You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by ra...@apache.org on 2019/01/09 17:26:01 UTC
[tomee] 13/48: TOMEE-2365 - Basic Auth test.
This is an automated email from the ASF dual-hosted git repository.
radcortez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit a6b99d9775d6788c7bc4c49efe1b20311fb077d5
Author: Roberto Cortez <ra...@yahoo.com>
AuthorDate: Mon Dec 24 18:18:04 2018 +0000
TOMEE-2365 - Basic Auth test.
---
.../tomee/security/client/BasicAuthFilter.java | 35 ++++++++++++++++++++++
.../tomee/security/servlet/SimpleServletTest.java | 19 +++++++++---
2 files changed, 50 insertions(+), 4 deletions(-)
diff --git a/tomee/tomee-security/src/test/java/org/apache/tomee/security/client/BasicAuthFilter.java b/tomee/tomee-security/src/test/java/org/apache/tomee/security/client/BasicAuthFilter.java
new file mode 100644
index 0000000..16d6322
--- /dev/null
+++ b/tomee/tomee-security/src/test/java/org/apache/tomee/security/client/BasicAuthFilter.java
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomee.security.client;
+
+import javax.ws.rs.client.ClientRequestContext;
+import javax.ws.rs.client.ClientRequestFilter;
+import java.io.IOException;
+import java.util.Base64;
+
+import static javax.ws.rs.core.HttpHeaders.AUTHORIZATION;
+
+public class BasicAuthFilter implements ClientRequestFilter {
+ @Override
+ public void filter(final ClientRequestContext requestContext) throws IOException {
+ requestContext.getHeaders().add(AUTHORIZATION, basicAuth("tomcat", "tomcat"));
+ }
+
+ private String basicAuth(final String username, final String password) {
+ return "Basic " + new String(Base64.getEncoder().encode((username + ":" + password).getBytes()));
+ }
+}
diff --git a/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/SimpleServletTest.java b/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/SimpleServletTest.java
index e645971..2a70385 100644
--- a/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/SimpleServletTest.java
+++ b/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/SimpleServletTest.java
@@ -16,20 +16,25 @@
*/
package org.apache.tomee.security.servlet;
-import org.apache.openejb.loader.IO;
import org.apache.openejb.loader.JarLocation;
import org.apache.openejb.util.NetworkUtil;
import org.apache.tomee.embedded.Configuration;
import org.apache.tomee.embedded.Container;
+import org.apache.tomee.security.client.BasicAuthFilter;
import org.junit.Test;
+import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
import javax.servlet.ServletException;
+import javax.servlet.annotation.HttpConstraint;
+import javax.servlet.annotation.ServletSecurity;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.ClientBuilder;
+import javax.ws.rs.core.Response;
import java.io.IOException;
-import java.net.URL;
import static org.junit.Assert.assertEquals;
@@ -45,12 +50,18 @@ public class SimpleServletTest {
JarLocation.jarLocation(SimpleServletTest.class),
JarLocation.jarLocation(TomEESecurityServletContainerInitializer.class))) {
- assertEquals("ok!", IO.slurp(
- new URL("http://localhost:" + container.getConfiguration().getHttpPort() + "/servlet")));
+ final Client client = ClientBuilder.newBuilder().register(new BasicAuthFilter()).build();
+ final Response response =
+ client.target("http://localhost:" + container.getConfiguration().getHttpPort() + "/servlet")
+ .request()
+ .get();
+ assertEquals(200, response.getStatus());
}
}
@WebServlet(urlPatterns = "/servlet")
+ @ServletSecurity(@HttpConstraint(rolesAllowed = "role"))
+ @BasicAuthenticationMechanismDefinition
public static class TestServlet extends HttpServlet {
@Override
protected void doGet(final HttpServletRequest req, final HttpServletResponse resp)