001: /*
002: * Copyright 2001-2007 Geert Bevin <gbevin[remove] at uwyn dot com> and
003: * Steven Grimm <koreth[remove] at midwinter dot com>
004: * Distributed under the terms of either:
005: * - the common development and distribution license (CDDL), v1.0; or
006: * - the GNU Lesser General Public License, v2.1 or later
007: * $Id: TestPurgingDatabaseAuthenticated.java 3669 2007-02-26 13:51:23Z gbevin $
008: */
009: package com.uwyn.rife.authentication.elements;
010:
011: import com.meterware.httpunit.GetMethodWebRequest;
012: import com.meterware.httpunit.WebConversation;
013: import com.meterware.httpunit.WebForm;
014: import com.meterware.httpunit.WebRequest;
015: import com.meterware.httpunit.WebResponse;
016: import com.uwyn.rife.authentication.credentialsmanagers.DatabaseUsers;
017: import com.uwyn.rife.authentication.credentialsmanagers.DatabaseUsersFactory;
018: import com.uwyn.rife.authentication.credentialsmanagers.RoleUserAttributes;
019: import com.uwyn.rife.authentication.exceptions.CredentialsManagerException;
020: import com.uwyn.rife.authentication.exceptions.RememberManagerException;
021: import com.uwyn.rife.authentication.exceptions.SessionManagerException;
022: import com.uwyn.rife.authentication.remembermanagers.DatabaseRemember;
023: import com.uwyn.rife.authentication.remembermanagers.DatabaseRememberFactory;
024: import com.uwyn.rife.authentication.remembermanagers.RememberManagerFactoryFactory;
025: import com.uwyn.rife.authentication.sessionmanagers.DatabaseSessions;
026: import com.uwyn.rife.authentication.sessionmanagers.DatabaseSessionsFactory;
027: import com.uwyn.rife.authentication.sessionmanagers.SessionManagerFactoryFactory;
028: import com.uwyn.rife.database.Datasource;
029: import com.uwyn.rife.database.Datasources;
030: import com.uwyn.rife.ioc.HierarchicalProperties;
031: import com.uwyn.rife.tools.ExceptionUtils;
032: import com.uwyn.rife.tools.StringEncryptor;
033:
034: public class TestPurgingDatabaseAuthenticated extends
035: TestsuiteDatabaseAuthenticated {
036: private Datasource mDatasource = null;
037:
038: public TestPurgingDatabaseAuthenticated(String datasourceName,
039: int siteType, String name) {
040: super (datasourceName, siteType, name);
041:
042: mDatasource = Datasources.getRepInstance().getDatasource(
043: datasourceName);
044: mProperties = new HierarchicalProperties();
045: mProperties.put("datasource", mDatasource);
046: mProperties
047: .put(
048: SessionManagerFactoryFactory.PROPERTYNAME_FACTORY_CLASS,
049: DatabaseSessionsFactory.class.getName());
050: mProperties
051: .put(
052: RememberManagerFactoryFactory.PROPERTYNAME_FACTORY_CLASS,
053: DatabaseRememberFactory.class.getName());
054: }
055:
056: public void setUp() throws Exception {
057: super .setUp();
058:
059: DatabaseUsers users = DatabaseUsersFactory
060: .getInstance(mDatasource);
061: try {
062: users.install();
063:
064: users.addRole("admin");
065: users.addRole("maint");
066:
067: users.addUser("guest", new RoleUserAttributes(43,
068: "guestpass"));
069: users.addUser("gbevin", new RoleUserAttributes(432,
070: "yeolpass", new String[] { "admin", "maint" }));
071: users.addUser("johndoe", new RoleUserAttributes(174,
072: "thepassofbass", new String[] { "maint" }));
073: users.setPasswordEncryptor(StringEncryptor.SHA);
074: users.addUser("guestencrypted", new RoleUserAttributes(44,
075: "guestpass"));
076: users
077: .addUser("gbevinencrypted", new RoleUserAttributes(
078: 433, "yeolpass", new String[] { "admin",
079: "maint" }));
080: users.setPasswordEncryptor(null);
081: } catch (CredentialsManagerException e) {
082: try {
083: users.remove();
084: } catch (CredentialsManagerException e2) {
085: assertTrue(ExceptionUtils.getExceptionStackTrace(e2),
086: false);
087: }
088: assertTrue(ExceptionUtils.getExceptionStackTrace(e), false);
089: }
090:
091: DatabaseSessions sessions = (DatabaseSessions) SessionManagerFactoryFactory
092: .getManager(mProperties);
093:
094: try {
