[jboss-cvs] JBossAS SVN: r62873 - in branches/Branch_4_2/testsuite: src/main/org/jboss/test/web/test and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue May 8 10:55:31 EDT 2007
Author: hmesha
Date: 2007-05-08 10:55:31 -0400 (Tue, 08 May 2007)
New Revision: 62873
Modified:
branches/Branch_4_2/testsuite/imports/sections/web.xml
branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/ClusteredSingleSignOnUnitTestCase.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/SSOBaseCase.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/SingleSignOnUnitTestCase.java
branches/Branch_4_2/testsuite/src/resources/web/sso/application.xml
branches/Branch_4_2/testsuite/src/resources/web/sso/clustered/application.xml
Log:
JBAS-2315 - Create an automated test for JBAS-2314
Modified: branches/Branch_4_2/testsuite/imports/sections/web.xml
===================================================================
--- branches/Branch_4_2/testsuite/imports/sections/web.xml 2007-05-08 14:17:53 UTC (rev 62872)
+++ branches/Branch_4_2/testsuite/imports/sections/web.xml 2007-05-08 14:55:31 UTC (rev 62873)
@@ -330,6 +330,24 @@
<include name="**/*.jsp"/>
</fileset>
</war>
+ <war destfile="${build.lib}/sso-with-no-auth.war"
+ webxml="${build.resources}/web/sso/war/web-form-auth.xml">
+<!-- Exclude jboss-web.xml so the war will not have an authenticator
+ <webinf dir="${build.resources}/web/sso/war">
+ <include name="jboss-web.xml"/>
+ </webinf>
+-->
+ <classes dir="${build.classes}">
+ <include name="org/jboss/test/web/servlets/EJBServlet.class"/>
+ <include name="org/jboss/test/web/servlets/LogoutServlet.class"/>
+ <include name="org/jboss/test/web/util/Util*"/>
+ </classes>
+ <fileset dir="${build.resources}/web/sso/war">
+ <include name="**/*.html"/>
+ <include name="**/*.jsp"/>
+ </fileset>
+ </war>
+
<zip destfile="${build.lib}/web-sso.ear">
<zipfileset dir="${build.resources}/web/sso" prefix="META-INF">
<include name="application.xml"/>
@@ -343,6 +361,8 @@
<zipfileset dir="${build.lib}" includes="sso-form-auth.war"
fullpath="sso-form-auth2.war"/>
<zipfileset dir="${build.lib}" includes="sso-expire.war"/>
+ <zipfileset dir="${build.lib}" includes="sso-with-no-auth.war"
+ fullpath="sso-with-no-auth.war"/>
<zipfileset dir="${build.lib}" includes="jbosstest-web-ejbs.jar"/>
</zip>
<zip destfile="${build.lib}/web-sso-clustered.ear">
@@ -362,6 +382,8 @@
fullpath="sso-form-auth4.war"/>
<zipfileset dir="${build.lib}" includes="sso-form-auth.war"
fullpath="sso-form-auth5.war"/>
+ <zipfileset dir="${build.lib}" includes="sso-with-no-auth.war"
+ fullpath="sso-with-no-auth.war"/>
<zipfileset dir="${build.lib}" includes="jbosstest-web-ejbs.jar"/>
</zip>
Modified: branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/ClusteredSingleSignOnUnitTestCase.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/ClusteredSingleSignOnUnitTestCase.java 2007-05-08 14:17:53 UTC (rev 62872)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/ClusteredSingleSignOnUnitTestCase.java 2007-05-08 14:55:31 UTC (rev 62873)
@@ -65,6 +65,7 @@
suite.addTest(new ClusteredSingleSignOnUnitTestCase("testFormAuthSingleSignOn"));
suite.addTest(new ClusteredSingleSignOnUnitTestCase("testUndeployNonClusteredWebapp"));
suite.addTest(new ClusteredSingleSignOnUnitTestCase("testUndeployClusteredWebapp"));
+ suite.addTest(new ClusteredSingleSignOnUnitTestCase("testNoAuthSingleSignOn"));
return JBossClusteredTestCase.getDeploySetup(suite, "web-sso-clustered.ear");
}
@@ -197,6 +198,23 @@
SSOBaseCase.executeFormAuthSingleSignOnTest(serverA, serverB, getLog());
}
+ /** Test single sign-on across two web apps using form based auth
+ *
+ * @throws Exception
+ */
+ public void testNoAuthSingleSignOn() throws Exception
+ {
+ log.info("+++ testNoAuthSingleSignOn");
+ String[] httpURLs = super.getHttpURLs();
+
+ String serverA = httpURLs[0];
+ String serverB = httpURLs[1];
+ log.info(System.getProperties());
+ log.info("serverA: "+serverA);
+ log.info("serverB: "+serverB);
+ SSOBaseCase.executeNoAuthSingleSignOnTest(serverA, serverB, getLog());
+ }
+
/**
* Tests that use of transactions in ClusteredSSO does not interfere
* with session expiration thread. See JBAS-2212.
