KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > web > test > ClusteredSingleSignOnUnitTestCase


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */

22 package org.jboss.test.web.test;
23
24 import java.net.HttpURLConnection JavaDoc;
25
26 import junit.framework.Test;
27
28 import org.apache.commons.httpclient.Cookie;
29 import org.apache.commons.httpclient.Header;
30 import org.apache.commons.httpclient.HttpClient;
31 import org.apache.commons.httpclient.HttpState;
32 import org.apache.commons.httpclient.methods.GetMethod;
33 import org.apache.commons.httpclient.methods.PostMethod;
34
35 import org.jboss.jmx.adaptor.rmi.RMIAdaptor;
36 import org.jboss.test.JBossClusteredTestCase;
37
38
39 /** Tests of web app single sign-on in a clustered environment
40  *
41  * TODO general refactoring; a lot of duplicated code here
42  *
43  * @author Brian Stansberry
44  * @version $Revision: 55443 $
45  */

46 public class ClusteredSingleSignOnUnitTestCase
47       extends JBossClusteredTestCase
48 {
49    // NOTE: these variables must be static as apparently a separate instance
50
// of this class is created for each test
51
private static boolean deployed0 = true;
52    private static boolean deployed1 = true;
53    
54    private RMIAdaptor[] adaptors = null;
55    
56    public ClusteredSingleSignOnUnitTestCase(String JavaDoc name)
57    {
58       super(name);
59    }
60
61    /** One time setup for all ClusteredSingleSignOnUnitTestCase unit tests
62     */

63    public static Test suite() throws Exception JavaDoc
64    {
65       Test t1 = JBossClusteredTestCase.getDeploySetup(ClusteredSingleSignOnUnitTestCase.class,
66             "web-sso-clustered.ear");
67       return t1;
68    }
69    
70    protected void setUp() throws Exception JavaDoc
71    {
72       super.setUp();
73       
74       adaptors = getAdaptors();
75       if (!deployed0)
76       {
77          deploy(adaptors[0], "web-sso-clustered.ear");
78          deployed0 = true;
79       }
80       if (!deployed1)
81       {
82          deploy(adaptors[1], "web-sso-clustered.ear");
83          deployed1 = true;
84       }
85    }
86    
87    /**
88     * Tests that undeploying a webapp on one server doesn't kill an sso
89     * that also has a session from another webapp associated with it.
90     * See JBAS-2429.
91     *
92     * TODO create an independently deployable war so we can test this in
93     * a non-clustered environment as well; this isn't a clustering issue
94     *
95     * @throws Exception
96     */

