[seam-commits] Seam SVN: r10971 - in branches/community/Seam_2_1/examples: restbay/src/org/jboss/seam/example/restbay/resteasy and 4 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Mon May 25 13:36:19 EDT 2009
Author: christian.bauer at jboss.com
Date: 2009-05-25 13:36:19 -0400 (Mon, 25 May 2009)
New Revision: 10971
Added:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/TestAuthenticator.java
Removed:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
Modified:
branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml
branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/pages.xml
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/fwk/MockHttpServletRequest.java
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/fwk/ResourceSeamTest.java
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml
branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/ContextResourceTest.java
branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/ResolvedTaskResourceQueryTest.java
branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/TaskResourceTest.java
branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/fwk/MockHttpServletRequest.java
branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/fwk/ResourceSeamTest.java
Log:
JBSEAM-4152, Fixed session handling in SeamResourceTest, enabled tests
Modified: branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml
===================================================================
--- branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml 2009-05-25 17:36:19 UTC (rev 10971)
@@ -49,9 +49,11 @@
entity-class="org.jboss.seam.example.restbay.Category"
media-types="application/xml application/json"/>
- <web:authentication-filter url-pattern="/seam/resource/restv1/secured/*"
- auth-type="basic" realm="Seam RestBay Application" />
+ <web:authentication-filter
+ url-pattern="/seam/resource/restv1/secured/*"
+ auth-type="basic"
+ realm="Seam RestBay Application"/>
- <security:identity authenticate-method="#{authenticator.authenticate}" />
+ <security:identity authenticate-method="#{testAuthenticator.authenticate}" />
</components>
Modified: branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/pages.xml
===================================================================
--- branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/pages.xml 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/pages.xml 2009-05-25 17:36:19 UTC (rev 10971)
@@ -9,4 +9,10 @@
</http-error>
</exception>
+ <exception class="org.jboss.seam.security.AuthorizationException" log="false">
+ <http-error error-code="403">
+ <message>Not authorized to access resource: #{org.jboss.seam.handledException.message}</message>
+ </http-error>
+ </exception>
+
</pages>
Deleted: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -1,39 +0,0 @@
-package org.jboss.seam.example.restbay.resteasy;
-
-
-import org.jboss.seam.ScopeType;
-import org.jboss.seam.annotations.In;
-import org.jboss.seam.annotations.Logger;
-import org.jboss.seam.annotations.Name;
-import org.jboss.seam.annotations.Scope;
-import org.jboss.seam.log.Log;
-import org.jboss.seam.security.Credentials;
-import org.jboss.seam.security.Identity;
-
- at Name("authenticator")
- at Scope(ScopeType.EVENT)
-public class Authenticator
-{
-
- @In
- private Identity identity;
- @In
- private Credentials credentials;
- @Logger
- private Log log;
-
- public boolean authenticate()
- {
- if (credentials.getUsername().equals(credentials.getPassword())) {
- log.info("Authenticated {0}", credentials.getUsername());
-
- if (credentials.getUsername().equals("admin")) {
- identity.addRole("admin");
- log.info("Admin rights granted for {0}", credentials.getUsername());
- }
- return true;
- } else {
- return false;
- }
- }
-}
\ No newline at end of file
Modified: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -15,7 +15,7 @@
*
*/
- at Path("/secured/resource")
+ at Path("/secured")
@Name("securedResource")
@Produces("text/plain")
public class SecuredResource
Copied: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/TestAuthenticator.java (from rev 10964, branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java)
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/TestAuthenticator.java (rev 0)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/TestAuthenticator.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -0,0 +1,44 @@
+package org.jboss.seam.example.restbay.resteasy;
+
+
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.annotations.Logger;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.log.Log;
+import org.jboss.seam.security.Credentials;
+import org.jboss.seam.security.Identity;
+
+ at Name("testAuthenticator")
+ at Scope(ScopeType.EVENT)
+public class TestAuthenticator
+{
+
+ @In
+ private Identity identity;
+
+ @In
+ private Credentials credentials;
+
+ @Logger
+ private Log log;
+
+ public boolean authenticate()
+ {
+ log.debug("Authenticating username/password: " + credentials.getUsername() + "/" + credentials.getPassword());
+ if (credentials.getUsername().equals(credentials.getPassword())) {
+ log.info("Authenticated {0}", credentials.getUsername());
+
+ if (credentials.getUsername().equals("admin")) {
+ identity.addRole("admin");
+ log.info("Admin rights granted for {0}", credentials.getUsername());
+ }
+ log.debug("Authentication valid");
+ return true;
+ } else {
+ log.debug("Authentication invalid");
+ return false;
+ }
+ }
+}
\ No newline at end of file
Property changes on: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/TestAuthenticator.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Modified: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -7,25 +7,37 @@
import org.jboss.seam.example.restbay.test.fwk.ResourceSeamTest;
import org.testng.annotations.Test;
+import java.util.HashMap;
+import java.util.Map;
+
/**
* This class tests RESTEasy integration together with Seam Security.