Modified: branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/SSOBaseCase.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/SSOBaseCase.java 2007-05-08 14:17:53 UTC (rev 62872)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/SSOBaseCase.java 2007-05-08 14:55:31 UTC (rev 62873)
@@ -1,24 +1,24 @@
/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-*/
+ * JBoss, a division of Red Hat
+ * Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
package org.jboss.test.web.test;
import java.io.IOException;
@@ -41,34 +41,31 @@
* @version $Revision$
*/
public abstract class SSOBaseCase extends TestCase
-{
+{
/** Test single sign-on across two web apps using form based auth
*
* @throws Exception
- */
- protected static void executeFormAuthSingleSignOnTest(String serverA,
- String serverB,
- Category log)
- throws Exception
+ */
+ protected static void executeFormAuthSingleSignOnTest(String serverA, String serverB, Category log) throws Exception
{
String warA1 = serverA + "/war1/";
String warB2 = serverB + "/war2/";
-
+
// Start by accessing the secured index.html of war1
HttpClient httpConn = new HttpClient();
-
+
checkAccessDenied(httpConn, warA1 + "index.html");
HttpState state = httpConn.getState();
-
+
String sessionID = getSessionIdFromState(state);
- log.debug("Saw JSESSIONID="+sessionID);
+ log.debug("Saw JSESSIONID=" + sessionID);
// Submit the login form
executeFormLogin(httpConn, warA1);
String ssoID = processSSOCookie(state, serverA, serverB);
- log.debug("Saw JSESSIONIDSSO="+ssoID);
+ log.debug("Saw JSESSIONIDSSO=" + ssoID);
// Pause a moment before switching wars to better simulate real life
// use cases. Otherwise, the test case can "outrun" the async
@@ -83,70 +80,112 @@
checkAccessAllowed(httpConn, warB2 + "index.html");
/* Access a secured servlet that calls a secured ejb in war2 to test
- propagation of the SSO identity to the ejb container. */
+ propagation of the SSO identity to the ejb container. */
checkAccessAllowed(httpConn, warB2 + "EJBServlet");
// Now try logging out of war2
executeLogout(httpConn, warB2);
-
+
// Again, pause before switching wars
if (!serverA.equals(serverB))
Thread.sleep(500);
-
+
// Try accessing war1 again
checkAccessDenied(httpConn, warA1 + "index.html");
-
+
// Try accessing war2 again
- checkAccessDenied(httpConn, warB2 + "index.html");
+ checkAccessDenied(httpConn, warB2 + "index.html");
+
+ }
+
+ protected static void executeNoAuthSingleSignOnTest(String serverA, String serverB, Category log)
+ throws Exception
+ {
+ String warA1 = serverA + "/war1/";
+ String warB2 = serverB + "/war2/";
+ String warB6 = serverB + "/war6/";
+ // Start by accessing the secured index.html of war1
+ HttpClient httpConn = new HttpClient();
+
+ checkAccessDenied(httpConn, warA1 + "index.html");
+
+ HttpState state = httpConn.getState();
+
+ String sessionID = getSessionIdFromState(state);
+ log.debug("Saw JSESSIONID=" + sessionID);
+
+ // Submit the login form
+ executeFormLogin(httpConn, warA1);
+
+ String ssoID = processSSOCookie(state, serverA, serverB);
+ log.debug("Saw JSESSIONIDSSO=" + ssoID);
+
+ // Pause a moment before switching wars to better simulate real life
+ // use cases. Otherwise, the test case can "outrun" the async
+ // replication in the TreeCache used by the clustered SSO
+ // 500 ms is a long time, but this isn't a test of replication speed
+ // and we don't want spurious failures.
