Examples with Credentials org.apache.commons.httpclient.Credentials used on opensource projects

Search in sources :

Example 91 with Credentials

use of org.apache.commons.httpclient.Credentials in project sling by apache.

the class GetAclTest method testEffectiveAclMergeForUser_SubsetOfPrivilegesDeniedOnChild.

/**
	 * Test for SLING-2600, Effective ACL servlet returns incorrect information
	 */
@Test
// TODO: fails on Oak
@Ignore
public void testEffectiveAclMergeForUser_SubsetOfPrivilegesDeniedOnChild() throws IOException, JsonException {
    testUserId = H.createTestUser();
    String testFolderUrl = H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
    String postUrl = testFolderUrl + ".modifyAce.html";
    //1. create an initial set of privileges
    List<NameValuePair> postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:all", "granted"));
    Credentials creds = new UsernamePasswordCredentials("admin", "admin");
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:write", "denied"));
    postUrl = testFolderUrl + "/child.modifyAce.html";
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    //fetch the JSON for the eacl to verify the settings.
    String getUrl = testFolderUrl + "/child.eacl.json";
    String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObject = JsonUtil.parseObject(json);
    JsonObject aceObject = jsonObject.getJsonObject(testUserId);
    assertNotNull(aceObject);
    String principalString = aceObject.getString("principal");
    assertEquals(testUserId, principalString);
    JsonArray grantedArray = aceObject.getJsonArray("granted");
    assertNotNull(grantedArray);
    assertTrue(grantedArray.size() >= 8);
    Set<String> grantedPrivilegeNames = new HashSet<String>();
    for (int i = 0; i < grantedArray.size(); i++) {
        grantedPrivilegeNames.add(grantedArray.getString(i));
    }
    H.assertPrivilege(grantedPrivilegeNames, false, "jcr:all");
    H.assertPrivilege(grantedPrivilegeNames, false, "jcr:write");
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:read");
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:readAccessControl");
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:modifyAccessControl");
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:lockManagement");
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:versionManagement");
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:nodeTypeManagement");
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:retentionManagement");
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:lifecycleManagement");
    //jcr:write aggregate privileges should be denied
    H.assertPrivilege(grantedPrivilegeNames, false, "jcr:modifyProperties");
    H.assertPrivilege(grantedPrivilegeNames, false, "jcr:addChildNodes");
    H.assertPrivilege(grantedPrivilegeNames, false, "jcr:removeNode");
    H.assertPrivilege(grantedPrivilegeNames, false, "jcr:removeChildNodes");
    JsonArray deniedArray = aceObject.getJsonArray("denied");
    assertNotNull(deniedArray);
    assertEquals(1, deniedArray.size());
    Set<String> deniedPrivilegeNames = new HashSet<String>();
    for (int i = 0; i < deniedArray.size(); i++) {
        deniedPrivilegeNames.add(deniedArray.getString(i));
    }
    H.assertPrivilege(deniedPrivilegeNames, true, "jcr:write");
}
Also used : JsonArray(javax.json.JsonArray) NameValuePair(org.apache.commons.httpclient.NameValuePair) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HashSet(java.util.HashSet) Ignore(org.junit.Ignore) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Example 92 with Credentials

use of org.apache.commons.httpclient.Credentials in project sling by apache.

the class ModifyAceTest method testAddAceOrderByLast.

/**
	 * Test to verify adding an ACE at the end 
	 * the ACL
	 */
@Test
public void testAddAceOrderByLast() throws IOException, JsonException {
    createAceOrderTestFolderWithOneAce();
    testGroupId = H.createTestGroup();
    addOrUpdateAce(testFolderUrl, testGroupId, true, "last");
    //fetch the JSON for the acl to verify the settings.
    String getUrl = testFolderUrl + ".acl.json";
    Credentials creds = new UsernamePasswordCredentials("admin", "admin");
    String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObject = JsonUtil.parseObject(json);
    assertEquals(2, jsonObject.size());
    JsonObject user = jsonObject.getJsonObject(testUserId);
    assertNotNull(user);
    assertEquals(testUserId, user.getString("principal"));
    assertEquals(0, user.getInt("order"));
    JsonObject group = jsonObject.getJsonObject(testGroupId);
    assertNotNull(group);
    assertEquals(testGroupId, group.getString("principal"));
    assertEquals(1, group.getInt("order"));
}
Also used : JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Example 93 with Credentials

use of org.apache.commons.httpclient.Credentials in project sling by apache.

the class GetAclTest method testEffectiveAclMergeForUser_MorePrivilegesGrantedOnChild.