*
* @author Jozef Hartinger
- *
*/
public class SecurityTest extends ResourceSeamTest
{
+
+ @Override
+ public Map<String, Object> getDefaultHeaders()
+ {
+ return new HashMap<String, Object>()
+ {{
+ put("Accept", "text/plain");
+ }};
+ }
+
@Test
public void basicAuthTest() throws Exception
{
- new ResourceRequest(Method.GET, "/restv1/secured/resource/admin")
+ new ResourceRequest(Method.GET, "/restv1/secured/admin")
{
@Override
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
request.addHeader("Accept", "text/plain");
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
}
@Override
@@ -37,73 +49,102 @@
}.run();
}
-
+
@Test
public void invalidCredentialsBasicAuthTest() throws Exception
{
- new ResourceRequest(Method.GET, "/restv1/secured/resource")
+ new ResourceRequest(Method.GET, "/restv1/secured")
{
@Override
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
request.addHeader("Accept", "text/plain");
- request.addHeader("Authorization", "BASIC ZGVtbzpvbWVk"); // demo:omed
+ request.addHeader("Authorization", "Basic ZGVtbzpvbWVk"); // demo:omed
}
-
+
@Override
protected void onResponse(MockHttpServletResponse response)
{
- assertEquals(response.getStatus(), 403, "Unexpected response code.");
+ assertEquals(
+ response.getHeader("WWW-Authenticate"),
+ "Basic realm=\"Seam RestBay Application\"",
+ "Invalid authentication header value"
+ );
+ assertEquals(response.getStatus(), 401, "Unexpected response code.");
}
-
+
}.run();
}
-
+
@Test
public void adminRoleTest() throws Exception
{
- new ResourceRequest(Method.GET, "/restv1/secured/resource/admin")
+ new ResourceRequest(Method.GET, "/restv1/secured/admin")
{
@Override
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
request.addHeader("Accept", "text/plain");
- request.addHeader("Authorization", "BASIC YWRtaW46YWRtaW4="); // admin:admin
+ request.addHeader("Authorization", "Basic YWRtaW46YWRtaW4="); // admin:admin
}
-
+
@Override
protected void onResponse(MockHttpServletResponse response)
{
assertEquals(response.getStatus(), 200, "Unexpected response code.");
assertEquals(response.getContentAsString(), "true");
}
-
+
}.run();
}
-
+
@Test
public void adminRoleTestWithRestriction() throws Exception
{
- new ResourceRequest(Method.GET, "/restv1/secured/resource/restrictedAdmin")
+ new ResourceRequest(Method.GET, "/restv1/secured/restrictedAdmin")
{
@Override
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
request.addHeader("Accept", "text/plain");
- request.addHeader("Authorization", "BASIC YWRtaW46YWRtaW4="); // admin:admin
+ request.addHeader("Authorization", "Basic YWRtaW46YWRtaW4="); // admin:admin
}
-
+
@Override
protected void onResponse(MockHttpServletResponse response)
{
assertEquals(response.getStatus(), 200, "Unexpected response code.");
assertEquals(response.getContentAsString(), "true");
}
-
+
}.run();
}
-
+
+ @Test
+ public void invalidAdminAuthorization() throws Exception
+ {
+ new ResourceRequest(Method.GET, "/restv1/secured/restrictedAdmin")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ // See AuthorizationException mapping to 403 in pages.xml!
+ assertEquals(response.getStatus(), 403, "Unexpected response code.");
+ assert response.getStatusMessage().startsWith("Not authorized to access resource");
+ }
+
+ }.run();
+ }
+
}
Modified: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/fwk/MockHttpServletRequest.java
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/fwk/MockHttpServletRequest.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/fwk/MockHttpServletRequest.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -817,14 +817,11 @@
}
public void setSession(HttpSession session) {
- this.session = session;
- // TODO: We don't need session handling?
