Examples with AuthScope org.apache.http.auth.AuthScope used on opensource projects

Example 71 with AuthScope

use of org.apache.http.auth.AuthScope in project wildfly by wildfly.

the class SAML2BasicAuthenticationTestCase method testAutoRedirectSP.

/**
     * Tests access to protected service provider with automatic handling of
     * redirections
     *
     * @throws Exception
     */
@Test
public void testAutoRedirectSP() throws Exception {
    final DefaultHttpClient httpClient = new DefaultHttpClient();
    httpClient.setRedirectStrategy(Utils.REDIRECT_STRATEGY);
    try {
        final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(PicketLinkTestBase.ANIL, PicketLinkTestBase.ANIL);
        httpClient.getCredentialsProvider().setCredentials(new AuthScope(null, idpUrl.getPort()), credentials);
        String response = PicketLinkTestBase.makeCall(sp2Url, httpClient, 200);
        assertTrue("SP2 index page was not reached", response.contains("Welcome to SP2"));
    } finally {
        httpClient.getConnectionManager().shutdown();
    }
}

Example 72 with AuthScope

use of org.apache.http.auth.AuthScope in project wildfly by wildfly.

the class SAML2BasicAuthenticationTestCase method testUnauthorizedAccess.

/**
     * Tests access to protected service provider without credentials or with bad credentials
     * which must be denied
     *
     * @throws Exception
     */
@Test
public void testUnauthorizedAccess() throws Exception {
    final DefaultHttpClient httpClient = new DefaultHttpClient();
    httpClient.setRedirectStrategy(Utils.REDIRECT_STRATEGY);
    try {
        PicketLinkTestBase.makeCall(sp2Url, httpClient, 401);
        final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(PicketLinkTestBase.MARCUS, PicketLinkTestBase.MARCUS);
        httpClient.getCredentialsProvider().setCredentials(new AuthScope(null, idpUrl.getPort()), credentials);
        PicketLinkTestBase.makeCall(sp2Url, httpClient, 403);
    } finally {
        httpClient.getConnectionManager().shutdown();
    }
}

Example 73 with AuthScope

use of org.apache.http.auth.AuthScope in project wildfly by wildfly.

the class IdentityLoginModuleTestCase method assertPrincipal.

/**
     * Calls {@link PrincipalPrintingServlet} and checks if the returned principal name is the expected one.
     *
     * @param url
     * @param expectedPrincipal
     * @return Principal name returned from {@link PrincipalPrintingServlet}
     */
private String assertPrincipal(URL url, String expectedPrincipal) {
    DefaultHttpClient httpclient = new DefaultHttpClient();
    Credentials creds = new UsernamePasswordCredentials("anyUsername");
    httpclient.getCredentialsProvider().setCredentials(new AuthScope(url.getHost(), url.getPort()), creds);
    HttpGet httpget = new HttpGet(url.toExternalForm());
    String text;
    try {
        HttpResponse response = httpclient.execute(httpget);
        assertEquals("Unexpected status code", HttpServletResponse.SC_OK, response.getStatusLine().getStatusCode());
        text = EntityUtils.toString(response.getEntity());
    } catch (IOException e) {
        throw new RuntimeException("Servlet response IO exception", e);
    }
    assertEquals("Unexpected principal name assigned by IdentityLoinModule", expectedPrincipal, text);
    return text;
}

Example 74 with AuthScope

use of org.apache.http.auth.AuthScope in project wildfly by wildfly.

the class Utils method makeCallWithBasicAuthn.

/**
     * Returns response body for the given URL request as a String. It also checks if the returned HTTP status code is the
     * expected one. If the server returns {@link HttpServletResponse#SC_UNAUTHORIZED} and username is provided, then a new
     * request is created with the provided credentials (basic authentication).
     *
     * @param url URL to which the request should be made
     * @param user Username (may be null)
     * @param pass Password (may be null)
     * @param expectedStatusCode expected status code returned from the requested server
     * @return HTTP response body
     * @throws IOException
     * @throws URISyntaxException
     */
public static String makeCallWithBasicAuthn(URL url, String user, String pass, int expectedStatusCode) throws IOException, URISyntaxException {
    LOGGER.trace("Requesting URL " + url);
    try (final CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
        final HttpGet httpGet = new HttpGet(url.toURI());
        HttpResponse response = httpClient.execute(httpGet);
        int statusCode = response.getStatusLine().getStatusCode();
        if (HttpServletResponse.SC_UNAUTHORIZED != statusCode || StringUtils.isEmpty(user)) {
            assertEquals("Unexpected HTTP response status code.", expectedStatusCode, statusCode);
            return EntityUtils.toString(response.getEntity());
        }
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("HTTP response was SC_UNAUTHORIZED, let's authenticate the user " + user);
        }
        HttpEntity entity = response.getEntity();
        if (entity != null)
            EntityUtils.consume(entity);
        final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(user, pass);
        HttpClientContext hc = new HttpClientContext();
        hc.setCredentialsProvider(new BasicCredentialsProvider());
        hc.getCredentialsProvider().setCredentials(new AuthScope(url.getHost(), url.getPort()), credentials);
        //enable auth
        response = httpClient.execute(httpGet, hc);
        statusCode = response.getStatusLine().getStatusCode();
        assertEquals("Unexpected status code returned after the authentication.", expectedStatusCode, statusCode);
        return EntityUtils.toString(response.getEntity());
    }
}

Example 75 with AuthScope

use of org.apache.http.auth.AuthScope in project wildfly by wildfly.

the class JAASIdentityCachingTestCase method test.

/**
     * Test how many times is called login() method of {@link CustomLoginModule} and if the response from HelloBean is the
     * expected one.
     *
     * @param webAppURL
     * @throws Exception
     */
@Test
public void test(@ArquillianResource URL webAppURL) throws Exception {
    final URI greetingUri = new URI(webAppURL.toExternalForm() + HelloEJBCallServlet.SERVLET_PATH.substring(1) + "?" + HelloEJBCallServlet.PARAM_JNDI_NAME + "=" + URLEncoder.encode("java:app/" + JAR_BASE_NAME + "/" + HelloBean.class.getSimpleName(), "UTF-8"));
    final URI counterUri = new URI(webAppURL.toExternalForm() + LMCounterServlet.SERVLET_PATH.substring(1));
    BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
    final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials("admin", CustomLoginModule.PASSWORD);
    credentialsProvider.setCredentials(new AuthScope(greetingUri.getHost(), greetingUri.getPort()), credentials);
    try (final CloseableHttpClient httpClient = HttpClients.createDefault()) {
        final HttpGet getCounter = new HttpGet(counterUri);
        final HttpGet getGreeting = new HttpGet(greetingUri);
        HttpResponse response = httpClient.execute(getGreeting);
        assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getStatusLine().getStatusCode());
        EntityUtils.consume(response.getEntity());
        //check if LoginModule #login() counter is initialized correctly
        HttpClientContext context = HttpClientContext.create();
        context.setCredentialsProvider(credentialsProvider);
        response = httpClient.execute(getCounter, context);
        assertEquals("0", EntityUtils.toString(response.getEntity()));
        //make 2 calls to the servlet
        response = httpClient.execute(getGreeting, context);
        assertEquals("Hello Caller!", EntityUtils.toString(response.getEntity()));
        response = httpClient.execute(getGreeting, context);
        assertEquals("Hello Caller!", EntityUtils.toString(response.getEntity()));
        //There should be only one call to login() method
        response = httpClient.execute(getCounter, context);
        assertEquals("1", EntityUtils.toString(response.getEntity()));
    }
}