[jboss-cvs] JBossAS SVN: r107101 - in branches/JBPAPP_5_1/testsuite: imports/config and 2 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Jul 27 04:42:00 EDT 2010 

Author: rsvoboda at redhat.com
Date: 2010-07-27 04:41:59 -0400 (Tue, 27 Jul 2010)
New Revision: 107101

Added:
   branches/JBPAPP_5_1/testsuite/imports/config/tests-secured.xml
   branches/JBPAPP_5_1/testsuite/src/main/org/jboss/test/security/test/authorization/secured/
   branches/JBPAPP_5_1/testsuite/src/main/org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.java
Modified:
   branches/JBPAPP_5_1/testsuite/build.xml
   branches/JBPAPP_5_1/testsuite/imports/config/configs.xml
Log:
JBPAPP-4160 -- test to verify jmx-console security bypass is not present

Modified: branches/JBPAPP_5_1/testsuite/build.xml
===================================================================
--- branches/JBPAPP_5_1/testsuite/build.xml	2010-07-27 08:29:21 UTC (rev 107100)
+++ branches/JBPAPP_5_1/testsuite/build.xml	2010-07-27 08:41:59 UTC (rev 107101)
@@ -1222,6 +1222,7 @@
       <exclude name="**/test/security/test/client/*UnitTestCase.class"/>
       <exclude name="**/test/profileservice/testsecure/*UnitTestCase.class"/>
       <exclude name="**/test/passwordinjection/test/*UnitTestCase.class"/>
+      <exclude name="**/test/security/test/authorization/secured/*UnitTestCase.class"/>
    </patternset>
    <!-- A patternset that requires jboss to run with a security manager -->
    <patternset id="securitymgr.includes">

Modified: branches/JBPAPP_5_1/testsuite/imports/config/configs.xml
===================================================================
--- branches/JBPAPP_5_1/testsuite/imports/config/configs.xml	2010-07-27 08:29:21 UTC (rev 107100)
+++ branches/JBPAPP_5_1/testsuite/imports/config/configs.xml	2010-07-27 08:41:59 UTC (rev 107101)
@@ -14,5 +14,5 @@
 <import file="tests-jts.xml"/>
 <import file="tests-password-mask.xml"/>
 <import file="tests-crash-recovery.xml"/>
-
+<import file="tests-secured.xml"/>
 </project>

Added: branches/JBPAPP_5_1/testsuite/imports/config/tests-secured.xml
===================================================================
--- branches/JBPAPP_5_1/testsuite/imports/config/tests-secured.xml	                        (rev 0)
+++ branches/JBPAPP_5_1/testsuite/imports/config/tests-secured.xml	2010-07-27 08:41:59 UTC (rev 107101)
@@ -0,0 +1,33 @@
+<?xml version="1.0"?>
+
+<!--
+   | Targets that run the Secured Mask tests
+-->
+ 
+<project name="main.server.config.secured" xmlns:server="http://jboss.org/ns/test/ant/server">
+
+  <!--
+  |  Define the Pattern Sets Here
+  --> 
+  <patternset id="secured.mask.includes">
+    <include name="org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.class"/>
+  </patternset>
+
+  <!--
+    | Targets
+  -->
+   <target name="tests-secured" 
+           description="Run tests on secured profiles">
+<!--     
+     <server:start name="default"/>
+       <run-junit junit.patternset="secured.mask.includes"/>
+     <server:stop name="default"/>
+-->     
+
+     <server:start name="all"/>
+       <run-junit junit.patternset="secured.mask.includes"/>
+     <server:stop name="all"/>
+
+  </target>
+</project>
+

Added: branches/JBPAPP_5_1/testsuite/src/main/org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.java
===================================================================
--- branches/JBPAPP_5_1/testsuite/src/main/org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.java	                        (rev 0)
+++ branches/JBPAPP_5_1/testsuite/src/main/org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.java	2010-07-27 08:41:59 UTC (rev 107101)
@@ -0,0 +1,114 @@
+package org.jboss.test.security.test.authorization.secured;
+
+import java.net.*;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.test.JBossTestCase;
+import org.jboss.test.JBossTestSetup;
+
+/**
+ * Test verifies that there is no jmx-console security baypass in secured profiles.
+ * Reused test from JBPAPP-3952, JBPAPP-4160.
+ *
+ * @author bshim at redhat.com
+ * @author rsvoboda at redhat.com
+ */
+public class HttpRequestJmxAuthenticationUnitTestCase extends JBossTestCase {
+	
+	private URL u;
+	private HttpURLConnection con;
+	private static final String GET = "GET";
+	private static final String POST = "POST";
+	private static final String HEAD = "HEAD";
+	private static final String OPTIONS = "OPTIONS";
+	private static final String PUT = "PUT";
+	private static final String DELETE = "DELETE";
+	private static final String TRACE = "TRACE"; 
+	
+	public HttpRequestJmxAuthenticationUnitTestCase(String name){
+		super(name);
+	}
+	
+	public static Test suite() throws Exception {
+		TestSuite suite = new TestSuite();
+		suite.addTest(new TestSuite(HttpRequestJmxAuthenticationUnitTestCase.class));
+		// Create an initializer for the test suite
+		TestSetup wrapper = new JBossTestSetup(suite)
+	      		{
+         		@Override
+        	 	protected void setUp() throws Exception
+	         	{
+            			super.setUp();
+         		}
+
+        	 	@Override
+	         	protected void tearDown() throws Exception
+         		{
+        	    		super.tearDown();
+        		}
+      		};
+      		return wrapper;
+	}
+
+	public void testGet() throws Exception {
+		con.setRequestMethod(GET);
+		con.connect();			
+		assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+	}
+	
+	public void testPost() throws Exception {
+		con.setRequestMethod(POST);
+		con.connect();
+		assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+	}
+	
+	public void testHead() throws Exception {
+		con.setRequestMethod(HEAD);
+		con.connect();			
+		assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+	}
+	
+	public void testOptions() throws Exception {
+		con.setRequestMethod(OPTIONS);
+		con.connect();
+		assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+	}
+	
+	public void testPut() throws Exception {
+		con.setRequestMethod(PUT);
+		con.connect();			
+		assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+	}
+	
+	public void testTrace()  throws Exception {
+		con.setRequestMethod(TRACE);
+		con.connect();
+                assertEquals(HttpURLConnection.HTTP_BAD_METHOD, con.getResponseCode());
+	}
+	
+	public void testDelete()  throws Exception {
+		con.setRequestMethod(DELETE);
+		con.connect();
+		assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+	}
+	
+	protected void setUp() throws Exception {
+		super.setUp();
+		u = new URL("http://" + getServerHost() + ":8080/jmx-console");
+		con = (HttpURLConnection) u.openConnection();
+		try {
+			con.setDoInput(true);
+			con.setRequestProperty("Cookie","MODIFY ME IF NEEDED");
+		} finally {
+			con.disconnect();
+		}
+	}
+	
+	protected void tearDown(){
+		if (con != null)
+			con.disconnect();
+	}
+}

More information about the jboss-cvs-commits mailing list