+ if (!serverA.equals(serverB))
+ Thread.sleep(500);
+
+ // Now try getting the war2 index using the JSESSIONIDSSO cookie
+ log.debug("Prepare /war2/index.html get");
+ checkAccessAllowed(httpConn, warB2 + "index.html");
+
+ /* Access a secured servlet that calls a secured ejb in war2 to test
+ propagation of the SSO identity to the ejb container. */
+ checkAccessAllowed(httpConn, warB2 + "EJBServlet");
+
+ /* do the same test on war6 to test SSO auth replication with no
+ auth configured war */
+ checkAccessAllowed(httpConn, warB6 + "index.html");
+
+ checkAccessAllowed(httpConn, warB2 + "EJBServlet");
+
}
public static void executeLogout(HttpClient httpConn, String warURL) throws IOException, HttpException
{
GetMethod logout = new GetMethod(warURL + "Logout");
logout.setFollowRedirects(false);
- int responseCode = httpConn.executeMethod(logout.getHostConfiguration(),
- logout, httpConn.getState());
- assertTrue("Logout: Saw HTTP_MOVED_TEMP("+responseCode+")",
- responseCode == HttpURLConnection.HTTP_MOVED_TEMP);
+ int responseCode = httpConn.executeMethod(logout.getHostConfiguration(), logout, httpConn.getState());
+ assertTrue("Logout: Saw HTTP_MOVED_TEMP(" + responseCode + ")", responseCode == HttpURLConnection.HTTP_MOVED_TEMP);
Header location = logout.getResponseHeader("Location");
String indexURI = location.getValue();
- if( indexURI.indexOf("index.html") < 0 )
+ if (indexURI.indexOf("index.html") < 0)
fail("get of " + warURL + "Logout not redirected to login page");
}
public static void checkAccessAllowed(HttpClient httpConn, String url) throws IOException, HttpException
{
GetMethod war2Index = new GetMethod(url);
- int responseCode = httpConn.executeMethod(war2Index.getHostConfiguration(),
- war2Index, httpConn.getState());
+ int responseCode = httpConn.executeMethod(war2Index.getHostConfiguration(), war2Index, httpConn.getState());
+ System.out.println("responseCode = " + responseCode);
assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
String body = war2Index.getResponseBodyAsString();
- if( body.indexOf("j_security_check") > 0 )
+ if (body.indexOf("j_security_check") > 0)
fail("get of " + url + " redirected to login page");
}
public static void executeFormLogin(HttpClient httpConn, String warURL) throws IOException, HttpException
- {
+ {
PostMethod formPost = new PostMethod(warURL + "j_security_check");
formPost.addRequestHeader("Referer", warURL + "login.html");
formPost.addParameter("j_username", "jduke");
formPost.addParameter("j_password", "theduke");
- int responseCode = httpConn.executeMethod(formPost.getHostConfiguration(),
- formPost, httpConn.getState());
- assertTrue("Saw HTTP_MOVED_TEMP("+responseCode+")",
- responseCode == HttpURLConnection.HTTP_MOVED_TEMP);
+ int responseCode = httpConn.executeMethod(formPost.getHostConfiguration(), formPost, httpConn.getState());
+ assertTrue("Saw HTTP_MOVED_TEMP(" + responseCode + ")", responseCode == HttpURLConnection.HTTP_MOVED_TEMP);
// Follow the redirect to the index.html page
Header location = formPost.getResponseHeader("Location");
String indexURI = location.getValue();
GetMethod warIndex = new GetMethod(indexURI);
- responseCode = httpConn.executeMethod(warIndex.getHostConfiguration(),
- warIndex, httpConn.getState());
+ responseCode = httpConn.executeMethod(warIndex.getHostConfiguration(), warIndex, httpConn.getState());
assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
String body = warIndex.getResponseBodyAsString();
- if( body.indexOf("j_security_check") > 0 )
- fail("get of "+indexURI+" redirected to login page");
+ if (body.indexOf("j_security_check") > 0)
+ fail("get of " + indexURI + " redirected to login page");
}
public static void checkAccessDenied(HttpClient httpConn, String url) throws IOException, HttpException
@@ -155,19 +194,19 @@
int responseCode = httpConn.executeMethod(indexGet);
String body = indexGet.getResponseBodyAsString();
assertTrue("Get OK", responseCode == HttpURLConnection.HTTP_OK);