97    public void testWebappUndeploy() throws Exception JavaDoc
98    {
99       log.info("+++ testWebappUndeploy");
100       
101       String JavaDoc[] httpURLs = super.getHttpURLs();
102
103       String JavaDoc serverA = httpURLs[0];
104       String JavaDoc serverB = httpURLs[1];
105       
106       // Start by accessing the secured index.html of war1
107
HttpClient httpConn = new HttpClient();
108       GetMethod indexGet = new GetMethod(serverA+"/war1/index.html");
109       int responseCode = httpConn.executeMethod(indexGet);
110       String JavaDoc body = indexGet.getResponseBodyAsString();
111       assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
112       assertTrue("Redirected to login page", body.indexOf("j_security_check") > 0 );
113
114       HttpState state = httpConn.getState();
115       Cookie[] cookies = state.getCookies();
116       String JavaDoc sessionID = null;
117       for(int c = 0; c < cookies.length; c ++)
118       {
119          Cookie k = cookies[c];
120          if( k.getName().equalsIgnoreCase("JSESSIONID") )
121             sessionID = k.getValue();
122       }
123       log.debug("Saw JSESSIONID="+sessionID);
124
125       // Submit the login form
126
PostMethod formPost = new PostMethod(serverA+"/war1/j_security_check");
127       formPost.addRequestHeader("Referer", serverA+"/war1/login.html");
128       formPost.addParameter("j_username", "jduke");
129       formPost.addParameter("j_password", "theduke");
130       responseCode = httpConn.executeMethod(formPost.getHostConfiguration(),
131          formPost, state);
132       String JavaDoc response = formPost.getStatusText();
133       log.debug("responseCode="+responseCode+", response="+response);
134       assertTrue("Saw HTTP_MOVED_TEMP("+responseCode+")",
135          responseCode == HttpURLConnection.HTTP_MOVED_TEMP);
136
137       // Follow the redirect to the index.html page
138
Header location = formPost.getResponseHeader("Location");
139       String JavaDoc indexURI = location.getValue();
140       GetMethod war1Index = new GetMethod(indexURI);
141       responseCode = httpConn.executeMethod(war1Index.getHostConfiguration(),
142          war1Index, state);
143       assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
144       body = war1Index.getResponseBodyAsString();
145       if( body.indexOf("j_security_check") > 0 )
146          fail("get of "+indexURI+" redirected to login page");
147
148       cookies = state.getCookies();
149       String JavaDoc ssoID = null;
150       for(int c = 0; c < cookies.length; c ++)
151       {
152          Cookie k = cookies[c];
153          if( k.getName().equalsIgnoreCase("JSESSIONIDSSO") )
154          {
155             ssoID = k.getValue();
156             // Make an sso cookie to send to serverB
157
Cookie copy = SSOBaseCase.copyCookie(k, serverB);
158             state.addCookie(copy);
159             log.debug("Added state cookie: "+copy);
160          }
161       }
162       assertTrue("Saw JSESSIONIDSSO", ssoID != null);
163       log.debug("Saw JSESSIONIDSSO="+ssoID);
164
165       // Pause a moment before switching wars to better simulate real life
166
// use cases. Otherwise, the test case can "outrun" the async
167
// replication in the TreeCache used by the clustered SSO
168
// 500 ms is a long time, but this isn't a test of replication speed
169
// and we don't want spurious failures.
170
if (!serverA.equals(serverB))
171          Thread.sleep(500);
172
173       // Now try getting the war2 index using the JSESSIONIDSSO cookie
174
log.debug("Prepare /war2/index.html get");
175       GetMethod war2Index = new GetMethod(serverB+"/war2/index.html");
176       responseCode = httpConn.executeMethod(war2Index.getHostConfiguration(),
177          war2Index, state);
178       response = war2Index.getStatusText();
179       log.debug("responseCode="+responseCode+", response="+response);
180       assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
181       body = war2Index.getResponseBodyAsString();
182       log.debug("body: "+body);
183       if( body.indexOf("j_security_check") > 0 )
184          fail("get of /war2/index.html redirected to login page");
185
186       // Sleep some more to allow the updated sso to propagate back to serverA
187
if (!serverA.equals(serverB))
188          Thread.sleep(500);
189       
190       // We now have a clustered sso context, plus a war1 session on
191
// serverA and a war2 session on serverB. No war1 session on serverB,
192
// so the only way to access war1 on B without a login is through sso.
193

194       //Undeploy the ear from serverA and confirm that it doesn't kill the sso
195
undeploy(adaptors[0], "web-sso-clustered.ear");
196       deployed0 = false;
197
198       // Sleep some more to allow the updated sso to propagate back to serverB
199
if (!serverA.equals(serverB))
200          Thread.sleep(500);
201       
202       // Now try getting the war1 index using the JSESSIONIDSSO cookie
203
log.debug("Prepare /war1/index.html get");
204       war1Index = new GetMethod(serverB+"/war1/index.html");
205       responseCode = httpConn.executeMethod(war1Index.getHostConfiguration(),
206          war1Index, state);
207       response = war1Index.getStatusText();
208       log.debug("responseCode="+responseCode+", response="+response);
209       assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
210       body = war1Index.getResponseBodyAsString();
211       log.debug("body: "+body);
212       if( body.indexOf("j_security_check") > 0 )
213          fail("get of /war1/index.html redirected to login page");
214    }
215
216
217    /** Test single sign-on across two web apps using form based auth
218     *
219     * @throws Exception
220     */

