Example 26 with BasicCookieStore
use of org.apache.http.impl.client.BasicCookieStore in project wildfly by wildfly.
the class SSOTestBase method executeFormAuthSSOTimeoutTest.
/**
* Test single sign-on across two web apps using form based auth.
*
* Test that after session timeout SSO is destroyed.
*
* @throws Exception
*/
public static void executeFormAuthSSOTimeoutTest(URL serverA, URL serverB, Logger log) throws Exception {
URL warA1 = new URL(serverA, "/war1/");
URL warB2 = new URL(serverB, "/war2/");
// Start by accessing the secured index.html of war1
CookieStore store = new BasicCookieStore();
HttpClient httpclient = TestHttpClientUtils.promiscuousCookieHttpClientBuilder().setDefaultCookieStore(store).disableRedirectHandling().build();
try {
checkAccessDenied(httpclient, warA1 + "index.html");
log.debug("Saw JSESSIONID=" + getSessionIdValueFromState(store));
// Submit the login form
executeFormLogin(httpclient, warA1);
String ssoID = processSSOCookie(store, serverA.toString(), serverB.toString());
log.debug("Saw JSESSIONIDSSO=" + ssoID);
// After login I should still have access + set session timeout to 5 seconds
checkAccessAllowed(httpclient, warA1 + "set_session_timeout.jsp");
// Also access to war2 should be granted + set session timeout to 5 seconds
checkAccessAllowed(httpclient, warB2 + "set_session_timeout.jsp");
// wait 5 seconds session timeout + 1 seconds reserve
Thread.sleep((5 + 1) * 1000);
// After timeout I should be not able to access the app
checkAccessDenied(httpclient, warA1 + "index.html");
checkAccessDenied(httpclient, warB2 + "index.html");
} finally {
HttpClientUtils.closeQuietly(httpclient);
}
}
Also used :
CookieStore(org.apache.http.client.CookieStore)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
HttpClient(org.apache.http.client.HttpClient)
URL(java.net.URL)
Example 27 with BasicCookieStore
use of org.apache.http.impl.client.BasicCookieStore in project wildfly by wildfly.
the class SSOTestBase method executeNoAuthSingleSignOnTest.
public static void executeNoAuthSingleSignOnTest(URL serverA, URL serverB, Logger log) throws Exception {
URL warA1 = new URL(serverA, "/war1/");
URL warB2 = new URL(serverB + "/war2/");
URL warB6 = new URL(serverB + "/war6/");
// Start by accessing the secured index.html of war1
CookieStore store = new BasicCookieStore();
HttpClient httpclient = TestHttpClientUtils.promiscuousCookieHttpClientBuilder().setDefaultCookieStore(store).build();
try {
checkAccessDenied(httpclient, warA1 + "index.html");
log.debug("Saw JSESSIONID=" + getSessionIdValueFromState(store));
// Submit the login form
executeFormLogin(httpclient, warA1);
String ssoID = processSSOCookie(store, serverA.toString(), serverB.toString());
log.debug("Saw JSESSIONIDSSO=" + ssoID);
// Now try getting the war2 index using the JSESSIONIDSSO cookie
log.debug("Prepare /war2/index.html get");
checkAccessAllowed(httpclient, warB2 + "index.html");
// Access a secured servlet that calls a secured ejb in war2 to test
// propagation of the SSO identity to the ejb container.
checkAccessAllowed(httpclient, warB2 + "EJBServlet");
// Do the same test on war6 to test SSO auth replication with no auth
// configured war
checkAccessAllowed(httpclient, warB6 + "index.html");
checkAccessAllowed(httpclient, warB2 + "EJBServlet");
} finally {
HttpClientUtils.closeQuietly(httpclient);
}
}
Also used :
CookieStore(org.apache.http.client.CookieStore)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
HttpClient(org.apache.http.client.HttpClient)
URL(java.net.URL)
Example 28 with BasicCookieStore
use of org.apache.http.impl.client.BasicCookieStore in project redisson by redisson.
the class RedissonSessionManagerTest method testInvalidate.