/**
	 * Test for SLING-2600, Effective ACL servlet returns incorrect information
	 */
@Test
public void testEffectiveAclMergeForUser_MorePrivilegesGrantedOnChild() throws IOException, JsonException {
    testUserId = H.createTestUser();
    String testFolderUrl = H.createTestFolder("{ \"jcr:primaryType\": \"nt:unstructured\", \"propOne\" : \"propOneValue\", \"child\" : { \"childPropOne\" : true } }");
    String postUrl = testFolderUrl + ".modifyAce.html";
    //1. create an initial set of privileges
    List<NameValuePair> postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:write", "granted"));
    Credentials creds = new UsernamePasswordCredentials("admin", "admin");
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    postParams = new ArrayList<NameValuePair>();
    postParams.add(new NameValuePair("principalId", testUserId));
    postParams.add(new NameValuePair("privilege@jcr:all", "granted"));
    postUrl = testFolderUrl + "/child.modifyAce.html";
    H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
    //fetch the JSON for the eacl to verify the settings.
    String getUrl = testFolderUrl + "/child.eacl.json";
    String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObject = JsonUtil.parseObject(json);
    JsonObject aceObject = jsonObject.getJsonObject(testUserId);
    assertNotNull(aceObject);
    String principalString = aceObject.getString("principal");
    assertEquals(testUserId, principalString);
    JsonArray grantedArray = aceObject.getJsonArray("granted");
    assertNotNull(grantedArray);
    assertEquals(1, grantedArray.size());
    Set<String> grantedPrivilegeNames = new HashSet<String>();
    for (int i = 0; i < grantedArray.size(); i++) {
        grantedPrivilegeNames.add(grantedArray.getString(i));
    }
    H.assertPrivilege(grantedPrivilegeNames, true, "jcr:all");
    Object deniedArray = aceObject.get("denied");
    assertNull(deniedArray);
}
Also used : NameValuePair(org.apache.commons.httpclient.NameValuePair) ArrayList(java.util.ArrayList) JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) JsonArray(javax.json.JsonArray) JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) HashSet(java.util.HashSet) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Example 94 with Credentials

use of org.apache.commons.httpclient.Credentials in project sling by apache.

the class AuthenticationResponseCodeTest method testValidatingIncorrectHttpBasicCredentials.

@Test
public void testValidatingIncorrectHttpBasicCredentials() throws Exception {
    // assume http and webdav are on the same host + port
    URL url = new URL(HttpTest.HTTP_BASE_URL);
    Credentials defaultcreds = new UsernamePasswordCredentials("garbage", "garbage");
    H.getHttpClient().getState().setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds);
    List<NameValuePair> params = new ArrayList<NameValuePair>();
    params.add(new NameValuePair("j_validate", "true"));
    HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null);
    assertXReason(post);
    HttpMethod get = H.assertHttpStatus(HttpTest.HTTP_BASE_URL + "/?j_validate=true", HttpServletResponse.SC_FORBIDDEN);
    assertXReason(get);
}
Also used : NameValuePair(org.apache.commons.httpclient.NameValuePair) AuthScope(org.apache.commons.httpclient.auth.AuthScope) ArrayList(java.util.ArrayList) URL(java.net.URL) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) HttpMethod(org.apache.commons.httpclient.HttpMethod) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Example 95 with Credentials

use of org.apache.commons.httpclient.Credentials in project sling by apache.

the class ModifyAceTest method testAddAceOrderByFirst.

/**
	 * Test to verify adding an ACE in the first position of 
	 * the ACL
	 */
@Test
public void testAddAceOrderByFirst() throws IOException, JsonException {
    createAceOrderTestFolderWithOneAce();
    testGroupId = H.createTestGroup();
    addOrUpdateAce(testFolderUrl, testGroupId, true, "first");
    //fetch the JSON for the acl to verify the settings.
    String getUrl = testFolderUrl + ".acl.json";
    Credentials creds = new UsernamePasswordCredentials("admin", "admin");
    String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
    assertNotNull(json);
    JsonObject jsonObject = JsonUtil.parseObject(json);
    assertEquals(2, jsonObject.size());
    JsonObject group = jsonObject.getJsonObject(testGroupId);
    assertNotNull(group);
    assertEquals(testGroupId, group.getString("principal"));
    assertEquals(0, group.getInt("order"));
    JsonObject user = jsonObject.getJsonObject(testUserId);
    assertNotNull(user);
    assertEquals(testUserId, user.getString("principal"));
    assertEquals(1, user.getInt("order"));
}
Also used : JsonObject(javax.json.JsonObject) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Credentials(org.apache.commons.httpclient.Credentials) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) HttpTest(org.apache.sling.commons.testing.integration.HttpTest) Test(org.junit.Test)

Aggregations

Credentials (org.apache.commons.httpclient.Credentials)102 UsernamePasswordCredentials (org.apache.commons.httpclient.UsernamePasswordCredentials)102 ArrayList (java.util.ArrayList)64 NameValuePair (org.apache.commons.httpclient.NameValuePair)64 JsonObject (javax.json.JsonObject)52 HttpTest (org.apache.sling.commons.testing.integration.HttpTest)51 Test (org.junit.Test)51 JsonArray (javax.json.JsonArray)19 AuthScope (org.apache.commons.httpclient.auth.AuthScope)17 HashSet (java.util.HashSet)14 GetMethod (org.apache.commons.httpclient.methods.GetMethod)12 HttpClient (org.apache.commons.httpclient.HttpClient)11 URL (java.net.URL)9 HttpMethod (org.apache.commons.httpclient.HttpMethod)5 IOException (java.io.IOException)4 HttpState (org.apache.commons.httpclient.HttpState)4 After (org.junit.After)4 InputStream (java.io.InputStream)3 Header (org.apache.commons.httpclient.Header)3 HttpException (org.apache.commons.httpclient.HttpException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial