|
|
@@ -17,19 +17,32 @@ package net.sf.acegisecurity.ui;
|
|
|
|
|
|
import junit.framework.TestCase;
|
|
|
|
|
|
-import net.sf.acegisecurity.*;
|
|
|
+import net.sf.acegisecurity.AccountExpiredException;
|
|
|
+import net.sf.acegisecurity.AuthenticationException;
|
|
|
+import net.sf.acegisecurity.BadCredentialsException;
|
|
|
+import net.sf.acegisecurity.Authentication;
|
|
|
+import net.sf.acegisecurity.GrantedAuthority;
|
|
|
+import net.sf.acegisecurity.GrantedAuthorityImpl;
|
|
|
+import net.sf.acegisecurity.MockAuthenticationManager;
|
|
|
import net.sf.acegisecurity.context.ContextHolder;
|
|
|
import net.sf.acegisecurity.context.security.SecureContextImpl;
|
|
|
import net.sf.acegisecurity.context.security.SecureContextUtils;
|
|
|
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
|
|
|
import net.sf.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
|
|
|
|
|
|
-import java.io.IOException;
|
|
|
-
|
|
|
-import java.util.Properties;
|
|
|
+import org.springframework.mock.web.MockHttpServletResponse;
|
|
|
+import org.springframework.mock.web.MockHttpServletRequest;
|
|
|
+import org.springframework.mock.web.MockFilterConfig;
|
|
|
|
|
|
-import javax.servlet.*;
|
|
|
+import javax.servlet.Filter;
|
|
|
+import javax.servlet.FilterChain;
|
|
|
+import javax.servlet.FilterConfig;
|
|
|
+import javax.servlet.ServletException;
|
|
|
+import javax.servlet.ServletRequest;
|
|
|
+import javax.servlet.ServletResponse;
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
+import java.io.IOException;
|
|
|
+import java.util.Properties;
|
|
|
|
|
|
|
|
|
/**
|
|
|
@@ -86,12 +99,10 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
public void testFailedAuthenticationRedirectsAppropriately()
|
|
|
throws Exception {
|
|
|
// Setup our HTTP request
|
|
|
- MockHttpServletRequest request = new MockHttpServletRequest("");
|
|
|
- request.setServletPath("/j_mock_post");
|
|
|
- request.setRequestURL("http://www.example.com/mycontext/j_mock_post");
|
|
|
+ MockHttpServletRequest request = createMockRequest();
|
|
|
|
|
|
// Setup our filter configuration
|
|
|
- MockFilterConfig config = new MockFilterConfig();
|
|
|
+ MockFilterConfig config = new MockFilterConfig(null);
|
|
|
|
|
|
// Setup our expectation that the filter chain will not be invoked, as we redirect to authenticationFailureUrl
|
|
|
MockFilterChain chain = new MockFilterChain(false);
|
|
|
@@ -105,7 +116,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
executeFilterInContainerSimulator(config, filter, request, response,
|
|
|
chain);
|
|
|
|
|
|
- assertEquals("/myApp/failed.jsp", response.getRedirect());
|
|
|
+ assertEquals("/myApp/failed.jsp", response.getRedirectedUrl());
|
|
|
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
|
|
|
|
|
|
//Prepare again, this time using the exception mapping
|
|
|
@@ -117,25 +128,25 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
exceptionMappings.setProperty(AccountExpiredException.class.getName(),
|
|
|
"/myApp/accountExpired.jsp");
|
|
|
filter.setExceptionMappings(exceptionMappings);
|
|
|
+ response = new MockHttpServletResponse();
|
|
|
|
|
|
// Test
|
|
|
executeFilterInContainerSimulator(config, filter, request, response,
|
|
|
chain);
|
|
|
|
|
|
- assertEquals("/myApp/accountExpired.jsp", response.getRedirect());
|
|
|
+ assertEquals("/myApp/accountExpired.jsp", response.getRedirectedUrl());
|
|
|
assertNull(SecureContextUtils.getSecureContext().getAuthentication());
|
|
|
}
|
|
|
|
|
|
public void testFilterProcessesUrlVariationsRespected()
|
|
|
throws Exception {
|
|
|
// Setup our HTTP request
|
|
|
- MockHttpServletRequest request = new MockHttpServletRequest("");
|
|
|
+ MockHttpServletRequest request = createMockRequest();
|
|
|
request.setServletPath("/j_OTHER_LOCATION");
|
|
|
- request.setRequestURL(
|
|
|
- "http://www.example.com/mycontext/j_OTHER_LOCATION");
|
|
|
+ request.setRequestURI("/mycontext/j_OTHER_LOCATION");
|
|
|
|
|
|
// Setup our filter configuration
|
|
|
- MockFilterConfig config = new MockFilterConfig();
|
|
|
+ MockFilterConfig config = new MockFilterConfig(null);
|
|
|
|
|
|
// Setup our expectation that the filter chain will not be invoked, as we redirect to defaultTargetUrl
|
|
|
MockFilterChain chain = new MockFilterChain(false);
|
|
|
@@ -149,7 +160,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
// Test
|
|
|
executeFilterInContainerSimulator(config, filter, request, response,
|
|
|
chain);
|
|
|
- assertEquals("/logged_in.jsp", response.getRedirect());
|
|
|
+ assertEquals("/logged_in.jsp", response.getRedirectedUrl());
|
|
|
assertNotNull(SecureContextUtils.getSecureContext().getAuthentication());
|
|
|
assertEquals("test",
|
|
|
SecureContextUtils.getSecureContext().getAuthentication()
|
|
|
@@ -182,12 +193,12 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
public void testIgnoresAnyServletPathOtherThanFilterProcessesUrl()
|
|
|
throws Exception {
|
|
|
// Setup our HTTP request
|
|
|
- MockHttpServletRequest request = new MockHttpServletRequest("");
|
|
|
+ MockHttpServletRequest request = createMockRequest();
|
|
|
request.setServletPath("/some.file.html");
|
|
|
- request.setRequestURL("http://www.example.com/mycontext/some.file.html");
|
|
|
+ request.setRequestURI("/mycontext/some.file.html");
|
|
|
|
|
|
// Setup our filter configuration
|
|
|
- MockFilterConfig config = new MockFilterConfig();
|
|
|
+ MockFilterConfig config = new MockFilterConfig(null);
|
|
|
|
|
|
// Setup our expectation that the filter chain will be invoked, as our request is for a page the filter isn't monitoring
|
|
|
MockFilterChain chain = new MockFilterChain(true);
|
|
|
@@ -204,12 +215,10 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
public void testNormalOperationWithDefaultFilterProcessesUrl()
|
|
|
throws Exception {
|
|
|
// Setup our HTTP request
|
|
|
- MockHttpServletRequest request = new MockHttpServletRequest("");
|
|
|
- request.setServletPath("/j_mock_post");
|
|
|
- request.setRequestURL("http://www.example.com/mycontext/j_mock_post");
|
|
|
+ MockHttpServletRequest request = createMockRequest();
|
|
|
|
|
|
// Setup our filter configuration
|
|
|
- MockFilterConfig config = new MockFilterConfig();
|
|
|
+ MockFilterConfig config = new MockFilterConfig(null);
|
|
|
|
|
|
// Setup our expectation that the filter chain will not be invoked, as we redirect to defaultTargetUrl
|
|
|
MockFilterChain chain = new MockFilterChain(false);
|
|
|
@@ -226,7 +235,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
// Test
|
|
|
executeFilterInContainerSimulator(config, filter, request, response,
|
|
|
chain);
|
|
|
- assertEquals("/logged_in.jsp", response.getRedirect());
|
|
|
+ assertEquals("/logged_in.jsp", response.getRedirectedUrl());
|
|
|
assertNotNull(SecureContextUtils.getSecureContext().getAuthentication());
|
|
|
assertEquals("test",
|
|
|
SecureContextUtils.getSecureContext().getAuthentication()
|
|
|
@@ -301,12 +310,10 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
public void testSuccessLoginThenFailureLoginResultsInSessionLoosingToken()
|
|
|
throws Exception {
|
|
|
// Setup our HTTP request
|
|
|
- MockHttpServletRequest request = new MockHttpServletRequest("");
|
|
|
- request.setServletPath("/j_mock_post");
|
|
|
- request.setRequestURL("http://www.example.com/mycontext/j_mock_post");
|
|
|
+ MockHttpServletRequest request = createMockRequest();
|
|
|
|
|
|
// Setup our filter configuration
|
|
|
- MockFilterConfig config = new MockFilterConfig();
|
|
|
+ MockFilterConfig config = new MockFilterConfig(null);
|
|
|
|
|
|
// Setup our expectation that the filter chain will not be invoked, as we redirect to defaultTargetUrl