@Test
public void testInvalidate() throws Exception {
// start the server at http://localhost:8080/myapp
TomcatServer server = new TomcatServer("myapp", 8080, "src/test/");
server.start();
Executor executor = Executor.newInstance();
BasicCookieStore cookieStore = new BasicCookieStore();
executor.use(cookieStore);
write(executor, "test", "1234");
Cookie cookie = cookieStore.getCookies().get(0);
invalidate(executor);
Executor.closeIdleConnections();
executor = Executor.newInstance();
cookieStore = new BasicCookieStore();
cookieStore.addCookie(cookie);
executor.use(cookieStore);
read(executor, "test", "null");
Executor.closeIdleConnections();
server.stop();
}
Also used :
Cookie(org.apache.http.cookie.Cookie)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
Executor(org.apache.http.client.fluent.Executor)
Test(org.junit.Test)
Example 29 with BasicCookieStore
use of org.apache.http.impl.client.BasicCookieStore in project oxAuth by GluuFederation.
the class TestSessionWorkflow method test.
@Parameters({ "userId", "userSecret", "clientId", "clientSecret", "redirectUri" })
@Test
public void test(final String userId, final String userSecret, final String clientId, final String clientSecret, final String redirectUri) throws Exception {
DefaultHttpClient httpClient = new DefaultHttpClient();
try {
CookieStore cookieStore = new BasicCookieStore();
httpClient.setCookieStore(cookieStore);
ClientExecutor clientExecutor = new ApacheHttpClient4Executor(httpClient);
////////////////////////////////////////////////
// TV side. Code 1 //
////////////////////////////////////////////////
AuthorizationRequest authorizationRequest1 = new AuthorizationRequest(Arrays.asList(ResponseType.CODE), clientId, Arrays.asList("openid", "profile", "email"), redirectUri, null);
authorizationRequest1.setAuthUsername(userId);
authorizationRequest1.setAuthPassword(userSecret);
authorizationRequest1.getPrompts().add(Prompt.NONE);
authorizationRequest1.setState("af0ifjsldkj");
authorizationRequest1.setRequestSessionState(true);
AuthorizeClient authorizeClient1 = new AuthorizeClient(authorizationEndpoint);
authorizeClient1.setRequest(authorizationRequest1);
AuthorizationResponse authorizationResponse1 = authorizeClient1.exec(clientExecutor);
// showClient(authorizeClient1, cookieStore);
String code1 = authorizationResponse1.getCode();
String sessionState = authorizationResponse1.getSessionState();
Assert.assertNotNull("code1 is null", code1);
Assert.assertNotNull("sessionState is null", sessionState);
// TV sends the code to the Backend
// We don't use httpClient and cookieStore during this call
////////////////////////////////////////////////
// Backend 1 side. Code 1 //
////////////////////////////////////////////////
// Get the access token
TokenClient tokenClient1 = new TokenClient(tokenEndpoint);
TokenResponse tokenResponse1 = tokenClient1.execAuthorizationCode(code1, redirectUri, clientId, clientSecret);
String accessToken1 = tokenResponse1.getAccessToken();
Assert.assertNotNull("accessToken1 is null", accessToken1);
// Get the user's claims
UserInfoClient userInfoClient1 = new UserInfoClient(userInfoEndpoint);
UserInfoResponse userInfoResponse1 = userInfoClient1.execUserInfo(accessToken1);
Assert.assertTrue("userInfoResponse1.getStatus() is not 200", userInfoResponse1.getStatus() == 200);
// System.out.println(userInfoResponse1.getEntity());
////////////////////////////////////////////////
// TV side. Code 2 //
////////////////////////////////////////////////
AuthorizationRequest authorizationRequest2 = new AuthorizationRequest(Arrays.asList(ResponseType.CODE), clientId, Arrays.asList("openid", "profile", "email"), redirectUri, null);
authorizationRequest2.getPrompts().add(Prompt.NONE);
authorizationRequest2.setState("af0ifjsldkj");
authorizationRequest2.setSessionState(sessionState);
AuthorizeClient authorizeClient2 = new AuthorizeClient(authorizationEndpoint);
authorizeClient2.setRequest(authorizationRequest2);
AuthorizationResponse authorizationResponse2 = authorizeClient2.exec(clientExecutor);
