KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > web > test > UserInRoleUnitTestCase


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.test.web.test;
23
24 import java.net.HttpURLConnection JavaDoc;
25 import java.net.URL JavaDoc;
26
27 import junit.framework.Test;
28 import org.jboss.test.JBossTestCase;
29 import org.jboss.test.util.web.HttpUtils;
30 import org.apache.commons.httpclient.Header;
31 import org.apache.commons.httpclient.HttpMethodBase;
32
33 //$Id: UserInRoleUnitTestCase.java 44082 2006-04-21 20:13:51Z asaldhana $
34
35 /** Tests of the servlet request isUserInRole call.
36  *
37  * @author Scott.Stark@jboss.org
38  * @version $Revision: 44082 $
39  */
40 public class UserInRoleUnitTestCase extends JBossTestCase
41 {
42    private String JavaDoc baseURL = HttpUtils.getBaseURL();
43    
44    private static Boolean JavaDoc jacc = Boolean.valueOf(System.getProperty("jboss.security.jacc", "false"));;
45
46    public static Test suite() throws Exception JavaDoc
47    {
48       return getDeploySetup(UserInRoleUnitTestCase.class, "userinrole.ear");
49    }
50
51    public UserInRoleUnitTestCase(String JavaDoc name)
52    {
53       super(name);
54    }
55
56    /** Test that the custom 404 error page is seen
57     *
58     * @throws Exception
59     */
60    public void testRoleWithLink() throws Exception JavaDoc
61    {
62       log.info("+++ testRoleWithLink");
63       URL JavaDoc url = new URL JavaDoc(baseURL+"userinrole/testRoleWithLink");
64       HttpUtils.accessURL(url, "UserInRoleRealm", HttpURLConnection.HTTP_OK);
65    }
66    public void testRoleWithoutLink() throws Exception JavaDoc
67    {
68       log.info("+++ testUnreferencedRole");
69       URL JavaDoc url = new URL JavaDoc(baseURL+"userinrole/testUnreferencedRole");
70       HttpUtils.accessURL(url, "UserInRoleRealm", HttpURLConnection.HTTP_OK);
71    }
72
73    /**
74     * Test that two wars from different security domains with common principal
75     * names do not conflict in terms of isUserInRole results.
76     * http://jira.jboss.com/jira/browse/JBAS-3043
77     *
78     * This is the non-jacc version where the programmatic security of isUserInRole
79     * will work off of the roles populated in the subject, irrespective of whether
80     * the roles are fully defined in the web.xml
81     * @throws Exception
82     */
83    public void testConflictingUserInRole() throws Exception JavaDoc
84    {
85       if(jacc == Boolean.TRUE)
86          return;
87       log.info("+++ testConflictingUserInRole");
88       String JavaDoc base = HttpUtils.getBaseURL("sa", "sa");
89
90       // Hit the first web app and validate isUserInRole calls
91 URL JavaDoc url1 = new URL JavaDoc(base+"userinrole1");
92       HttpMethodBase request = HttpUtils.accessURL(url1, "JBAS-3043-1", HttpURLConnection.HTTP_OK);
93       Header X = request.getResponseHeader("X-isUserInRole-X");
94       log.info("X "+X);
95       assertEquals("X-isUserInRole-X("+X+") is true", "true", X.getValue());
96       Header Y = request.getResponseHeader("X-isUserInRole-Y");
97       log.info("Y "+Y);
98       assertEquals("X-isUserInRole-Y("+Y+") is false" , "false", Y.getValue());
99       Header Z = request.getResponseHeader("X-isUserInRole-Z");
100       log.info("Z "+Z);
101       assertEquals("X-isUserInRole-Z("+Z+") is true", "true", Z.getValue());
102
103       // Hit the second web app and validate isUserInRole calls
104 URL JavaDoc url2 = new URL JavaDoc(base+"userinrole2");
105       request = HttpUtils.accessURL(url2, "JBAS-3043-2", HttpURLConnection.HTTP_OK);
106       X = request.getResponseHeader("X-isUserInRole-X");
107       log.info("X "+X);
108       assertEquals("X-isUserInRole-X("+X+") is false", "false", X.getValue());
109       Y = request.getResponseHeader("X-isUserInRole-Y");
110       log.info("Y "+Y);
111       assertEquals("X-isUserInRole-Y("+Y+") is true", "true", Y.getValue());
112       Z = request.getResponseHeader("X-isUserInRole-Z");
113       log.info("Z "+Z);
114       assertEquals("X-isUserInRole-Z("+Z+") is true", "true", Z.getValue());
115
116       request = HttpUtils.accessURL(url1, "JBAS-3043-1", HttpURLConnection.HTTP_OK);
117       X = request.getResponseHeader("X-isUserInRole-X");
118       log.info("X "+X);
119       assertEquals("X-isUserInRole-X("+X+") is true", "true", X.getValue());
120       Y = request.getResponseHeader("X-isUserInRole-Y");
121       log.info("Y "+Y);
122       assertEquals("X-isUserInRole-Y("+Y+") is false", "false", Y.getValue());
123       Z = request.getResponseHeader("X-isUserInRole-Z");
124       log.info("Z "+Z);
125       assertEquals("X-isUserInRole-Z("+Z+") is true", "true", Z.getValue());
126    }
127    
128    /**
129     * Test that two wars from different security domains with common principal
130     * names do not conflict in terms of isUserInRole results.
