001: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
002: *
003: * Licensed under the Apache License, Version 2.0 (the "License");
004: * you may not use this file except in compliance with the License.
005: * You may obtain a copy of the License at
006: *
007: * http://www.apache.org/licenses/LICENSE-2.0
008: *
009: * Unless required by applicable law or agreed to in writing, software
010: * distributed under the License is distributed on an "AS IS" BASIS,
011: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
012: * See the License for the specific language governing permissions and
013: * limitations under the License.
014: */
015:
016: package org.acegisecurity.ui.rememberme;
017:
018: import junit.framework.TestCase;
019:
020: import org.acegisecurity.Authentication;
021: import org.acegisecurity.GrantedAuthority;
022: import org.acegisecurity.GrantedAuthorityImpl;
023: import org.acegisecurity.MockAuthenticationManager;
024: import org.acegisecurity.MockFilterConfig;
025:
026: import org.acegisecurity.context.SecurityContextHolder;
027:
028: import org.acegisecurity.providers.TestingAuthenticationToken;
029:
030: import org.springframework.mock.web.MockHttpServletRequest;
031: import org.springframework.mock.web.MockHttpServletResponse;
032:
033: import java.io.IOException;
034:
035: import javax.servlet.Filter;
036: import javax.servlet.FilterChain;
037: import javax.servlet.FilterConfig;
038: import javax.servlet.ServletException;
039: import javax.servlet.ServletRequest;
040: import javax.servlet.ServletResponse;
041: import javax.servlet.http.HttpServletRequest;
042: import javax.servlet.http.HttpServletResponse;
043:
044: /**
045: * Tests {@link RememberMeProcessingFilter}.
046: *
047: * @author Ben Alex
048: * @version $Id: RememberMeProcessingFilterTests.java 1496 2006-05-23 13:38:33Z benalex $
049: */
050: public class RememberMeProcessingFilterTests extends TestCase {
051: //~ Constructors ===================================================================================================
052:
053: public RememberMeProcessingFilterTests() {
054: super ();
055: }
056:
057: public RememberMeProcessingFilterTests(String arg0) {
058: super (arg0);
059: }
060:
061: //~ Methods ========================================================================================================
062:
063: private void executeFilterInContainerSimulator(
064: FilterConfig filterConfig, Filter filter,
065: ServletRequest request, ServletResponse response,
066: FilterChain filterChain) throws ServletException,
067: IOException {
068: filter.init(filterConfig);
069: filter.doFilter(request, response, filterChain);
070: filter.destroy();
071: }
072:
073: public static void main(String[] args) {
074: junit.textui.TestRunner
075: .run(RememberMeProcessingFilterTests.class);
076: }
077:
078: protected void setUp() throws Exception {
079: super .setUp();
080: SecurityContextHolder.clearContext();
081: }
082:
083: protected void tearDown() throws Exception {
084: super .tearDown();
085: SecurityContextHolder.clearContext();
086: }
087:
088: public void testDetectsAuthenticationManagerProperty()
089: throws Exception {
090: RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
091: filter
092: .setAuthenticationManager(new MockAuthenticationManager());
093:
094: filter.afterPropertiesSet();
095: assertTrue(true);
096:
097: filter.setAuthenticationManager(null);
098:
099: try {
100: filter.afterPropertiesSet();
101: fail("Should have thrown IllegalArgumentException");
102: } catch (IllegalArgumentException expected) {
103: assertTrue(true);
104: }
105: }
106:
107: public void testDetectsRememberMeServicesProperty()
108: throws Exception {
109: RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
110: filter
111: .setAuthenticationManager(new MockAuthenticationManager());
112:
113: // check default is NullRememberMeServices
114: assertEquals(NullRememberMeServices.class, filter
115: .getRememberMeServices().getClass());
116:
117: // check getter/setter
118: filter
119: .setRememberMeServices(new TokenBasedRememberMeServices());
120: assertEquals(TokenBasedRememberMeServices.class, filter
121: .getRememberMeServices().getClass());
122:
123: // check detects if made null
124: filter.setRememberMeServices(null);
125:
126: try {
127: filter.afterPropertiesSet();
128: fail("Should have thrown IllegalArgumentException");
129: } catch (IllegalArgumentException expected) {
130: assertTrue(true);
131: }
132: }
133:
134: public void testDoFilterWithNonHttpServletRequestDetected()
135: throws Exception {
136: RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