095: sessions.install();
096: } catch (SessionManagerException e) {
097: try {
098: sessions.remove();
099: } catch (SessionManagerException e2) {
100: assertTrue(ExceptionUtils.getExceptionStackTrace(e2),
101: false);
102: }
103: assertTrue(ExceptionUtils.getExceptionStackTrace(e), false);
104: }
105:
106: DatabaseRemember remember = (DatabaseRemember) RememberManagerFactoryFactory
107: .getManager(mProperties);
108:
109: try {
110: remember.install();
111: } catch (RememberManagerException e) {
112: try {
113: remember.remove();
114: } catch (RememberManagerException e2) {
115: assertTrue(ExceptionUtils.getExceptionStackTrace(e2),
116: false);
117: }
118: assertTrue(ExceptionUtils.getExceptionStackTrace(e), false);
119: }
120: }
121:
122: public void tearDown() throws Exception {
123: DatabaseUsers users = DatabaseUsersFactory
124: .getInstance(mDatasource);
125:
126: try {
127: users.remove();
128: } catch (CredentialsManagerException e) {
129: assertTrue(ExceptionUtils.getExceptionStackTrace(e), false);
130: }
131:
132: DatabaseSessions sessions = (DatabaseSessions) SessionManagerFactoryFactory
133: .getManager(mProperties);
134:
135: try {
136: sessions.remove();
137: } catch (SessionManagerException e) {
138: assertTrue(ExceptionUtils.getExceptionStackTrace(e), false);
139: }
140:
141: DatabaseRemember remember = (DatabaseRemember) RememberManagerFactoryFactory
142: .getManager(mProperties);
143:
144: try {
145: remember.remove();
146: } catch (RememberManagerException e) {
147: assertTrue(ExceptionUtils.getExceptionStackTrace(e), false);
148: }
149:
150: super .tearDown();
151: }
152:
153: public void testPurgingDatabaseAuthenticatedBasic()
154: throws Exception {
155: setupSite("site/authentication_database.xml");
156:
157: WebConversation conversation = new WebConversation();
158: WebRequest request = null;
159: WebResponse response = null;
160: WebForm form = null;
161: String auth_id;
162:
163: request = new GetMethodWebRequest(
164: "http://localhost:8181/authentication/purging/database/basic");
165: response = conversation.getResponse(request);
166: form = response.getForms()[0];
167: form.setParameter("login", "guest");
168: form.setParameter("password", "guestpass");
169: response = form.submit();
170:
171: assertEquals(0, response.getForms().length);
172: auth_id = response.getTitle();
173:
174: assertEquals(1, SessionManagerFactoryFactory.getManager(
175: mProperties).countSessions());
176:
177: request = new GetMethodWebRequest(
178: "http://localhost:8181/authentication/purging/database/basic");
179: response = conversation.getResponse(request);
180: form = response.getForms()[0];
181: form.setParameter("login", "guest");
182: form.setParameter("password", "guestpass");
183: response = form.submit();
184:
185: assertEquals(0, response.getForms().length);
186: auth_id = response.getTitle();
187:
188: assertEquals(2, SessionManagerFactoryFactory.getManager(
189: mProperties).countSessions());
190:
191: try {
192: Thread.sleep(2000);
193: } catch (InterruptedException e) {
194: assertTrue(ExceptionUtils.getExceptionStackTrace(e), false);
195: }
196:
197: request = new GetMethodWebRequest(
198: "http://localhost:8181/authentication/purging/database/basic");
199: request.setParameter("authid", auth_id);
200: response = conversation.getResponse(request);
201:
202: assertEquals(1, response.getForms().length);
203:
204: request = new GetMethodWebRequest(
205: "http://localhost:8181/authentication/purging/database/basic");
206: response = conversation.getResponse(request);
207: form = response.getForms()[0];
208: form.setParameter("login", "guest");
209: form.setParameter("password", "guestpass");
210: response = form.submit();
211:
212: assertEquals(0, response.getForms().length);
213:
214: assertEquals(1, SessionManagerFactoryFactory.getManager(
215: mProperties).countSessions());
216: }
217:
218: public void testPurgingDatabaseAuthenticatedEncrypted()
219: throws Exception {
