[jboss-cvs] JBossAS SVN: r67516 - in branches/Branch_4_2: testsuite/src/main/org/jboss/test/web/servlets and 7 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 27 17:15:09 EST 2007
Author: sguilhen at redhat.com
Date: 2007-11-27 17:15:09 -0500 (Tue, 27 Nov 2007)
New Revision: 67516
Added:
branches/Branch_4_2/testsuite/src/resources/web/programmatic/error.html
branches/Branch_4_2/testsuite/src/resources/web/programmatic/login.html
branches/Branch_4_2/testsuite/src/resources/web/programmatic/restricted/
branches/Branch_4_2/testsuite/src/resources/web/programmatic/restricted/restricted.html
Modified:
branches/Branch_4_2/testsuite/imports/sections/web.xml
branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/servlets/ProgrammaticLoginTestServlet.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/WebProgrammaticLoginTestCase.java
branches/Branch_4_2/testsuite/src/resources/web/programmatic/WEB-INF/jbosstest-web.xml
branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/security/ExtendedSingleSignOn.java
branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/security/login/WebAuthentication.java
branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/service/sso/ClusteredSingleSignOn.java
Log:
JBAS-4424: added code to unregister the ssoid in the logout() method of WebAuthentication. Changes were also made to the tests to validate the behavior of the logout() method.
Modified: branches/Branch_4_2/testsuite/imports/sections/web.xml
===================================================================
--- branches/Branch_4_2/testsuite/imports/sections/web.xml 2007-11-27 22:13:39 UTC (rev 67515)
+++ branches/Branch_4_2/testsuite/imports/sections/web.xml 2007-11-27 22:15:09 UTC (rev 67516)
@@ -569,6 +569,10 @@
<classes dir="${build.classes}">
<include name="org/jboss/test/web/servlets/Programm*Servlet.class"/>
</classes>
+ <fileset dir="${build.resources}/web/programmatic">
+ <include name="restricted/*.html"/>
+ <include name="*.html"/>
+ </fileset>
</war>
<zip destfile="${build.lib}/programmaticweblogin.ear">
<zipfileset dir="${build.resources}/web/programmatic" prefix="META-INF">
Modified: branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/servlets/ProgrammaticLoginTestServlet.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/servlets/ProgrammaticLoginTestServlet.java 2007-11-27 22:13:39 UTC (rev 67515)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/servlets/ProgrammaticLoginTestServlet.java 2007-11-27 22:15:09 UTC (rev 67516)
@@ -47,25 +47,38 @@
protected void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
+ String operation = request.getParameter("operation");
String username = request.getParameter("username");
String pass = request.getParameter("pass");
-
+
+ if("login".equals(operation))
+ this.login(request, username, pass);
+ else if("logout".equals(operation))
+ this.logout(request);
+ else
+ throw new ServletException("Unrecognized operation: " + operation);
+ }
+
+ private void login(HttpServletRequest request, String username, String pass)
+ throws ServletException
+ {
if(username == null || pass == null)
- throw new RuntimeException("username or password is null");
- WebAuthentication pwl = new WebAuthentication();
- pwl.login(username, pass);
-
- //Only when there is web login, does the principal be visible
- log("User Principal="+request.getUserPrincipal());
- log("isUserInRole(Authorized User)="+request.isUserInRole("AuthorizedUser"));
+ throw new RuntimeException("username or password is null");
+ WebAuthentication pwl = new WebAuthentication();
+ pwl.login(username, pass);
+
+ //Only when there is web login, does the principal become visible
+ log("User Principal=" + request.getUserPrincipal());
+ log("isUserInRole(Authorized User)=" + request.isUserInRole("AuthorizedUser"));
if(request.getUserPrincipal() == null || !request.isUserInRole("AuthorizedUser"))
throw new ServletException("User is not authenticated or the isUserInRole check failed");
-
-
+ }
+
+ private void logout(HttpServletRequest request) throws ServletException
+ {
//Log the user out
- pwl.logout();
-
+ new WebAuthentication().logout();
if(request.getUserPrincipal() != null || request.isUserInRole("AuthorizedUser"))
- throw new ServletException("User is still authenticated or pass: isUserInRole(Authorized User)");
- }
+ throw new ServletException("User is still authenticated or pass: isUserInRole(Authorized User)");
+ }
}
Modified: branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/WebProgrammaticLoginTestCase.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/WebProgrammaticLoginTestCase.java 2007-11-27 22:13:39 UTC (rev 67515)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/web/test/WebProgrammaticLoginTestCase.java 2007-11-27 22:15:09 UTC (rev 67516)
@@ -61,15 +61,18 @@
*/
public void testUnsuccessfulLogin() throws Exception
{
- String path1 = "war1/TestServlet";
+ String path = "war1/TestServlet";
// try to perform programmatic auth without supplying login information.
