You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by xi...@apache.org on 2010/08/20 08:06:05 UTC
svn commit: r987382 - in
/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test:
./ src/main/java/org/apache/geronimo/testsuite/servlet30/main/
src/main/webapp/ src/main/webapp/WEB-INF/
src/test/java/org/apache/geronimo/testsuite/s...
Author: xiaming
Date: Fri Aug 20 06:06:05 2010
New Revision: 987382
URL: http://svn.apache.org/viewvc?rev=987382&view=rev
Log:
GERONIMO-5542 test about new security methods in HttpServletRequest interface, provided by LiWenQin
Added:
geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/AuthenticateServlet.java (with props)
geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/LoginServlet.java (with props)
geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/index.jsp (with props)
Modified:
geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/pom.xml
geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml
geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java
Modified: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/pom.xml?rev=987382&r1=987381&r2=987382&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/pom.xml (original)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/pom.xml Fri Aug 20 06:06:05 2010
@@ -56,7 +56,11 @@
</property>
</activation>
<build>
- <plugins>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>selenium-maven-plugin</artifactId>
+ </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
Added: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/AuthenticateServlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/AuthenticateServlet.java?rev=987382&view=auto
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/AuthenticateServlet.java (added)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/AuthenticateServlet.java Fri Aug 20 06:06:05 2010
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.geronimo.testsuite.servlet30.main;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@WebServlet(name="AuthenticateServlet", urlPatterns={"/AuthenticateServlet"})
+public class AuthenticateServlet extends HttpServlet {
+
+
+ @Override
+ protected void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ response.setContentType("text/html;charset=UTF-8");
+ PrintWriter out = response.getWriter();
+ out.println("<html>");
+ out.println("<head>");
+ out.println("<title>AuthenticateServlet</title>");
+ out.println("</head>");
+ out.println("<body>");
+ out.println("<h1>AuthenticateServlet at " + request.getContextPath () + "</h1>");
+ try{
+ request.authenticate(response);
+ out.println("<p id=\"authenticateResult\">Authenticate sucess!</p>");
+ }catch(javax.servlet.ServletException se){
+ out.println("request.authenticate method occurs a ServletException: " + se.getMessage());
+ }
+
+ out.println("</body>");
+ out.println("</html>");
+ }
+
+
+ @Override
+ protected void doPost(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ this.doGet(request, response);
+ }
+
+}
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/AuthenticateServlet.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/AuthenticateServlet.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/AuthenticateServlet.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/LoginServlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/LoginServlet.java?rev=987382&view=auto
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/LoginServlet.java (added)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/LoginServlet.java Fri Aug 20 06:06:05 2010
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.testsuite.servlet30.main;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class LoginServlet extends javax.servlet.http.HttpServlet {
+
+ protected void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ response.setContentType("text/html;charset=UTF-8");
+ PrintWriter out = response.getWriter();
+ try {
+ String userName = request.getParameter("UserName");
+ String password = request.getParameter("Password");
+
+ //Before Login
+ String bli1= String.valueOf(request.isUserInRole("RoleB"));
+ String bli2 = String.valueOf(request.getRemoteUser());
+ String bli3 = String.valueOf(request.getUserPrincipal());
+ try {
+ request.login(userName, password);
+ }catch(ServletException se) {
+ out.println("request.login method occurs a ServletException: " + se.getMessage());
+ return;
+ }
+ //Login
+ String ali1= String.valueOf(request.isUserInRole("RoleB"));
+ String ali2 = String.valueOf(request.getRemoteUser());
+ String ali3 = String.valueOf(request.getUserPrincipal());
+
+ request.logout();
+ //Logout
+ String alo1= String.valueOf(request.isUserInRole("RoleB"));
+ String alo2 = String.valueOf(request.getRemoteUser());
+ String alo3 = String.valueOf(request.getUserPrincipal());
+
+
+ out.println("<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">"+
+ "<title>Programmatic Security</title></head>");
+ out.println("<body>");
+ out.println("<table cellpadding=\"1\" border=\"1\">");
+
+ out.println("<tr><th>Value/Status</th><th>BeforeLogin</th><th>AfterLogin</th><th>AfterLogout</th></tr>");
+
+ out.println("<tr>");
+ out.println("<th>getRemoteUser</th>");
+ out.println("<td id=\"bli1\">"+bli1+"</td>");
+ out.println("<td id=\"ali1\">"+ali1+"</td>");
+ out.println("<td id=\"alo1\">"+alo1+"</td>");
+ out.println("</tr>");
+
+ out.println("<tr>");
+ out.println("<th>isUserInRole</th>");
+ out.println("<td id=\"bli2\">"+bli2+"</td>");
+ out.println("<td id=\"ali2\">"+ali2+"</td>");