131     * http://jira.jboss.com/jira/browse/JBAS-3043
132     *
133     * This is the jacc version where the programmatic security of isUserInRole
134     * will work only of the roles are fully defined in the web.xml
135     * @throws Exception
136     */
137    public void testConflictingUserInRoleJaccVersion() throws Exception JavaDoc
138    {
139       if(jacc == Boolean.FALSE)
140          return;
141       log.info("+++ testConflictingUserInRole");
142       String JavaDoc base = HttpUtils.getBaseURL("sa", "sa");
143
144       // Hit the first web app and validate isUserInRole calls
145 URL JavaDoc url1 = new URL JavaDoc(base+"userinrole1");
146       HttpMethodBase request = HttpUtils.accessURL(url1, "JBAS-3043-1", HttpURLConnection.HTTP_OK);
147       Header X = request.getResponseHeader("X-isUserInRole-X");
148       log.info("X "+X);
149       assertEquals("X-isUserInRole-X("+X+") is false", "false", X.getValue());
150       Header Y = request.getResponseHeader("X-isUserInRole-Y");
151       log.info("Y "+Y);
152       assertEquals("X-isUserInRole-Y("+Y+") is false" , "false", Y.getValue());
153       Header Z = request.getResponseHeader("X-isUserInRole-Z");
154       log.info("Z "+Z);
155       assertEquals("X-isUserInRole-Z("+Z+") is true", "true", Z.getValue());
156
157       // Hit the second web app and validate isUserInRole calls
158 URL JavaDoc url2 = new URL JavaDoc(base+"userinrole2");
159       request = HttpUtils.accessURL(url2, "JBAS-3043-2", HttpURLConnection.HTTP_OK);
160       X = request.getResponseHeader("X-isUserInRole-X");
161       log.info("X "+X);
162       assertEquals("X-isUserInRole-X("+X+") is false", "false", X.getValue());
163       Y = request.getResponseHeader("X-isUserInRole-Y");
164       log.info("Y "+Y);
165       assertEquals("X-isUserInRole-Y("+Y+") is false", "false", Y.getValue());
166       Z = request.getResponseHeader("X-isUserInRole-Z");
167       log.info("Z "+Z);
168       assertEquals("X-isUserInRole-Z("+Z+") is true", "true", Z.getValue());
169
170       request = HttpUtils.accessURL(url1, "JBAS-3043-1", HttpURLConnection.HTTP_OK);
171       X = request.getResponseHeader("X-isUserInRole-X");
172       log.info("X "+X);
173       assertEquals("X-isUserInRole-X("+X+") is false", "false", X.getValue());
174       Y = request.getResponseHeader("X-isUserInRole-Y");
175       log.info("Y "+Y);
176       assertEquals("X-isUserInRole-Y("+Y+") is false", "false", Y.getValue());
177       Z = request.getResponseHeader("X-isUserInRole-Z");
178       log.info("Z "+Z);
179       assertEquals("X-isUserInRole-Z("+Z+") is true", "true", Z.getValue());
180    }
181 }
182
Popular Tags