001: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
002: *
003: * Licensed under the Apache License, Version 2.0 (the "License");
004: * you may not use this file except in compliance with the License.
005: * You may obtain a copy of the License at
006: *
007: * http://www.apache.org/licenses/LICENSE-2.0
008: *
009: * Unless required by applicable law or agreed to in writing, software
010: * distributed under the License is distributed on an "AS IS" BASIS,
011: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
012: * See the License for the specific language governing permissions and
013: * limitations under the License.
014: */
015:
016: package org.acegisecurity.providers.anonymous;
017:
018: import junit.framework.TestCase;
019:
020: import org.acegisecurity.Authentication;
021: import org.acegisecurity.GrantedAuthority;
022: import org.acegisecurity.GrantedAuthorityImpl;
023: import org.acegisecurity.MockFilterConfig;
024:
025: import org.acegisecurity.context.SecurityContextHolder;
026:
027: import org.acegisecurity.providers.TestingAuthenticationToken;
028:
029: import org.acegisecurity.userdetails.memory.UserAttribute;
030:
031: import org.springframework.mock.web.MockHttpServletRequest;
032: import org.springframework.mock.web.MockHttpServletResponse;
033:
034: import java.io.IOException;
035:
036: import javax.servlet.Filter;
037: import javax.servlet.FilterChain;
038: import javax.servlet.FilterConfig;
039: import javax.servlet.ServletException;
040: import javax.servlet.ServletRequest;
041: import javax.servlet.ServletResponse;
042:
043: /**
044: * Tests {@link AnonymousProcessingFilter}.
045: *
046: * @author Ben Alex
047: * @version $Id: AnonymousProcessingFilterTests.java 1496 2006-05-23 13:38:33Z benalex $
048: */
049: public class AnonymousProcessingFilterTests extends TestCase {
050: //~ Constructors ===================================================================================================
051:
052: public AnonymousProcessingFilterTests() {
053: super ();
054: }
055:
056: public AnonymousProcessingFilterTests(String arg0) {
057: super (arg0);
058: }
059:
060: //~ Methods ========================================================================================================
061:
062: private void executeFilterInContainerSimulator(
063: FilterConfig filterConfig, Filter filter,
064: ServletRequest request, ServletResponse response,
065: FilterChain filterChain) throws ServletException,
066: IOException {
067: filter.init(filterConfig);
068: filter.doFilter(request, response, filterChain);
069: filter.destroy();
070: }
071:
072: public static void main(String[] args) {
073: junit.textui.TestRunner
074: .run(AnonymousProcessingFilterTests.class);
075: }
076:
077: protected void setUp() throws Exception {
078: super .setUp();
079: SecurityContextHolder.clearContext();
080: }
081:
082: protected void tearDown() throws Exception {
083: super .tearDown();
084: SecurityContextHolder.clearContext();
085: }
086:
087: public void testDetectsMissingKey() throws Exception {
088: UserAttribute user = new UserAttribute();
089: user.setPassword("anonymousUsername");
090: user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
091:
092: AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
093: filter.setUserAttribute(user);
094:
095: try {
096: filter.afterPropertiesSet();
097: fail("Should have thrown IllegalArgumentException");
098: } catch (IllegalArgumentException expected) {
099: assertTrue(true);
100: }
101: }
102:
103: public void testDetectsUserAttribute() throws Exception {
104: AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
105: filter.setKey("qwerty");
106:
107: try {
108: filter.afterPropertiesSet();
109: fail("Should have thrown IllegalArgumentException");
110: } catch (IllegalArgumentException expected) {
111: assertTrue(true);
112: }
113: }
114:
115: public void testGettersSetters() throws Exception {
116: UserAttribute user = new UserAttribute();
117: user.setPassword("anonymousUsername");
118: user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
119:
120: AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
121: filter.setKey("qwerty");
122: filter.setUserAttribute(user);
123: assertTrue(filter.isRemoveAfterRequest());
124: filter.afterPropertiesSet();
125:
126: assertEquals("qwerty", filter.getKey());
127: assertEquals(user, filter.getUserAttribute());
128: filter.setRemoveAfterRequest(false);
129: assertFalse(filter.isRemoveAfterRequest());
130: }
131:
132: public void testOperationWhenAuthenticationExistsInContextHolder()
133: throws Exception {
134: // Put an Authentication object into the SecurityContextHolder
135: Authentication originalAuth = new TestingAuthenticationToken(
136: "user", "password",
137: new GrantedAuthority[] { new GrantedAuthorityImpl(
138: "ROLE_A") });
139: SecurityContextHolder.getContext().setAuthentication(
140: originalAuth);
141:
142: // Setup our filter correctly
143: UserAttribute user = new UserAttribute();
144: user.setPassword("anonymousUsername");
145: user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
146:
147: AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
148: filter.setKey("qwerty");
149: filter.setUserAttribute(user);
150: filter.afterPropertiesSet();
151:
152: // Test
153: MockHttpServletRequest request = new MockHttpServletRequest();
154: request.setRequestURI("x");
155: executeFilterInContainerSimulator(new MockFilterConfig(),
156: filter, request, new MockHttpServletResponse(),
157: new MockFilterChain(true));
158:
159: // Ensure filter didn't change our original object
160: assertEquals(originalAuth, SecurityContextHolder.getContext()
161: .getAuthentication());
162: }
163:
164: public void testOperationWhenNoAuthenticationInSecurityContextHolder()
165: throws Exception {
166: UserAttribute user = new UserAttribute();
167: user.setPassword("anonymousUsername");
168: user.addAuthority(new GrantedAuthorityImpl("ROLE_ANONYMOUS"));
169:
170: AnonymousProcessingFilter filter = new AnonymousProcessingFilter();
171: filter.setKey("qwerty");
172: filter.setUserAttribute(user);
173: filter.setRemoveAfterRequest(false); // set to non-default value
174: filter.afterPropertiesSet();
175:
176: MockHttpServletRequest request = new MockHttpServletRequest();
177: request.setRequestURI("x");
178: executeFilterInContainerSimulator(new MockFilterConfig(),
179: filter, request, new MockHttpServletResponse(),
180: new MockFilterChain(true));
181:
182: Authentication auth = SecurityContextHolder.getContext()
183: .getAuthentication();
184: assertEquals("anonymousUsername", auth.getPrincipal());
185: assertEquals(new GrantedAuthorityImpl("ROLE_ANONYMOUS"), auth
186: .getAuthorities()[0]);
187: SecurityContextHolder.getContext().setAuthentication(null); // so anonymous fires again
188:
189: // Now test operation if we have removeAfterRequest = true
190: filter.setRemoveAfterRequest(true); // set to default value
191: executeFilterInContainerSimulator(new MockFilterConfig(),
192: filter, request, new MockHttpServletResponse(),
193: new MockFilterChain(true));
194: assertNull(SecurityContextHolder.getContext()
195: .getAuthentication());
196: }
197:
198: //~ Inner Classes ==================================================================================================
199:
200: private class MockFilterChain implements FilterChain {
201: private boolean expectToProceed;
202:
203: public MockFilterChain(boolean expectToProceed) {
204: this .expectToProceed = expectToProceed;
205: }
206:
207: private MockFilterChain() {
208: super ();
209: }
210:
211: public void doFilter(ServletRequest request,
212: ServletResponse response) throws IOException,
213: ServletException {
214: if (expectToProceed) {
215: assertTrue(true);
216: } else {
217: fail("Did not expect filter chain to proceed");
218: }
219: }
220: }
221: }
|