1 17 package org.apache.servicemix.http.security; 18 19 import java.io.ByteArrayOutputStream ; 20 import java.io.File ; 21 import java.net.URL ; 22 23 import javax.servlet.http.HttpServletResponse ; 24 25 import org.apache.commons.httpclient.HttpClient; 26 import org.apache.commons.httpclient.UsernamePasswordCredentials; 27 import org.apache.commons.httpclient.auth.AuthScope; 28 import org.apache.commons.httpclient.methods.PostMethod; 29 import org.apache.commons.httpclient.methods.StringRequestEntity; 30 import org.apache.servicemix.jbi.util.FileUtil; 31 import org.apache.servicemix.tck.SpringTestSupport; 32 import org.apache.xbean.spring.context.ClassPathXmlApplicationContext; 33 import org.springframework.context.support.AbstractXmlApplicationContext; 34 35 public class HttpSecurityTest extends SpringTestSupport { 36 37 static { 38 String path = System.getProperty("java.security.auth.login.config"); 39 if (path == null) { 40 URL resource = HttpSecurityTest.class.getResource("login.properties"); 41 if (resource != null) { 42 path = new File (resource.getFile()).getAbsolutePath(); 43 System.setProperty("java.security.auth.login.config", path); 44 } 45 } 46 System.err.println("Path to login config: " + path); 47 } 48 49 protected void setUp() throws Exception { 50 Thread.sleep(500); 51 super.setUp(); 52 Thread.sleep(500); 53 } 54 55 public void testOk() throws Exception { 56 testAuthenticate("user1", "user1"); 57 } 58 59 public void testUnauthorized() throws Exception { 60 try { 61 testAuthenticate("user2", "user2"); 62 fail("User2 is not authorized"); 63 } catch (Exception e) { 64 e.printStackTrace(); 65 } 67 } 68 69 public void testBadCred() throws Exception { 70 try { 71 testAuthenticate("user2", "userx"); 72 fail("User2 has bad credentials"); 73 } catch (Exception e) { 74 e.printStackTrace(); 75 } 77 } 78 79 protected void testAuthenticate(final String username, final String password) throws Exception { 80 HttpClient client = new HttpClient(); 81 client.getState().setCredentials( 82 new AuthScope(AuthScope.ANY), 83 new UsernamePasswordCredentials(username, password) 84 ); 85 86 PostMethod method = new PostMethod("http://localhost:8192/Service/"); 87 try { 88 method.setDoAuthentication(true); 89 method.setRequestEntity(new StringRequestEntity("<hello>world</hello>")); 90 int state = client.executeMethod(method); 91 if (state != HttpServletResponse.SC_OK && state != HttpServletResponse.SC_ACCEPTED) { 92 throw new IllegalStateException ("Http status: " + state); 93 } 94 FileUtil.copyInputStream(method.getResponseBodyAsStream(), System.err); 95 } finally { 96 method.releaseConnection(); 97 } 98 } 99 100 public void testWSSec() throws Exception { 101 ByteArrayOutputStream out = new ByteArrayOutputStream (); 102 FileUtil.copyInputStream(getClass().getResourceAsStream("request.xml"), out); 103 String request = out.toString(); 104 HttpClient client = new HttpClient(); 105 PostMethod method = new PostMethod("http://localhost:8192/WSSec/"); 106 try { 107 method.setDoAuthentication(true); 108 method.setRequestEntity(new StringRequestEntity(request)); 109 int state = client.executeMethod(method); 110 if (state != HttpServletResponse.SC_OK && state != HttpServletResponse.SC_ACCEPTED) { 111 throw new IllegalStateException ("Http status: " + state); 112 } 113 FileUtil.copyInputStream(method.getResponseBodyAsStream(), System.err); 114 } finally { 115 method.releaseConnection(); 116 } 117 } 118 119 protected AbstractXmlApplicationContext createBeanFactory() { 120 return new ClassPathXmlApplicationContext("org/apache/servicemix/http/security/secure.xml"); 121 } 122 123 } 124 | Popular Tags |