- assertTrue("Redirected to login page", body.indexOf("j_security_check") > 0 );
+ assertTrue("Redirected to login page", body.indexOf("j_security_check") > 0);
}
public static String processSSOCookie(HttpState state, String serverA, String serverB)
{
Cookie[] cookies = state.getCookies();
String ssoID = null;
- for(int c = 0; c < cookies.length; c ++)
+ for (int c = 0; c < cookies.length; c++)
{
- if( "JSESSIONIDSSO".equalsIgnoreCase(cookies[c].getName()) )
+ if ("JSESSIONIDSSO".equalsIgnoreCase(cookies[c].getName()))
{
ssoID = cookies[c].getValue();
- if (serverA.equals(serverB) == false)
+ if (serverA.equals(serverB) == false)
{
// Make an sso cookie to send to serverB
Cookie copy = copyCookie(cookies[c], serverB);
@@ -175,12 +214,12 @@
}
}
}
-
+
assertNotNull("Saw JSESSIONIDSSO", ssoID);
-
+
return ssoID;
}
-
+
public static Cookie copyCookie(Cookie toCopy, String targetServer)
{
// Parse the target server down to a domain name
@@ -192,33 +231,28 @@
index = targetServer.indexOf(":");
if (index > -1)
{
- targetServer = targetServer.substring(0, index);
+ targetServer = targetServer.substring(0, index);
}
index = targetServer.indexOf("/");
if (index > -1)
{
targetServer = targetServer.substring(0, index);
}
-
- Cookie copy = new Cookie(targetServer,
- toCopy.getName(),
- toCopy.getValue(),
- "/",
- null,
- false);
+
+ Cookie copy = new Cookie(targetServer, toCopy.getName(), toCopy.getValue(), "/", null, false);
return copy;
}
-
+
public static String getSessionIdFromState(HttpState state)
{
Cookie[] cookies = state.getCookies();
String sessionID = null;
- for(int c = 0; c < cookies.length; c ++)
+ for (int c = 0; c < cookies.length; c++)
{
- if( "JSESSIONID".equalsIgnoreCase(cookies[c].getName()) )
+ if ("JSESSIONID".equalsIgnoreCase(cookies[c].getName()))
sessionID = cookies[c].getName();
}
return sessionID;
-
+
}
}
Modified: branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/SingleSignOnUnitTestCase.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/SingleSignOnUnitTestCase.java 2007-05-08 14:17:53 UTC (rev 62872)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/SingleSignOnUnitTestCase.java 2007-05-08 14:55:31 UTC (rev 62873)
@@ -50,8 +50,19 @@
SSOBaseCase.executeFormAuthSingleSignOnTest(baseURLNoAuth, baseURLNoAuth, getLog());
- }
+ }
+
+ /** Test single sign-on across two web apps using form based auth
+ *
+ * @throws Exception
+ */
+ public void testNoAuthSingleSignOn() throws Exception
+ {
+ log.info("+++ testNoAuthSingleSignOn");
+ SSOBaseCase.executeNoAuthSingleSignOnTest(baseURLNoAuth, baseURLNoAuth, getLog());
+ }
+
/** One time setup for all SingleSignOnUnitTestCase unit tests
*/
public static Test suite() throws Exception
Modified: branches/Branch_4_2/testsuite/src/resources/web/sso/application.xml
===================================================================
--- branches/Branch_4_2/testsuite/src/resources/web/sso/application.xml 2007-05-08 14:17:53 UTC (rev 62872)
+++ branches/Branch_4_2/testsuite/src/resources/web/sso/application.xml 2007-05-08 14:55:31 UTC (rev 62873)
@@ -25,6 +25,12 @@
</web>
</module>
<module>
+ <web>
+ <web-uri>sso-with-no-auth.war</web-uri>
+ <context-root>/war6</context-root>
+ </web>
+ </module>
+ <module>
<ejb>jbosstest-web-ejbs.jar</ejb>
</module>
</application>
Modified: branches/Branch_4_2/testsuite/src/resources/web/sso/clustered/application.xml
===================================================================
--- branches/Branch_4_2/testsuite/src/resources/web/sso/clustered/application.xml 2007-05-08 14:17:53 UTC (rev 62872)
+++ branches/Branch_4_2/testsuite/src/resources/web/sso/clustered/application.xml 2007-05-08 14:55:31 UTC (rev 62873)
@@ -35,6 +35,12 @@
<web-uri>sso-form-auth5.war</web-uri>
<context-root>/war5</context-root>
</web>
+ </module>
+ <module>
+ <web>
+ <web-uri>sso-with-no-auth.war</web-uri>
+ <context-root>/war6</context-root>
+ </web>
</module>
<module>
<ejb>jbosstest-web-ejbs.jar</ejb>
More information about the jboss-cvs-commits
mailing list