You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by co...@apache.org on 2016/12/16 17:26:10 UTC

[1/2] cxf-fediz git commit: Minor tweak to test

Repository: cxf-fediz
Updated Branches:
  refs/heads/1.2.x-fixes 767b5eacf -> 3164f0405


Minor tweak to test


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/94a6178e
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/94a6178e
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/94a6178e

Branch: refs/heads/1.2.x-fixes
Commit: 94a6178efe786bb87db5eb5082ef5cdd108aa19f
Parents: 767b5ea
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Dec 16 16:27:43 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Dec 16 17:25:58 2016 +0000

----------------------------------------------------------------------
 .../cxf/fediz/integrationtests/AbstractTests.java  | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/94a6178e/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
----------------------------------------------------------------------
diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
index 1051db5..f1b92c3 100644
--- a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
+++ b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
@@ -675,11 +675,11 @@ public abstract class AbstractTests {
                               || ex.getMessage().contains("403 Forbidden"));
         }
     }
-    
+
     @org.junit.Test
     @org.junit.Ignore
     public void testCSRFAttack() throws Exception {
-        String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet";
+        String url = "https://localhost:" + getRpHttpsPort() + "/" + getServletContextName() + "/secure/fedservlet";
         String user = "alice";
         String password = "ecila";
         
@@ -734,7 +734,10 @@ public abstract class AbstractTests {
         
         webClient.getOptions().setJavaScriptEnabled(false);
         try {
-            webClient.getPage(request);
+            HtmlPage rpPage2 = webClient.getPage(request);
+            String bodyTextContent = rpPage2.getBody().getTextContent();
+            Assert.assertTrue("Principal not " + user,
+                              bodyTextContent.contains("userPrincipal=" + user));
             Assert.fail("Failure expected on a CSRF attack");
         } catch (FailingHttpStatusCodeException ex) {
             // expected
@@ -754,13 +757,13 @@ public abstract class AbstractTests {
         
         webClient.getOptions().setJavaScriptEnabled(false);
         try {
-            webClient.getPage(request);
+            HtmlPage rpPage2 = webClient.getPage(request);
+            String bodyTextContent = rpPage2.getBody().getTextContent();
+            Assert.assertTrue("Principal not " + user,
+                              bodyTextContent.contains("userPrincipal=" + user));
             Assert.fail("Failure expected on a CSRF attack");
         } catch (FailingHttpStatusCodeException ex) {
             // expected
-            Assert.assertTrue(ex.getMessage().contains("401 Unauthorized")
-                              || ex.getMessage().contains("401 Authentication Failed")
-                              || ex.getMessage().contains("403 Forbidden"));
         }
         
         // webClient.close();

[2/2] cxf-fediz git commit: Another change to the test

Posted by co...@apache.org.

Another change to the test


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/3164f040
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/3164f040
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/3164f040

Branch: refs/heads/1.2.x-fixes
Commit: 3164f0405f644cac5bf1fbcc64da58392e696df1
Parents: 94a6178
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Dec 16 16:56:55 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Dec 16 17:26:06 2016 +0000

----------------------------------------------------------------------
 .../fediz/integrationtests/AbstractTests.java   | 27 +++-----------------
 1 file changed, 3 insertions(+), 24 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3164f040/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
----------------------------------------------------------------------
diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
index f1b92c3..3481c34 100644
--- a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
+++ b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java
@@ -732,30 +732,6 @@ public abstract class AbstractTests {
             }
         }
         
-        webClient.getOptions().setJavaScriptEnabled(false);
-        try {
-            HtmlPage rpPage2 = webClient.getPage(request);
-            String bodyTextContent = rpPage2.getBody().getTextContent();
-            Assert.assertTrue("Principal not " + user,
-                              bodyTextContent.contains("userPrincipal=" + user));
-            Assert.fail("Failure expected on a CSRF attack");
-        } catch (FailingHttpStatusCodeException ex) {
-            // expected
-        }
-        
-        // Send without context...
-        request = new WebRequest(new URL(url), HttpMethod.POST);
-        request.setRequestParameters(new ArrayList<NameValuePair>());
-        
-        for (DomElement result : results) {
-            if ("wresult".equals(result.getAttributeNS(null, "name"))
-                || "wa".equals(result.getAttributeNS(null, "name"))) {
-                String value = result.getAttributeNS(null, "value");
-                request.getRequestParameters().add(new NameValuePair(result.getAttributeNS(null, "name"), value));
-            }
-        }
-        
-        webClient.getOptions().setJavaScriptEnabled(false);
         try {
             HtmlPage rpPage2 = webClient.getPage(request);
             String bodyTextContent = rpPage2.getBody().getTextContent();
@@ -764,6 +740,9 @@ public abstract class AbstractTests {
             Assert.fail("Failure expected on a CSRF attack");
         } catch (FailingHttpStatusCodeException ex) {
             // expected
+            Assert.assertTrue(ex.getMessage().contains("401 Unauthorized")
+                              || ex.getMessage().contains("401 Authentication Failed")
+                              || ex.getMessage().contains("403 Forbidden"));
         }
         
         // webClient.close();