You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ma...@apache.org on 2013/06/07 12:35:12 UTC
svn commit: r1490573 -
/incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityFilterTest.java
Author: mahadev
Date: Fri Jun 7 10:35:11 2013
New Revision: 1490573
URL: http://svn.apache.org/r1490573
Log:
AMBARI-2283. SecurityFilter does not allow hostnames with non-alphabetic characters. (Ximo Guanter via mahadev)
Added:
incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityFilterTest.java
Added: incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityFilterTest.java
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityFilterTest.java?rev=1490573&view=auto
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityFilterTest.java (added)
+++ incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/security/SecurityFilterTest.java Fri Jun 7 10:35:11 2013
@@ -0,0 +1,91 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.security;
+
+import org.junit.Test;
+import org.springframework.mock.web.MockFilterChain;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
+import static junit.framework.Assert.assertEquals;
+import static junit.framework.Assert.assertNull;
+
+public class SecurityFilterTest {
+ @Test
+ public void mustFilterNonHttpsRequests() throws Exception {
+ SecurityFilter filter = new SecurityFilter();
+ MockHttpServletRequest request = this.getDefaultRequest();
+ request.setRequestURI("/certs/");
+ request.setScheme("http");
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ request.setLocalPort(8440);
+ MockFilterChain chain = new MockFilterChain();
+ filter.doFilter(request, response, chain);
+ assertNull(chain.getRequest());
+ assertNull(chain.getResponse());
+ }
+
+ @Test
+ public void mustAllowSecurePortRequests() throws Exception {
+ SecurityFilter filter = new SecurityFilter();
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ MockHttpServletRequest request = this.getDefaultRequest();
+ request.setServerPort(8441);
+ request.setLocalPort(8441);
+ request.setRequestURI("/certs/");
+ MockFilterChain chain = new MockFilterChain();
+ filter.doFilter(request, response, chain);
+ assertEquals(request, chain.getRequest());
+ assertEquals(response, chain.getResponse());
+ }
+
+ @Test
+ public void mustAllowCertCreationRequests() throws Exception {
+ SecurityFilter filter = new SecurityFilter();
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ MockHttpServletRequest request = this.getDefaultRequest();
+ request.setRequestURI("/certs/www.andromeda-01.com");
+ request.setMethod("POST");
+ MockFilterChain chain = new MockFilterChain();
+ filter.doFilter(request, response, chain);
+ assertEquals(request, chain.getRequest());
+ assertEquals(response, chain.getResponse());
+ }
+
+ @Test
+ public void mustAllowCertCaGetRequests() throws Exception {
+ SecurityFilter filter = new SecurityFilter();
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ MockHttpServletRequest request = this.getDefaultRequest();
+ request.setRequestURI("/cert/ca/");
+ MockFilterChain chain = new MockFilterChain();
+ filter.doFilter(request, response, chain);
+ assertEquals(request, chain.getRequest());
+ assertEquals(response, chain.getResponse());
+ }
+
+ private MockHttpServletRequest getDefaultRequest() {
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ request.setServerPort(8440);
+ request.setMethod("GET");
+ request.setServerName("www.andromeda-01.com");
+ request.setScheme("https");
+ return request;
+ }
+}