1 28 package net.sf.jguard.jee.authentication.http; 29 30 import java.security.Principal ; 31 32 import javax.security.auth.Subject ; 33 import javax.servlet.ServletContext ; 34 35 import junit.framework.TestCase; 36 import net.sf.jguard.core.CoreConstants; 37 import net.sf.jguard.core.authentication.credentials.JGuardCredential; 38 import net.sf.jguard.core.principals.RolePrincipal; 39 40 41 public class JGuardServletRequestWrapperTest extends TestCase { 42 43 public void testIsUserInRole() { 44 HttpServletRequestSimulator request = new HttpServletRequestSimulator(); 45 HttpSessionSimulator session = new HttpSessionSimulator(); 46 request.setSession(session); 47 ServletContextSimulator context = new ServletContextSimulator(); 48 String applicationName="Myapp"; 49 context.setAttribute(CoreConstants.APPLICATION_NAME, applicationName); 50 session.setServletContext(context); 51 Subject subj = new Subject (); 53 Principal p1 = new RolePrincipal("testUser",applicationName); 54 Principal p2 = new RolePrincipal("testAnotherUser",applicationName); 55 subj.getPrincipals().add(p1); 56 subj.getPrincipals().add(p2); 57 HttpAuthenticationUtilsMock httputils = new HttpAuthenticationUtilsMock(); 58 httputils.setSubject(subj); 59 request.getSession().setAttribute(HttpConstants.AUTHN_UTILS, httputils); 61 62 JGuardServletRequestWrapper wrapper = new JGuardServletRequestWrapper(request); 63 64 assertTrue(wrapper.isUserInRole("testUser")); 66 assertTrue(wrapper.isUserInRole("testAnotherUser")); 67 assertFalse(wrapper.isUserInRole("testOneMoreUser")); 68 } 69 70 public void testGetRemoteUser() { 71 HttpServletRequestSimulator request = new HttpServletRequestSimulator(); 72 73 Subject subj = new Subject (); 75 JGuardCredential login = new JGuardCredential(); 76 login.setId("login"); 77 login.setValue("testUser"); 78 HttpAuthenticationUtilsMock httputils= new HttpAuthenticationUtilsMock(); 79 httputils.setSubject(subj); 80 request.getSession(true).setAttribute(HttpConstants.AUTHN_UTILS, httputils); 81 JGuardServletRequestWrapper wrapper = new JGuardServletRequestWrapper(request); 82 83 subj.getPublicCredentials().add(login); 85 assertEquals(wrapper.getRemoteUser(), "testUser"); 86 87 subj.getPublicCredentials().clear(); 89 assertEquals(subj.getPublicCredentials().size(), 0); 90 subj.getPrivateCredentials().add(login); 91 assertEquals(wrapper.getRemoteUser(), "testUser"); 92 93 Subject invalidSubj = new Subject (); 95 JGuardCredential invalidCredential = new JGuardCredential(); 96 invalidCredential.setId("bla"); 97 invalidCredential.setValue("bla"); 98 invalidSubj.getPublicCredentials().add(invalidCredential); 99 subj.getPrivateCredentials().add(invalidCredential); 100 ((HttpAuthenticationUtilsMock)request.getSession().getAttribute(HttpConstants.AUTHN_UTILS)).setSubject(invalidSubj); 101 assertNull(wrapper.getRemoteUser()); 102 } 103 } 104 | Popular Tags |