221    public void testFormAuthSingleSignOn() throws Exception JavaDoc
222    {
223       log.info("+++ testFormAuthSingleSignOn");
224       String JavaDoc[] httpURLs = super.getHttpURLs();
225
226       String JavaDoc serverA = httpURLs[0];
227       String JavaDoc serverB = httpURLs[1];
228       log.info(System.getProperties());
229       log.info("serverA: "+serverA);
230       log.info("serverB: "+serverB);
231       SSOBaseCase.executeFormAuthSingleSignOnTest(serverA, serverB, getLog());
232    }
233    
234    /**
235     * Tests that use of transactions in ClusteredSSO does not interfere
236     * with session expiration thread. See JBAS-2212.
237     *
238     * @throws Exception
239     */

240    public void testSessionExpiration()
241          throws Exception JavaDoc
242    {
243       log.info("+++ testSessionExpiration");
244       String JavaDoc[] httpURLs = super.getHttpURLs();
245
246       String JavaDoc serverA = httpURLs[0];
247       log.info(System.getProperties());
248       log.info("serverA: "+serverA);
249       
250       // Start by accessing the secured index.html of war1
251
HttpClient httpConn = new HttpClient();
252       GetMethod indexGet = new GetMethod(serverA+"/war3/index.jsp");
253       int responseCode = httpConn.executeMethod(indexGet);
254       String JavaDoc body = indexGet.getResponseBodyAsString();
255       assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
256       assertTrue("Redirected to login page", body.indexOf("j_security_check") > 0 );
257
258       HttpState state = httpConn.getState();
259       Cookie[] cookies = state.getCookies();
260       String JavaDoc sessionID = null;
261       for(int c = 0; c < cookies.length; c ++)
262       {
263          Cookie k = cookies[c];
264          if( k.getName().equalsIgnoreCase("JSESSIONID") )
265             sessionID = k.getValue();
266       }
267       log.debug("Saw JSESSIONID="+sessionID);
268
269       // Submit the login form
270
PostMethod formPost = new PostMethod(serverA+"/war3/j_security_check");
271       formPost.addRequestHeader("Referer", serverA+"/war3/login.html");
272       formPost.addParameter("j_username", "jduke");
273       formPost.addParameter("j_password", "theduke");
274       responseCode = httpConn.executeMethod(formPost.getHostConfiguration(),
275          formPost, state);
276       String JavaDoc response = formPost.getStatusText();
277       log.debug("responseCode="+responseCode+", response="+response);
278       assertTrue("Saw HTTP_MOVED_TEMP("+responseCode+")",
279          responseCode == HttpURLConnection.HTTP_MOVED_TEMP);
280
281       // Follow the redirect to the index.html page
282
Header location = formPost.getResponseHeader("Location");
283       String JavaDoc indexURI = location.getValue();
284       GetMethod war1Index = new GetMethod(indexURI);
285       responseCode = httpConn.executeMethod(war1Index.getHostConfiguration(),
286          war1Index, state);
287       assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
288       body = war1Index.getResponseBodyAsString();
289       if( body.indexOf("j_security_check") > 0 )
290          fail("get of "+indexURI+" redirected to login page");
291
292       // Wait more than 65 secs to let session time out
293
// 5 secs for the session timeout, 2 * 30 secs for the processor thread
294
// TODO for some reason it takes 1 min for processExpires to run ???
295
// (not an sso issue -- a tomcat issue)
296
try {
297          Thread.sleep(65500);
298       }
299       catch (InterruptedException JavaDoc ie)
300       {
301          log.debug("Interrupted while waiting for session expiration");
302       }
303       
304       // Try accessing war1 again
305
war1Index = new GetMethod(serverA+"/war3/index.jsp");
306       responseCode = httpConn.executeMethod(war1Index.getHostConfiguration(),
307          war1Index, state);
308       assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
309       body = war1Index.getResponseBodyAsString();
310       log.debug("body: " + body);
311       if( body.indexOf("j_security_check") < 0 )
312          fail("get of /war1/index.html not redirected to login page");
313       
314    }
315 }
316
Popular Tags