[jboss-cvs] JBossAS SVN: r107102 - in trunk/testsuite: imports/config and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Jul 27 04:47:06 EDT 2010
Author: rsvoboda at redhat.com
Date: 2010-07-27 04:47:05 -0400 (Tue, 27 Jul 2010)
New Revision: 107102
Added:
trunk/testsuite/imports/config/tests-secured.xml
trunk/testsuite/src/main/org/jboss/test/security/test/authorization/secured/
trunk/testsuite/src/main/org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.java
Modified:
trunk/testsuite/build.xml
trunk/testsuite/imports/config/configs.xml
Log:
JBPAPP-4160 -- test to verify jmx-console security bypass is not present
Modified: trunk/testsuite/build.xml
===================================================================
--- trunk/testsuite/build.xml 2010-07-27 08:41:59 UTC (rev 107101)
+++ trunk/testsuite/build.xml 2010-07-27 08:47:05 UTC (rev 107102)
@@ -1027,6 +1027,7 @@
<exclude name="**/test/web/security/authorization/XACMLWeb*.class"/>
<exclude name="**/test/security/test/client/*UnitTestCase.class"/>
<exclude name="**/test/passwordinjection/test/*UnitTestCase.class"/>
+ <exclude name="**/test/security/test/authorization/secured/*UnitTestCase.class"/>
</patternset>
<!-- A patternset that requires jboss to run with a security manager -->
<patternset id="securitymgr.includes">
Modified: trunk/testsuite/imports/config/configs.xml
===================================================================
--- trunk/testsuite/imports/config/configs.xml 2010-07-27 08:41:59 UTC (rev 107101)
+++ trunk/testsuite/imports/config/configs.xml 2010-07-27 08:47:05 UTC (rev 107102)
@@ -15,5 +15,6 @@
<import file="tests-bootstrap-dependencies.xml"/>
<import file="tests-password-mask.xml"/>
<import file="tests-jts.xml"/>
+<import file="tests-secured.xml"/>
</project>
Added: trunk/testsuite/imports/config/tests-secured.xml
===================================================================
--- trunk/testsuite/imports/config/tests-secured.xml (rev 0)
+++ trunk/testsuite/imports/config/tests-secured.xml 2010-07-27 08:47:05 UTC (rev 107102)
@@ -0,0 +1,33 @@
+<?xml version="1.0"?>
+
+<!--
+ | Targets that run the Secured Mask tests
+-->
+
+<project name="main.server.config.secured" xmlns:server="http://jboss.org/ns/test/ant/server">
+
+ <!--
+ | Define the Pattern Sets Here
+ -->
+ <patternset id="secured.mask.includes">
+ <include name="org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.class"/>
+ </patternset>
+
+ <!--
+ | Targets
+ -->
+ <target name="tests-secured"
+ description="Run tests on secured profiles">
+<!--
+ <server:start name="default"/>
+ <run-junit junit.patternset="secured.mask.includes"/>
+ <server:stop name="default"/>
+-->
+
+ <server:start name="all"/>
+ <run-junit junit.patternset="secured.mask.includes"/>
+ <server:stop name="all"/>
+
+ </target>
+</project>
+
Added: trunk/testsuite/src/main/org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.java
===================================================================
--- trunk/testsuite/src/main/org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.java (rev 0)
+++ trunk/testsuite/src/main/org/jboss/test/security/test/authorization/secured/HttpRequestJmxAuthenticationUnitTestCase.java 2010-07-27 08:47:05 UTC (rev 107102)
@@ -0,0 +1,114 @@
+package org.jboss.test.security.test.authorization.secured;
+
+import java.net.*;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.test.JBossTestCase;
+import org.jboss.test.JBossTestSetup;
+
+/**
+ * Test verifies that there is no jmx-console security baypass in secured profiles.
+ * Reused test from JBPAPP-3952, JBPAPP-4160.
+ *
+ * @author bshim at redhat.com
+ * @author rsvoboda at redhat.com
+ */
+public class HttpRequestJmxAuthenticationUnitTestCase extends JBossTestCase {
+
+ private URL u;
+ private HttpURLConnection con;
+ private static final String GET = "GET";
+ private static final String POST = "POST";
+ private static final String HEAD = "HEAD";
+ private static final String OPTIONS = "OPTIONS";
+ private static final String PUT = "PUT";
+ private static final String DELETE = "DELETE";
+ private static final String TRACE = "TRACE";
+
+ public HttpRequestJmxAuthenticationUnitTestCase(String name){
+ super(name);
+ }
+
+ public static Test suite() throws Exception {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new TestSuite(HttpRequestJmxAuthenticationUnitTestCase.class));
+ // Create an initializer for the test suite
+ TestSetup wrapper = new JBossTestSetup(suite)
+ {
+ @Override
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ }
+
+ @Override
+ protected void tearDown() throws Exception
+ {
+ super.tearDown();
+ }
+ };
+ return wrapper;
+ }
+
+ public void testGet() throws Exception {
+ con.setRequestMethod(GET);
+ con.connect();
+ assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+ }
+
+ public void testPost() throws Exception {
+ con.setRequestMethod(POST);
+ con.connect();
+ assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+ }
+
+ public void testHead() throws Exception {
+ con.setRequestMethod(HEAD);
+ con.connect();
+ assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+ }
+
+ public void testOptions() throws Exception {
+ con.setRequestMethod(OPTIONS);
+ con.connect();
+ assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+ }
+
+ public void testPut() throws Exception {
+ con.setRequestMethod(PUT);
+ con.connect();
+ assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+ }
+
+ public void testTrace() throws Exception {
+ con.setRequestMethod(TRACE);
+ con.connect();
+ assertEquals(HttpURLConnection.HTTP_BAD_METHOD, con.getResponseCode());
+ }
+
+ public void testDelete() throws Exception {
+ con.setRequestMethod(DELETE);
+ con.connect();
+ assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, con.getResponseCode());
+ }
+
+ protected void setUp() throws Exception {
+ super.setUp();
+ u = new URL("http://" + getServerHost() + ":8080/jmx-console");
+ con = (HttpURLConnection) u.openConnection();
+ try {
+ con.setDoInput(true);
+ con.setRequestProperty("Cookie","MODIFY ME IF NEEDED");
+ } finally {
+ con.disconnect();
+ }
+ }
+
+ protected void tearDown(){
+ if (con != null)
+ con.disconnect();
+ }
+}
More information about the jboss-cvs-commits
mailing list