// showClient(authorizeClient2, cookieStore);
String code2 = authorizationResponse2.getCode();
Assert.assertNotNull("code2 is null", code2);
// TV sends the code to the Backend
// We don't use httpClient and cookieStore during this call
////////////////////////////////////////////////
// Backend 2 side. Code 2 //
////////////////////////////////////////////////
// Get the access token
TokenClient tokenClient2 = new TokenClient(tokenEndpoint);
TokenResponse tokenResponse2 = tokenClient2.execAuthorizationCode(code2, redirectUri, clientId, clientSecret);
String accessToken2 = tokenResponse2.getAccessToken();
Assert.assertNotNull("accessToken2 is null", accessToken2);
// Get the user's claims
UserInfoClient userInfoClient2 = new UserInfoClient(userInfoEndpoint);
UserInfoResponse userInfoResponse2 = userInfoClient2.execUserInfo(accessToken2);
Assert.assertTrue("userInfoResponse1.getStatus() is not 200", userInfoResponse2.getStatus() == 200);
// System.out.println(userInfoResponse2.getEntity());
} finally {
if (httpClient != null) {
httpClient.getConnectionManager().shutdown();
}
}
}
Also used :
ApacheHttpClient4Executor(org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor)
ClientExecutor(org.jboss.resteasy.client.ClientExecutor)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
CookieStore(org.apache.http.client.CookieStore)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BaseTest(org.xdi.oxauth.BaseTest)
Example 30 with BasicCookieStore
use of org.apache.http.impl.client.BasicCookieStore in project geode by apache.
the class BaseServiceTest method doLogin.
/**
* Login to pulse server and setup httpClient for tests To be called from setupBeforeClass in each
* test class
*/
protected static void doLogin() throws Exception {
System.out.println("BaseServiceTest :: Executing doLogin with user : admin, password : admin.");
CloseableHttpResponse loginResponse = null;
try {
BasicCookieStore cookieStore = new BasicCookieStore();
httpclient = HttpClients.custom().setDefaultCookieStore(cookieStore).build();
HttpUriRequest login = RequestBuilder.post().setUri(new URI(LOGIN_URL)).addParameter("j_username", "admin").addParameter("j_password", "admin").build();
loginResponse = httpclient.execute(login);
try {
HttpEntity entity = loginResponse.getEntity();
EntityUtils.consume(entity);
System.out.println("BaseServiceTest :: HTTP request status : " + loginResponse.getStatusLine());
List<Cookie> cookies = cookieStore.getCookies();
if (cookies.isEmpty()) {
} else {
for (int i = 0; i < cookies.size(); i++) {
}
}
} finally {
if (loginResponse != null)
loginResponse.close();
}
} catch (Exception failed) {
logException(failed);
throw failed;
}
System.out.println("BaseServiceTest :: Executed doLogin");
}
Also used :
HttpUriRequest(org.apache.http.client.methods.HttpUriRequest)
Cookie(org.apache.http.cookie.Cookie)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
HttpEntity(org.apache.http.HttpEntity)
CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse)
URI(java.net.URI)
Aggregations
BasicCookieStore (org.apache.http.impl.client.BasicCookieStore)33
CookieStore (org.apache.http.client.CookieStore)12
HttpResponse (org.apache.http.HttpResponse)10
Test (org.junit.Test)10
IOException (java.io.IOException)9
HttpGet (org.apache.http.client.methods.HttpGet)9
Cookie (org.apache.http.cookie.Cookie)9
BasicHttpContext (org.apache.http.protocol.BasicHttpContext)7
Header (org.apache.http.Header)6
ClientProtocolException (org.apache.http.client.ClientProtocolException)6
DefaultHttpClient (org.apache.http.impl.client.DefaultHttpClient)6
HttpContext (org.apache.http.protocol.HttpContext)6
TestHttpClient (io.undertow.testutils.TestHttpClient)5
SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)5
HttpString (io.undertow.util.HttpString)4
URL (java.net.URL)4
HttpEntity (org.apache.http.HttpEntity)4
HttpClient (org.apache.http.client.HttpClient)4
Executor (org.apache.http.client.fluent.Executor)4
BasicClientCookie (org.apache.http.impl.cookie.BasicClientCookie)4