137: filter
138: .setAuthenticationManager(new MockAuthenticationManager());
139:
140: try {
141: filter.doFilter(null, new MockHttpServletResponse(),
142: new MockFilterChain());
143: fail("Should have thrown ServletException");
144: } catch (ServletException expected) {
145: assertEquals("Can only process HttpServletRequest",
146: expected.getMessage());
147: }
148: }
149:
150: public void testDoFilterWithNonHttpServletResponseDetected()
151: throws Exception {
152: RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
153: filter
154: .setAuthenticationManager(new MockAuthenticationManager());
155:
156: try {
157: MockHttpServletRequest request = new MockHttpServletRequest();
158: request.setRequestURI("dc");
159: filter.doFilter(request, null, new MockFilterChain());
160: fail("Should have thrown ServletException");
161: } catch (ServletException expected) {
162: assertEquals("Can only process HttpServletResponse",
163: expected.getMessage());
164: }
165: }
166:
167: public void testOperationWhenAuthenticationExistsInContextHolder()
168: throws Exception {
169: // Put an Authentication object into the SecurityContextHolder
170: Authentication originalAuth = new TestingAuthenticationToken(
171: "user", "password",
172: new GrantedAuthority[] { new GrantedAuthorityImpl(
173: "ROLE_A") });
174: SecurityContextHolder.getContext().setAuthentication(
175: originalAuth);
176:
177: // Setup our filter correctly
178: Authentication remembered = new TestingAuthenticationToken(
179: "remembered", "password",
180: new GrantedAuthority[] { new GrantedAuthorityImpl(
181: "ROLE_REMEMBERED") });
182: RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
183: filter
184: .setAuthenticationManager(new MockAuthenticationManager());
185: filter.setRememberMeServices(new MockRememberMeServices(
186: remembered));
187: filter.afterPropertiesSet();
188:
189: // Test
190: MockHttpServletRequest request = new MockHttpServletRequest();
191: request.setRequestURI("x");
192: executeFilterInContainerSimulator(new MockFilterConfig(),
193: filter, request, new MockHttpServletResponse(),
194: new MockFilterChain(true));
195:
196: // Ensure filter didn't change our original object
197: assertEquals(originalAuth, SecurityContextHolder.getContext()
198: .getAuthentication());
199: }
200:
201: public void testOperationWhenNoAuthenticationInContextHolder()
202: throws Exception {
203: Authentication remembered = new TestingAuthenticationToken(
204: "remembered", "password",
205: new GrantedAuthority[] { new GrantedAuthorityImpl(
206: "ROLE_REMEMBERED") });
207: RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
208: filter
209: .setAuthenticationManager(new MockAuthenticationManager());
210: filter.setRememberMeServices(new MockRememberMeServices(
211: remembered));
212: filter.afterPropertiesSet();
213:
214: MockHttpServletRequest request = new MockHttpServletRequest();
215: request.setRequestURI("x");
216: executeFilterInContainerSimulator(new MockFilterConfig(),
217: filter, request, new MockHttpServletResponse(),
218: new MockFilterChain(true));
219:
220: // Ensure filter setup with our remembered authentication object
221: assertEquals(remembered, SecurityContextHolder.getContext()
222: .getAuthentication());
223: }
224:
225: //~ Inner Classes ==================================================================================================
226:
227: private class MockFilterChain implements FilterChain {
228: private boolean expectToProceed;
229:
230: public MockFilterChain(boolean expectToProceed) {
231: this .expectToProceed = expectToProceed;
232: }
233:
234: private MockFilterChain() {
235: super ();
236: }
237:
238: public void doFilter(ServletRequest request,
239: ServletResponse response) throws IOException,
240: ServletException {
241: if (expectToProceed) {
242: assertTrue(true);
243: } else {
244: fail("Did not expect filter chain to proceed");
245: }
246: }
247: }
248:
249: private class MockRememberMeServices implements RememberMeServices {
250: private Authentication authToReturn;
251:
252: public MockRememberMeServices(Authentication authToReturn) {
253: this .authToReturn = authToReturn;
254: }
255:
256: public Authentication autoLogin(HttpServletRequest request,
257: HttpServletResponse response) {
258: return authToReturn;
259: }
260:
261: public void loginFail(HttpServletRequest request,
262: HttpServletResponse response) {
263: }
264:
265: public void loginSuccess(HttpServletRequest request,
266: HttpServletResponse response,
267: Authentication successfulAuthentication) {
268: }
269: }
270: }
|