KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > servicemix > http > security > HttpSecurityTest


1 /*
2  * Licensed to the Apache Software Foundation (ASF) under one or more
3  * contributor license agreements. See the NOTICE file distributed with
4  * this work for additional information regarding copyright ownership.
5  * The ASF licenses this file to You under the Apache License, Version 2.0
6  * (the "License"); you may not use this file except in compliance with
7  * the License. You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */

17 package org.apache.servicemix.http.security;
18
19 import java.io.ByteArrayOutputStream JavaDoc;
20 import java.io.File JavaDoc;
21 import java.net.URL JavaDoc;
22
23 import javax.servlet.http.HttpServletResponse JavaDoc;
24
25 import org.apache.commons.httpclient.HttpClient;
26 import org.apache.commons.httpclient.UsernamePasswordCredentials;
27 import org.apache.commons.httpclient.auth.AuthScope;
28 import org.apache.commons.httpclient.methods.PostMethod;
29 import org.apache.commons.httpclient.methods.StringRequestEntity;
30 import org.apache.servicemix.jbi.util.FileUtil;
31 import org.apache.servicemix.tck.SpringTestSupport;
32 import org.apache.xbean.spring.context.ClassPathXmlApplicationContext;
33 import org.springframework.context.support.AbstractXmlApplicationContext;
34
35 public class HttpSecurityTest extends SpringTestSupport {
36     
37     static {
38         String JavaDoc path = System.getProperty("java.security.auth.login.config");
39         if (path == null) {
40             URL JavaDoc resource = HttpSecurityTest.class.getResource("login.properties");
41             if (resource != null) {
42                 path = new File JavaDoc(resource.getFile()).getAbsolutePath();
43                 System.setProperty("java.security.auth.login.config", path);
44             }
45         }
46         System.err.println("Path to login config: " + path);
47     }
48     
49     protected void setUp() throws Exception JavaDoc {
50         Thread.sleep(500);
51         super.setUp();
52         Thread.sleep(500);
53     }
54     
55     public void testOk() throws Exception JavaDoc {
56         testAuthenticate("user1", "user1");
57     }
58     
59     public void testUnauthorized() throws Exception JavaDoc {
60         try {
61             testAuthenticate("user2", "user2");
62             fail("User2 is not authorized");
63         } catch (Exception JavaDoc e) {
64             e.printStackTrace();
65             // ok
66
}
67     }
68     
69     public void testBadCred() throws Exception JavaDoc {
70         try {
71             testAuthenticate("user2", "userx");
72             fail("User2 has bad credentials");
73         } catch (Exception JavaDoc e) {
74             e.printStackTrace();
75             // ok
76
}
77     }
78     
79     protected void testAuthenticate(final String JavaDoc username, final String JavaDoc password) throws Exception JavaDoc {
80         HttpClient client = new HttpClient();
81         client.getState().setCredentials(
82                         new AuthScope(AuthScope.ANY),
83                         new UsernamePasswordCredentials(username, password)
84                     );
85         
86         PostMethod method = new PostMethod("http://localhost:8192/Service/");
87         try {
88             method.setDoAuthentication(true);
89             method.setRequestEntity(new StringRequestEntity("<hello>world</hello>"));
90             int state = client.executeMethod(method);
91             if (state != HttpServletResponse.SC_OK && state != HttpServletResponse.SC_ACCEPTED) {
92                 throw new IllegalStateException JavaDoc("Http status: " + state);
93             }
94             FileUtil.copyInputStream(method.getResponseBodyAsStream(), System.err);
95         } finally {
96             method.releaseConnection();
97         }
98     }
99     
100     public void testWSSec() throws Exception JavaDoc {
101         ByteArrayOutputStream JavaDoc out = new ByteArrayOutputStream JavaDoc();
102         FileUtil.copyInputStream(getClass().getResourceAsStream("request.xml"), out);
103         String JavaDoc request = out.toString();
104         HttpClient client = new HttpClient();
105         PostMethod method = new PostMethod("http://localhost:8192/WSSec/");
106         try {
107             method.setDoAuthentication(true);
108             method.setRequestEntity(new StringRequestEntity(request));
109             int state = client.executeMethod(method);
110             if (state != HttpServletResponse.SC_OK && state != HttpServletResponse.SC_ACCEPTED) {
111                 throw new IllegalStateException JavaDoc("Http status: " + state);
112             }
113             FileUtil.copyInputStream(method.getResponseBodyAsStream(), System.err);
114         } finally {
115             method.releaseConnection();
116         }
117     }
118
119     protected AbstractXmlApplicationContext createBeanFactory() {
120         return new ClassPathXmlApplicationContext("org/apache/servicemix/http/security/secure.xml");
121     }
122
123 }
124
Popular Tags