use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class LoginFailureHandlerImplTest method testRedirectToTargetUrl.
@Test
public void testRedirectToTargetUrl() throws Exception {
handler.setTargetUrl(TARGET_URL);
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
RequestContext context = new RequestContext(request, response, null);
handler.handle(context, new AuthenticationException());
assertEquals(TARGET_URL, response.getRedirectedUrl());
assertEquals(HttpServletResponse.SC_MOVED_TEMPORARILY, response.getStatus());
assertTrue(response.isCommitted());
}
use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class AccessDeniedHandlerImplTest method testSendError.
@Test
public void testSendError() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
RequestContext context = new RequestContext(request, response, null);
handler.handle(context, new AccessDeniedException(""));
assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
assertTrue(response.isCommitted());
}
use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class AccessDeniedHandlerImplTest method testForwardToErrorPage.
@Test
public void testForwardToErrorPage() throws Exception {
handler.setErrorPageUrl(ERROR_PAGE_URL);
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
RequestContext context = new RequestContext(request, response, null);
handler.handle(context, new AccessDeniedException(""));
assertEquals(ERROR_PAGE_URL, response.getForwardedUrl());
assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class AddSecurityCookiesProcessorTest method testAddCookiesLoggedOut.
@Test
public void testAddCookiesLoggedOut() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
RequestContext context = new RequestContext(request, response, null);
RequestSecurityProcessor flushResponseProcessor = new RequestSecurityProcessor() {
@Override
public void processRequest(RequestContext context, RequestSecurityProcessorChain processorChain) throws Exception {
context.getResponse().getOutputStream().flush();
}
};
Cookie ticketCookie = new Cookie(SecurityUtils.TICKET_COOKIE_NAME, new ObjectId().toString());
Cookie profileLastModifiedCookie = new Cookie(SecurityUtils.PROFILE_LAST_MODIFIED_COOKIE_NAME, String.valueOf(System.currentTimeMillis()));
request.setCookies(ticketCookie, profileLastModifiedCookie);
RequestSecurityProcessorChain chain = new RequestSecurityProcessorChainImpl(Arrays.asList(processor, flushResponseProcessor).iterator());
processor.processRequest(context, chain);
ticketCookie = response.getCookie(SecurityUtils.TICKET_COOKIE_NAME);
assertNotNull(ticketCookie);
assertEquals(null, ticketCookie.getValue());
assertEquals(0, ticketCookie.getMaxAge());
profileLastModifiedCookie = response.getCookie(SecurityUtils.PROFILE_LAST_MODIFIED_COOKIE_NAME);
assertNotNull(profileLastModifiedCookie);
assertEquals(null, profileLastModifiedCookie.getValue());
assertEquals(0, profileLastModifiedCookie.getMaxAge());
}
use of org.craftercms.commons.http.RequestContext in project profile by craftercms.
the class LoginProcessorTest method testLoginFailure.
@Test
public void testLoginFailure() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest(LoginProcessor.DEFAULT_LOGIN_METHOD, LoginProcessor.DEFAULT_LOGIN_URL);
MockHttpServletResponse response = new MockHttpServletResponse();
HttpSession session = request.getSession(true);
RequestContext context = new RequestContext(request, response, null);
RequestSecurityProcessorChain chain = mock(RequestSecurityProcessorChain.class);
request.setParameter(LoginProcessor.DEFAULT_USERNAME_PARAM, USERNAME);
request.setParameter(LoginProcessor.DEFAULT_PASSWORD_PARAM, INVALID_PASSWORD);
processor.processRequest(context, chain);
verify(chain, never()).processRequest(context);
assertNotNull(session.getAttribute(SecurityUtils.BAD_CREDENTIALS_EXCEPTION_SESSION_ATTRIBUTE));
Authentication auth = SecurityUtils.getAuthentication(request);
assertNull(auth);
verify(authenticationManager).authenticateUser(TENANTS, USERNAME, INVALID_PASSWORD);
verify(loginFailureHandler).handle(eq(context), any(BadCredentialsException.class));
}
Aggregations