HttpMethod indexGet = null;
try
{
- indexGet = new GetMethod(baseURLNoAuth+path1);
+ indexGet = new GetMethod(baseURLNoAuth + path + "?operation=login");
int responseCode = httpConn.executeMethod(indexGet);
assertTrue("Get Error("+responseCode+")",
responseCode == HttpURLConnection.HTTP_INTERNAL_ERROR);
+ // assert access to the restricted area of the first application is denied.
+ SSOBaseCase.checkAccessDenied(this.httpConn, this.baseURLNoAuth +
+ "war1/restricted/restricted.html");
// assert access to the second application is not granted, as no successful login
// was performed (and therefore no ssoid has been set).
SSOBaseCase.checkAccessDenied(this.httpConn, this.baseURLNoAuth + "war2/index.html");
@@ -80,13 +83,16 @@
indexGet.releaseConnection();
}
// try to perform programmatic auth with no valid username/password.
- path1 = path1 + "?username=dummy&pass=dummy";
+ path = path + "?operation=login&username=dummy&pass=dummy";
try
{
- indexGet = new GetMethod(baseURLNoAuth+path1);
+ indexGet = new GetMethod(baseURLNoAuth + path);
int responseCode = httpConn.executeMethod(indexGet);
assertTrue("Get Error("+responseCode+")",
responseCode == HttpURLConnection.HTTP_INTERNAL_ERROR);
+ // assert access to the restricted applications remains denied.
+ SSOBaseCase.checkAccessDenied(this.httpConn, this.baseURLNoAuth +
+ "war1/restricted/restricted.html");
SSOBaseCase.checkAccessDenied(this.httpConn, this.baseURLNoAuth + "war2/index.html");
}
finally
@@ -102,22 +108,36 @@
*/
public void testSuccessfulLogin() throws Exception
{
- String path1 = "war1/TestServlet?username=jduke&pass=theduke";
+ String path = "war1/TestServlet?operation=login&username=jduke&pass=theduke";
HttpMethod indexGet = null;
+ HttpMethod indexGet2 = null;
try
{
- indexGet = new GetMethod(baseURLNoAuth+path1);
+ indexGet = new GetMethod(baseURLNoAuth + path);
int responseCode = httpConn.executeMethod(indexGet);
assertTrue("Get OK("+responseCode+")", responseCode == HttpURLConnection.HTTP_OK);
- // check the sso cookie has been created
+ // assert access to the restricted are of the first application is now allowed.
+ SSOBaseCase.checkAccessAllowed(this.httpConn, this.baseURLNoAuth +
+ "war1/restricted/restricted.html");
+ // assert the sso cookie has been created.
SSOBaseCase.processSSOCookie(this.httpConn.getState(), this.baseURLNoAuth, this.baseURLNoAuth);
- // check that access to the second application is allowed
+ // assert access to the second application is allowed
SSOBaseCase.checkAccessAllowed(this.httpConn, this.baseURLNoAuth + "war2/index.html");
+
+ // perform a programmatic logout and assert access is not allowed anymore.
+ indexGet2 = new GetMethod(baseURLNoAuth + "war1/TestServlet?operation=logout");
+ responseCode = httpConn.executeMethod(indexGet2);
+ assertTrue("Get OK("+responseCode+")", responseCode == HttpURLConnection.HTTP_OK);
+ SSOBaseCase.checkAccessDenied(this.httpConn, this.baseURLNoAuth +
+ "war1/restricted/restricted.html");
+ SSOBaseCase.checkAccessDenied(this.httpConn, this.baseURLNoAuth + "war2/index.html");
}
finally
{
if(indexGet != null)
indexGet.releaseConnection();
+ if(indexGet2 != null)
+ indexGet2.releaseConnection();
}
}
Modified: branches/Branch_4_2/testsuite/src/resources/web/programmatic/WEB-INF/jbosstest-web.xml
===================================================================
--- branches/Branch_4_2/testsuite/src/resources/web/programmatic/WEB-INF/jbosstest-web.xml 2007-11-27 22:13:39 UTC (rev 67515)
+++ branches/Branch_4_2/testsuite/src/resources/web/programmatic/WEB-INF/jbosstest-web.xml 2007-11-27 22:15:09 UTC (rev 67516)
@@ -20,9 +20,24 @@
<url-pattern>/TestServlet</url-pattern>
</servlet-mapping>
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Restricted</web-resource-name>
+ <description>Restricted Area</description>
+ <url-pattern>/restricted/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <description>Only authenticated users can access secure content</description>
+ <role-name>AuthorizedUser</role-name>
+ </auth-constraint>
+ </security-constraint>
+
<login-config>
- <auth-method>BASIC</auth-method>
- <realm-name>JBossTest Servlets</realm-name>
+ <auth-method>FORM</auth-method>
+ <form-login-config>
+ <form-login-page>/login.html</form-login-page>
+ <form-error-page>/error.html</form-error-page>
+ </form-login-config>
</login-config>
<security-role>
Added: branches/Branch_4_2/testsuite/src/resources/web/programmatic/error.html
===================================================================
