterServlet());
    ctx.addServletMappingDecoded("/foo", "TesterServlet");
    tomcat.start();
    String request = "GET http://a/foo HTTP/1.1" + SimpleHttpClient.CRLF + "Host: b" + SimpleHttpClient.CRLF + SimpleHttpClient.CRLF;
    Client client = new Client(tomcat.getConnector().getLocalPort());
    client.setRequest(new String[] { request });
    client.connect();
    client.processRequest();
    // Expected response is a 400 response.
    Assert.assertTrue(client.isResponse400());
}
Also used : Context(org.apache.catalina.Context) AsyncContext(jakarta.servlet.AsyncContext) Tomcat(org.apache.catalina.startup.Tomcat) TesterServlet(org.apache.catalina.startup.TesterServlet) SimpleHttpClient(org.apache.catalina.startup.SimpleHttpClient) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 27 with TesterServlet

use of org.apache.catalina.startup.TesterServlet in project tomcat by apache.

the class TestRewriteValve method doTestRedirect.

private void doTestRedirect(String config, String request, String expectedURI, int expectedStatusCode) throws Exception {
    Tomcat tomcat = getTomcatInstance();
    // No file system docBase required
    Context ctx = tomcat.addContext("redirect", null);
    RewriteValve rewriteValve = new RewriteValve();
    ctx.getPipeline().addValve(rewriteValve);
    rewriteValve.setConfiguration(config);
    Tomcat.addServlet(ctx, "tester", new TesterServlet());
    ctx.addServletMappingDecoded("/from/a", "tester");
    ctx.addServletMappingDecoded("/to/b", "tester");
    tomcat.start();
    ByteChunk res = new ByteChunk();
    Map<String, List<String>> resHead = new HashMap<>();
    int rc = methodUrl("http://localhost:" + getPort() + request, res, DEFAULT_CLIENT_TIMEOUT_MS, null, resHead, "GET", false);
    res.setCharset(StandardCharsets.UTF_8);
    if (expectedURI == null) {
        // Rewrite is expected to fail. Probably because invalid characters
        // were written into the request target
        Assert.assertEquals(400, rc);
    } else {
        List<String> locations = resHead.get("Location");
        Assert.assertFalse(locations.isEmpty());
        String redirectURI = locations.get(0);
        Assert.assertEquals(expectedURI, redirectURI);
        Assert.assertEquals(expectedStatusCode, rc);
    }
}
Also used : Context(org.apache.catalina.Context) Tomcat(org.apache.catalina.startup.Tomcat) ByteChunk(org.apache.tomcat.util.buf.ByteChunk) HashMap(java.util.HashMap) List(java.util.List) TesterServlet(org.apache.catalina.startup.TesterServlet)

Example 28 with TesterServlet

use of org.apache.catalina.startup.TesterServlet in project tomcat70 by apache.

the class TestSSOnonLoginAndDigestAuthenticator method setUpDigest.

private void setUpDigest(Tomcat tomcat) throws Exception {
    // No file system docBase required
    Context ctxt = tomcat.addContext(CONTEXT_PATH_DIGEST, null);
    ctxt.setSessionTimeout(SHORT_TIMEOUT_SECS);
    // Add protected servlet
    Tomcat.addServlet(ctxt, "TesterServlet3", new TesterServlet());
    ctxt.addServletMapping(URI_PROTECTED, "TesterServlet3");
    SecurityCollection collection = new SecurityCollection();
    collection.addPattern(URI_PROTECTED);
    SecurityConstraint sc = new SecurityConstraint();
    sc.addAuthRole(ROLE);
    sc.addCollection(collection);
    ctxt.addConstraint(sc);
    // Configure the appropriate authenticator
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("DIGEST");
    ctxt.setLoginConfig(lc);
    ctxt.getPipeline().addValve(new DigestAuthenticator());
}
Also used : Context(org.apache.catalina.Context) LoginConfig(org.apache.catalina.deploy.LoginConfig) TesterServlet(org.apache.catalina.startup.TesterServlet) SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint) SecurityCollection(org.apache.catalina.deploy.SecurityCollection)

Example 29 with TesterServlet

use of org.apache.catalina.startup.TesterServlet in project tomcat70 by apache.

the class TestSSOnonLoginAndDigestAuthenticator method setUpNonLogin.

private void setUpNonLogin(Tomcat tomcat) throws Exception {
    // No file system docBase required
    Context ctxt = tomcat.addContext(CONTEXT_PATH_NOLOGIN, null);
    ctxt.setSessionTimeout(LONG_TIMEOUT_SECS);
    // Add protected servlet
    Tomcat.addServlet(ctxt, "TesterServlet1", new TesterServlet());
    ctxt.addServletMapping(URI_PROTECTED, "TesterServlet1");
    SecurityCollection collection1 = new SecurityCollection();
    collection1.addPattern(URI_PROTECTED);
    SecurityConstraint sc1 = new SecurityConstraint();
    sc1.addAuthRole(ROLE);
    sc1.addCollection(collection1);
    ctxt.addConstraint(sc1);
    // Add unprotected servlet
    Tomcat.addServlet(ctxt, "TesterServlet2", new TesterServlet());
    ctxt.addServletMapping(URI_PUBLIC, "TesterServlet2");
    SecurityCollection collection2 = new SecurityCollection();
    collection2.addPattern(URI_PUBLIC);
    SecurityConstraint sc2 = new SecurityConstraint();
    // do not add a role - which signals access permitted without one
    sc2.addCollection(collection2);
    ctxt.addConstraint(sc2);
    // Configure the appropriate authenticator
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("NONE");
    ctxt.setLoginConfig(lc);
    ctxt.getPipeline().addValve(new NonLoginAuthenticator());
}
Also used : Context(org.apache.catalina.Context) LoginConfig(org.apache.catalina.deploy.LoginConfig) TesterServlet(org.apache.catalina.startup.TesterServlet) SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint) SecurityCollection(org.apache.catalina.deploy.SecurityCollection)

Aggregations

TesterServlet (org.apache.catalina.startup.TesterServlet)29 Context (org.apache.catalina.Context)25 Tomcat (org.apache.catalina.startup.Tomcat)21 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)14 Test (org.junit.Test)14 SimpleHttpClient (org.apache.catalina.startup.SimpleHttpClient)13 AsyncContext (jakarta.servlet.AsyncContext)12 LoginConfig (org.apache.tomcat.util.descriptor.web.LoginConfig)6 SecurityCollection (org.apache.tomcat.util.descriptor.web.SecurityCollection)6 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)6 LoginConfig (org.apache.catalina.deploy.LoginConfig)5 SecurityCollection (org.apache.catalina.deploy.SecurityCollection)5 SecurityConstraint (org.apache.catalina.deploy.SecurityConstraint)5 Wrapper (org.apache.catalina.Wrapper)3 ByteChunk (org.apache.tomcat.util.buf.ByteChunk)3 IOException (java.io.IOException)2 SocketTimeoutException (java.net.SocketTimeoutException)2 List (java.util.List)2 AprLifecycleListener (org.apache.catalina.core.AprLifecycleListener)2 StandardServer (org.apache.catalina.core.StandardServer)2