+ out.println("<td id=\"alo2\">"+alo2+"</td>");
+ out.println("</tr>");
+
+ out.println("<tr>");
+ out.println("<th>isUserInRole</th>");
+ out.println("<td id=\"bli3\">"+bli3+"</td>");
+ out.println("<td id=\"ali3\">"+ali3+"</td>");
+ out.println("<td id=\"alo3\">"+alo3+"</td>");
+ out.println("</tr>");
+
+ out.println("</table>");
+ out.println("</body>");
+ out.println("</html>");
+
+ } finally {
+ out.close();
+ }
+ }
+
+ protected void doPost(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ this.doGet(request, response);
+ }
+
+}
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/LoginServlet.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/LoginServlet.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/LoginServlet.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml?rev=987382&r1=987381&r2=987382&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml (original)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml Fri Aug 20 06:06:05 2010
@@ -17,6 +17,9 @@
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="3.0" metadata-complete="false">
<display-name>SampleServlet</display-name>
+ <welcome-file-list>
+ <welcome-file>index.jsp</welcome-file>
+ </welcome-file-list>
<servlet>
<description></description>
<display-name>SampleServlet1</display-name>
@@ -35,6 +38,14 @@
<servlet-name>SampleServlet3</servlet-name>
<servlet-class>org.apache.geronimo.testsuite.servlet30.main.SampleServlet3</servlet-class>
</servlet>
+ <servlet>
+ <description></description>
+ <display-name>LoginServlet</display-name>
+ <servlet-name>LoginServlet</servlet-name>
+ <servlet-class>org.apache.geronimo.testsuite.servlet30.main.LoginServlet </servlet-class>
+ </servlet>
+
+
<servlet-mapping>
<servlet-name>SampleServlet1</servlet-name>
<url-pattern>/SampleServlet1</url-pattern>
@@ -50,6 +61,12 @@
<url-pattern>/SampleServlet3</url-pattern>
<url-pattern>/SampleServlet3/*</url-pattern>
</servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>LoginServlet</servlet-name>
+ <url-pattern>/LoginServlet</url-pattern>
+ <url-pattern>/LoginServlet/*</url-pattern>
+ </servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
Added: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/index.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/index.jsp?rev=987382&view=auto
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/index.jsp (added)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/index.jsp Fri Aug 20 06:06:05 2010
@@ -0,0 +1,40 @@
+<%--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+--%>
+
+<%@page contentType="text/html" pageEncoding="UTF-8"%>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ <title>Programatic Security Sample</title>
+ </head>
+ <body>
+ <h1>This example tests Programatic Security:</h1>
+ <h2>Test Login, Logout Method:</h2>
+ <form name="login" method="GET" action="LoginServlet">
+
+ <br/><br/>
+ Username:<input type="text" name="UserName" value="" /><br>
+ Password:<input type="password" name="Password" value="" /><br>
+ <br/>
+ <input type="submit" value="Login" />
+ </form>
+ <br/>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/index.jsp
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/index.jsp
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/index.jsp
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java?rev=987382&r1=987381&r2=987382&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java (original)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java Fri Aug 20 06:06:05 2010
@@ -36,9 +36,9 @@ import org.apache.commons.httpclient.met
import org.testng.Assert;
import org.testng.annotations.Test;
+import org.apache.geronimo.testsupport.SeleniumTestSupport;
-
-public class ServletsTest {
+public class ServletsTest extends SeleniumTestSupport {
/**In web.xml, it reads as follows:
* <security-constraint>
@@ -183,6 +183,36 @@ public class ServletsTest {
public void test_TestDynamic_GET_RoleB_Fail() throws Exception{
Assert.assertEquals(invoke("/TestDynamic", "GET", "george", "bone"), HttpURLConnection.HTTP_FORBIDDEN);
}
+
+ /**
+ * Test14 RoleA\B\C should succeed
+ */
+ @Test
+ public void test_Authenticate_Sucess() throws Exception{
+ Assert.assertEquals(invoke("/AuthenticateServlet", "GET", "george", "bone"), HttpURLConnection.HTTP_OK);
+ }
+
+ /**
+ * Test15 RoleA\B\C should succeed
+ */
+ @Test
+ public void test_Login_Logout_Sucess() throws Exception{
+ selenium.open("/servlet30/");
+ selenium.type("UserName", "george");
+ selenium.type("Password", "bone");
+ selenium.click("//input[@value='Login']");
+ selenium.waitForPageToLoad("30000");
+ Assert.assertEquals("false", selenium.getText("//*[@id=\"bli1\"]"));
+ Assert.assertEquals("true", selenium.getText("//*[@id=\"ali1\"]"));
+ Assert.assertEquals("false", selenium.getText("//*[@id=\"alo1\"]"));
+ Assert.assertEquals("null", selenium.getText("//*[@id=\"bli2\"]"));
+ Assert.assertEquals("RoleB", selenium.getText("//*[@id=\"ali2\"]"));
+ Assert.assertEquals("null", selenium.getText("//*[@id=\"alo2\"]"));
+ Assert.assertEquals("null", selenium.getText("//*[@id=\"bli3\"]"));
+ Assert.assertEquals("RoleB", selenium.getText("//*[@id=\"ali3\"]"));
+ Assert.assertEquals("null", selenium.getText("//*[@id=\"alo3\"]"));
+ }
+
private int invoke(String address, String methodName, String userName, String password) throws Exception {
HttpClient client = new HttpClient();
@@ -198,4 +228,4 @@ public class ServletsTest {
return client.executeMethod(httpMethod);
}
-}
\ No newline at end of file
+}