--- branches/Branch_4_2/testsuite/src/resources/web/programmatic/error.html (rev 0)
+++ branches/Branch_4_2/testsuite/src/resources/web/programmatic/error.html 2007-11-27 22:15:09 UTC (rev 67516)
@@ -0,0 +1,11 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+ <title>Error Page For Examples</title>
+</head>
+
+ <body bgcolor="white">
+ Invalid username and/or password, please try again
+ </body>
+</html>
+
Added: branches/Branch_4_2/testsuite/src/resources/web/programmatic/login.html
===================================================================
--- branches/Branch_4_2/testsuite/src/resources/web/programmatic/login.html (rev 0)
+++ branches/Branch_4_2/testsuite/src/resources/web/programmatic/login.html 2007-11-27 22:15:09 UTC (rev 67516)
@@ -0,0 +1,26 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+ <title>Login Page for Examples</title>
+</head>
+
+ <body bgcolor="white">
+ <form method="POST" action="j_security_check">
+ <table border="0" cellspacing="5">
+ <tr>
+ <th align="right">Username:</th>
+ <td align="left"><input type="text" name="j_username"></td>
+ </tr>
+ <tr>
+ <th align="right">Password:</th>
+ <td align="left"><input type="password" name="j_password"></td>
+ </tr>
+ <tr>
+ <td align="right"><input type="submit" value="Log In"></td>
+ <td align="left"><input type="reset"></td>
+ </tr>
+ </table>
+ </form>
+ </body>
+</html>
+
Added: branches/Branch_4_2/testsuite/src/resources/web/programmatic/restricted/restricted.html
===================================================================
--- branches/Branch_4_2/testsuite/src/resources/web/programmatic/restricted/restricted.html (rev 0)
+++ branches/Branch_4_2/testsuite/src/resources/web/programmatic/restricted/restricted.html 2007-11-27 22:15:09 UTC (rev 67516)
@@ -0,0 +1,10 @@
+<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
+<html>
+<head>
+ <title>Programmatic Login Secure Page</title>
+</head>
+
+<body>
+<h1>Programmatic Login Secure Page</h1>
+</body>
+</html>
Modified: branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/security/ExtendedSingleSignOn.java
===================================================================
--- branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/security/ExtendedSingleSignOn.java 2007-11-27 22:13:39 UTC (rev 67515)
+++ branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/security/ExtendedSingleSignOn.java 2007-11-27 22:15:09 UTC (rev 67516)
@@ -55,9 +55,18 @@
@Override
public void register(String ssoId, Principal principal, String authType, String username, String password)
{
- // TODO Auto-generated method stub
super.register(ssoId, principal, authType, username, password);
}
+
+ /*
+ * (non-Javadoc)
+ * @see org.apache.catalina.authenticator.SingleSignOn#deregister(java.lang.String)
+ */
+ @Override
+ public void deregister(String ssoId)
+ {
+ super.deregister(ssoId);
+ }
/*
* (non-Javadoc)
Modified: branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/security/login/WebAuthentication.java
===================================================================
--- branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/security/login/WebAuthentication.java 2007-11-27 22:13:39 UTC (rev 67515)
+++ branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/security/login/WebAuthentication.java 2007-11-27 22:15:09 UTC (rev 67516)
@@ -210,6 +210,12 @@
session.removeNote(Constants.SESS_USERNAME_NOTE);
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
+ //Deregister the SSOID
+ ExtendedSingleSignOn sso = this.getSingleSignOn(request);
+ if(sso != null) {
+ String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
+ sso.deregister(ssoId);
+ }
}
private String getPasswordAsString(Object cred)
Modified: branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/service/sso/ClusteredSingleSignOn.java
===================================================================
--- branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/service/sso/ClusteredSingleSignOn.java 2007-11-27 22:13:39 UTC (rev 67515)
+++ branches/Branch_4_2/tomcat/src/main/org/jboss/web/tomcat/service/sso/ClusteredSingleSignOn.java 2007-11-27 22:15:09 UTC (rev 67516)
@@ -797,7 +797,7 @@
*
* @param ssoId Single sign on identifier to deregister
*/
- protected void deregister(String ssoId)
+ public void deregister(String ssoId)
{
if (getContainer().getLogger().isDebugEnabled())
getContainer().getLogger().debug("Deregistering sso id '" + ssoId + "'");
@@ -1311,4 +1311,4 @@
return valid;
}
-}
\ No newline at end of file
+}
More information about the jboss-cvs-commits
mailing list