- /*
if (session instanceof MockHttpSession) {
MockHttpSession mockSession = ((MockHttpSession) session);
- mockSession.access();
+ //TODO: We don't track access times in mocks (yet) mockSession.access();
}
- */
+ this.session = session;
}
public HttpSession getSession(boolean create) {
Modified: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/fwk/ResourceSeamTest.java
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/fwk/ResourceSeamTest.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/fwk/ResourceSeamTest.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -115,6 +115,9 @@
request.addUserRole(role);
}
+ // Use the (mock) HttpSession that Seam uses, see AbstractSeamTest
+ request.setSession(session);
+
}
protected MockHttpServletRequest createRequest()
Modified: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml 2009-05-25 17:36:19 UTC (rev 10971)
@@ -26,9 +26,10 @@
</classes>
</test>
- <!-- <test name="RestBay: Security">
+ <test name="RestBay: Security">
<classes>
<class name="org.jboss.seam.example.restbay.test.SecurityTest"/>
</classes>
- </test>-->
+ </test>
+
</suite>
\ No newline at end of file
Modified: branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/ContextResourceTest.java
===================================================================
--- branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/ContextResourceTest.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/ContextResourceTest.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -54,7 +54,7 @@
{
super.prepareRequest(request);
request.addHeader("Accept", contentType);
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
}
@Override
@@ -79,7 +79,7 @@
{
super.prepareRequest(request);
request.addHeader("Accept", "application/xml");
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
}
@Override
@@ -107,7 +107,7 @@
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
}
@Override
@@ -127,7 +127,7 @@
{
super.prepareRequest(request);
request.addHeader("Accept", mimeType);
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
}
@Override
Modified: branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/ResolvedTaskResourceQueryTest.java
===================================================================
--- branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/ResolvedTaskResourceQueryTest.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/ResolvedTaskResourceQueryTest.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -27,7 +27,7 @@
import org.jboss.seam.example.tasks.test.fwk.MockHttpServletRequest;
import org.jboss.seam.example.tasks.test.fwk.MockHttpServletResponse;
import org.jboss.seam.example.tasks.test.fwk.ResourceSeamTest;
-import org.testng.annotations.BeforeClass;
+import org.testng.annotations.BeforeMethod;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
@@ -38,8 +38,9 @@
*/
public class ResolvedTaskResourceQueryTest extends ResourceSeamTest
{
-
- @BeforeClass
+
+ // We could do this BeforeClass only once but we can't do ResourceRequests there
+ @BeforeMethod
public void resolveTask() throws Exception {
final String mimeType = "application/xml";
@@ -52,7 +53,7 @@
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
request.addHeader("Content-Type", mimeType);
request.setContentType(mimeType);
request.setContent(representation.getBytes());
Modified: branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/TaskResourceTest.java
===================================================================
--- branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/TaskResourceTest.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/TaskResourceTest.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -49,7 +49,7 @@
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
request.addHeader("Content-Type", mimeType);
request.setContentType(mimeType);
request.setContent(representation.getBytes());
@@ -78,7 +78,7 @@
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
request.addHeader("Content-Type", mimeType);
request.setContentType(mimeType);
request.setContent(representation.getBytes());
@@ -101,7 +101,7 @@
{
super.prepareRequest(request);
request.addHeader("Accept", "application/xml");
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
}
@Override
@@ -125,7 +125,7 @@
protected void prepareRequest(MockHttpServletRequest request)
{
super.prepareRequest(request);
- request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ request.addHeader("Authorization", "Basic ZGVtbzpkZW1v"); // demo:demo
}
@Override
Modified: branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/fwk/MockHttpServletRequest.java
===================================================================
--- branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/fwk/MockHttpServletRequest.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/fwk/MockHttpServletRequest.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -817,14 +817,11 @@
}
public void setSession(HttpSession session) {
- this.session = session;
- // TODO: We don't need session handling?
- /*
if (session instanceof MockHttpSession) {
MockHttpSession mockSession = ((MockHttpSession) session);
- mockSession.access();
+ //TODO: We don't track access times in mocks (yet) mockSession.access();
}
- */
+ this.session = session;
}
public HttpSession getSession(boolean create) {
Modified: branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/fwk/ResourceSeamTest.java
===================================================================
--- branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/fwk/ResourceSeamTest.java 2009-05-25 16:19:12 UTC (rev 10970)
+++ branches/community/Seam_2_1/examples/tasks/src/main/org/jboss/seam/example/tasks/test/fwk/ResourceSeamTest.java 2009-05-25 17:36:19 UTC (rev 10971)
@@ -115,6 +115,9 @@
request.addUserRole(role);
}
+ // Use the (mock) HttpSession that Seam uses, see AbstractSeamTest
+ request.setSession(session);
+
}
protected MockHttpServletRequest createRequest()
More information about the seam-commits
mailing list