|
|
|
MockFilterChain chain = new MockFilterChain(false);
|
|
|
@@ -320,7 +327,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
// Test
|
|
|
executeFilterInContainerSimulator(config, filter, request, response,
|
|
|
chain);
|
|
|
- assertEquals("/logged_in.jsp", response.getRedirect());
|
|
|
+ assertEquals("/logged_in.jsp", response.getRedirectedUrl());
|
|
|
assertNotNull(SecureContextUtils.getSecureContext().getAuthentication());
|
|
|
assertEquals("test",
|
|
|
SecureContextUtils.getSecureContext().getAuthentication()
|
|
|
@@ -346,14 +353,12 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
public void testSuccessfulAuthenticationButWithAlwaysUseDefaultTargetUrlCausesRedirectToDefaultTargetUrl()
|
|
|
throws Exception {
|
|
|
// Setup our HTTP request
|
|
|
- MockHttpServletRequest request = new MockHttpServletRequest("");
|
|
|
- request.setServletPath("/j_mock_post");
|
|
|
- request.setRequestURL("http://www.example.com/mycontext/j_mock_post");
|
|
|
+ MockHttpServletRequest request = createMockRequest();
|
|
|
request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
|
|
|
"/my-destination");
|
|
|
|
|
|
// Setup our filter configuration
|
|
|
- MockFilterConfig config = new MockFilterConfig();
|
|
|
+ MockFilterConfig config = new MockFilterConfig(null);
|
|
|
|
|
|
// Setup our expectation that the filter chain will be invoked, as we want to go to the location requested in the session
|
|
|
MockFilterChain chain = new MockFilterChain(true);
|
|
|
@@ -370,21 +375,19 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
// Test
|
|
|
executeFilterInContainerSimulator(config, filter, request, response,
|
|
|
chain);
|
|
|
- assertEquals("/foobar", response.getRedirect());
|
|
|
+ assertEquals("/foobar", response.getRedirectedUrl());
|
|
|
assertNotNull(SecureContextUtils.getSecureContext().getAuthentication());
|
|
|
}
|
|
|
|
|
|
public void testSuccessfulAuthenticationCausesRedirectToSessionSpecifiedUrl()
|
|
|
throws Exception {
|
|
|
// Setup our HTTP request
|
|
|
- MockHttpServletRequest request = new MockHttpServletRequest("");
|
|
|
- request.setServletPath("/j_mock_post");
|
|
|
- request.setRequestURL("http://www.example.com/mycontext/j_mock_post");
|
|
|
+ MockHttpServletRequest request = createMockRequest();
|
|
|
request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY,
|
|
|
"/my-destination");
|
|
|
|
|
|
// Setup our filter configuration
|
|
|
- MockFilterConfig config = new MockFilterConfig();
|
|
|
+ MockFilterConfig config = new MockFilterConfig(null);
|
|
|
|
|
|
// Setup our expectation that the filter chain will be invoked, as we want to go to the location requested in the session
|
|
|
MockFilterChain chain = new MockFilterChain(true);
|
|
|
@@ -397,7 +400,7 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
// Test
|
|
|
executeFilterInContainerSimulator(config, filter, request, response,
|
|
|
chain);
|
|
|
- assertEquals("/my-destination", response.getRedirect());
|
|
|
+ assertEquals("/my-destination", response.getRedirectedUrl());
|
|
|
assertNotNull(SecureContextUtils.getSecureContext().getAuthentication());
|
|
|
}
|
|
|
|
|
|
@@ -419,6 +422,17 @@ public class AbstractProcessingFilterTests extends TestCase {
|
|
|
filter.destroy();
|
|
|
}
|
|
|
|
|
|
+ private MockHttpServletRequest createMockRequest() {
|
|
|
+ MockHttpServletRequest request = new MockHttpServletRequest();
|
|
|
+
|
|
|
+ request.setServletPath("/j_mock_post");
|
|
|
+ request.setScheme("http");
|
|
|
+ request.setServerName("www.example.com");
|
|
|
+ request.setRequestURI("/mycontext/j_mock_post");
|
|
|
+
|
|
|
+ return request;
|
|
|
+ }
|
|
|
+
|
|
|
//~ Inner Classes ==========================================================
|
|
|
|
|
|
private class MockAbstractProcessingFilter extends AbstractProcessingFilter {
|
Luke Taylor