use of org.apache.commons.httpclient.HttpState in project zm-mailbox by Zimbra.
the class TestCookieReuse method testForceEndSession.
/**
* Verify that we canNOT RE-use the cookie taken from a legitimate HTTP session for a REST request
* after ending the original session
*/
@Test
public void testForceEndSession() throws ServiceException, IOException {
//establish legitimate connection
TestUtil.setAccountAttr(USER_NAME, Provisioning.A_zimbraForceClearCookies, "FALSE");
ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
URI uri = mbox.getRestURI("Inbox?fmt=rss");
HttpClient alice = mbox.getHttpClient(uri);
//create evesdropper's connection
HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
Cookie[] cookies = alice.getState().getCookies();
HttpState state = new HttpState();
for (int i = 0; i < cookies.length; i++) {
Cookie cookie = cookies[i];
state.addCookie(new Cookie(uri.getHost(), cookie.getName(), cookie.getValue(), "/", null, false));
}
eve.setState(state);
Account a = TestUtil.getAccount(USER_NAME);
a.setForceClearCookies(false);
EndSessionRequest esr = new EndSessionRequest();
esr.setLogOff(true);
mbox.invokeJaxb(esr);
GetMethod get = new GetMethod(uri.toString());
int statusCode = HttpClientUtil.executeMethod(eve, get);
Assert.assertEquals("This request should not succeed. Getting status code " + statusCode, HttpStatus.SC_UNAUTHORIZED, statusCode);
}
use of org.apache.commons.httpclient.HttpState in project zm-mailbox by Zimbra.
the class TestCookieReuse method testAutoEndSession.
/**
* Verify that we canNOT RE-use the cookie for REST session if the session is valid
*/
@Test
public void testAutoEndSession() throws ServiceException, IOException {
//establish legitimate connection
TestUtil.setAccountAttr(USER_NAME, Provisioning.A_zimbraForceClearCookies, "TRUE");
ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
URI uri = mbox.getRestURI("Inbox?fmt=rss");
HttpClient alice = mbox.getHttpClient(uri);
//create evesdropper's connection
HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
Cookie[] cookies = alice.getState().getCookies();
HttpState state = new HttpState();
for (int i = 0; i < cookies.length; i++) {
Cookie cookie = cookies[i];
state.addCookie(new Cookie(uri.getHost(), cookie.getName(), cookie.getValue(), "/", null, false));
}
eve.setState(state);
Account a = TestUtil.getAccount(USER_NAME);
a.setForceClearCookies(true);
EndSessionRequest esr = new EndSessionRequest();
mbox.invokeJaxb(esr);
GetMethod get = new GetMethod(uri.toString());
int statusCode = HttpClientUtil.executeMethod(eve, get);
Assert.assertEquals("This request should not succeed. Getting status code " + statusCode, HttpStatus.SC_UNAUTHORIZED, statusCode);
}
use of org.apache.commons.httpclient.HttpState in project zm-mailbox by Zimbra.
the class TestDeployZimlet method adminUpload.
public String adminUpload(String authToken, String fileName, String filePath) throws Exception {
PostMethod post = new PostMethod(ADMIN_UPLOAD_URL);
FilePart part = new FilePart(fileName, new FilePartSource(new File(filePath)));
String contentType = "application/x-msdownload";
part.setContentType(contentType);
HttpClient client = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
HttpState state = new HttpState();
state.addCookie(new org.apache.commons.httpclient.Cookie(localServer.getServiceHostname(), ZimbraCookie.authTokenCookieName(true), authToken, "/", null, false));
client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);
client.setState(state);
post.setRequestEntity(new MultipartRequestEntity(new Part[] { part }, post.getParams()));
int statusCode = HttpClientUtil.executeMethod(client, post);
assertEquals("This request should succeed. Getting status code " + statusCode, HttpStatus.SC_OK, statusCode);
String resp = post.getResponseBodyAsString();
assertNotNull("Response should not be empty", resp);
ZimbraLog.test.debug("Upload response " + resp);
String[] responseParts = resp.split(",", 3);
String aid = null;
if (responseParts.length == 3) {
aid = responseParts[2].trim();
if (aid.startsWith("'") || aid.startsWith("\"")) {
aid = aid.substring(1);
}
if (aid.endsWith("'") || aid.endsWith("\"")) {
aid = aid.substring(0, aid.length() - 1);
}
}
return aid;
}
use of org.apache.commons.httpclient.HttpState in project zm-mailbox by Zimbra.
the class TestCookieReuse method testValidSessionCookieReuse.
/**
* Verify that we can RE-use the cookie for REST session if the session is valid
*/
@Test
public void testValidSessionCookieReuse() throws ServiceException, IOException {
//establish legitimate connection
ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
URI uri = mbox.getRestURI("Inbox?fmt=rss");
HttpClient alice = mbox.getHttpClient(uri);
//create evesdropper's connection
HttpClient eve = ZimbraHttpConnectionManager.getInternalHttpConnMgr().newHttpClient();
Cookie[] cookies = alice.getState().getCookies();
HttpState state = new HttpState();
for (int i = 0; i < cookies.length; i++) {
Cookie cookie = cookies[i];
state.addCookie(new Cookie(uri.getHost(), cookie.getName(), cookie.getValue(), "/", null, false));
}
eve.setState(state);
GetMethod get = new GetMethod(uri.toString());
int statusCode = HttpClientUtil.executeMethod(eve, get);
Assert.assertEquals("This request should succeed. Getting status code " + statusCode, HttpStatus.SC_OK, statusCode);
}
use of org.apache.commons.httpclient.HttpState in project zm-mailbox by Zimbra.
the class TestProvIDN method testBasicAuth.
@Test
public void testBasicAuth() throws Exception {
Names.IDNName domainName = new Names.IDNName(makeTestDomainName("basicAuthTest."));
Domain domain = createDomain(domainName.uName(), domainName.uName());
Names.IDNName acctName = new Names.IDNName("acct", domainName.uName());
Account acct = (Account) createTest(EntryType.ACCOUNT, NameType.UNAME, acctName);
HttpState initialState = new HttpState();
/*
Cookie authCookie = new Cookie(restURL.getURL().getHost(), "ZM_AUTH_TOKEN", mAuthToken, "/", null, false);
Cookie sessionCookie = new Cookie(restURL.getURL().getHost(), "JSESSIONID", mSessionId, "/zimbra", null, false);
initialState.addCookie(authCookie);
initialState.addCookie(sessionCookie);
*/
String guestName = acct.getUnicodeName();
String guestPassword = "test123";
Credentials loginCredentials = new UsernamePasswordCredentials(guestName, guestPassword);
initialState.setCredentials(AuthScope.ANY, loginCredentials);
HttpClient client = new HttpClient();
client.setState(initialState);
String url = UserServlet.getRestUrl(acct) + "/Calendar";
System.out.println("REST URL: " + url);
HttpMethod method = new GetMethod(url);
HttpMethodParams methodParams = method.getParams();
methodParams.setCredentialCharset("UTF-8");
try {
int respCode = HttpClientUtil.executeMethod(client, method);
if (respCode != HttpStatus.SC_OK) {
System.out.println("failed, respCode=" + respCode);
} else {
boolean chunked = false;
boolean textContent = false;
/*
System.out.println("Headers:");
System.out.println("--------");
for (Header header : method.getRequestHeaders()) {
System.out.print(" " + header.toString());
}
System.out.println();
System.out.println("Body:");
System.out.println("-----");
String respBody = method.getResponseBodyAsString();
System.out.println(respBody);
*/
}
} finally {
// Release the connection.
method.releaseConnection();
}
}
Aggregations