220: setupSite("site/authentication_database.xml");
221:
222: WebConversation conversation = new WebConversation();
223: WebRequest request = null;
224: WebResponse response = null;
225: WebForm form = null;
226:
227: request = new GetMethodWebRequest(
228: "http://localhost:8181/authentication/purging/database/encrypted");
229: response = conversation.getResponse(request);
230: form = response.getForms()[0];
231: form.setParameter("login", "guestencrypted");
232: form.setParameter("password", "guestpass");
233: response = form.submit();
234:
235: assertEquals(0, response.getForms().length);
236:
237: request = new GetMethodWebRequest(
238: "http://localhost:8181/authentication/purging/database/encrypted");
239: response = conversation.getResponse(request);
240: form = response.getForms()[0];
241: form.setParameter("login", "gbevinencrypted");
242: form.setParameter("password", "yeolpass");
243: response = form.submit();
244:
245: assertEquals(0, response.getForms().length);
246:
247: request = new GetMethodWebRequest(
248: "http://localhost:8181/authentication/purging/database/encrypted");
249: response = conversation.getResponse(request);
250: form = response.getForms()[0];
251: form.setParameter("login", "guest");
252: form.setParameter("password", "guestpass");
253: response = form.submit();
254:
255: assertEquals(1, response.getForms().length);
256:
257: request = new GetMethodWebRequest(
258: "http://localhost:8181/authentication/purging/database/encrypted");
259: response = conversation.getResponse(request);
260: form = response.getForms()[0];
261: form.setParameter("login", "gbevin");
262: form.setParameter("password", "yeolpass");
263: response = form.submit();
264:
265: assertEquals(1, response.getForms().length);
266:
267: request = new GetMethodWebRequest(
268: "http://localhost:8181/authentication/purging/database/encrypted");
269: response = conversation.getResponse(request);
270: form = response.getForms()[0];
271: form.setParameter("login", "invalid");
272: form.setParameter("password", "invalid");
273: response = form.submit();
274:
275: assertEquals(1, response.getForms().length);
276: }
277:
278: public void testPurgingDatabaseAuthenticatedRemember()
279: throws Exception {
280: setupSite("site/authentication_database.xml");
281:
282: WebConversation conversation = new WebConversation();
283: WebRequest request = null;
284: WebResponse response = null;
285: WebForm form = null;
286:
287: // try the remember feature
288: request = new GetMethodWebRequest(
289: "http://localhost:8181/authentication/purging/database/remember");
290: response = conversation.getResponse(request);
291:
292: assertEquals(1, response.getForms().length);
293:
294: // indicate that the authentication should be remembered
295: request = new GetMethodWebRequest(
296: "http://localhost:8181/authentication/purging/database/remember");
297: response = conversation.getResponse(request);
298: form = response.getForms()[0];
299: form.setParameter("login", "guest");
300: form.setParameter("password", "guestpass");
301: form.setCheckbox("remember", true);
302: response = form.submit();
303: assertNull(conversation.getCookieValue("authid"));
304: assertNotNull(conversation.getCookieValue("rememberid"));
305: assertEquals(0, response.getForms().length);
306:
307: // check that the remember cookie works
308: request = new GetMethodWebRequest(
309: "http://localhost:8181/authentication/purging/database/remember");
310: response = conversation.getResponse(request);
311: assertNotNull(conversation.getCookieValue("rememberid"));
312: String rememberid1 = conversation.getCookieValue("rememberid");
313: assertEquals(0, response.getForms().length);
314:
315: // wait a while
316: try {
317: Thread.sleep(2000);
318: } catch (InterruptedException e) {
319: assertTrue(ExceptionUtils.getExceptionStackTrace(e), false);
320: }
321:
322: // create a new remember id
323: conversation = new WebConversation();
324: request = new GetMethodWebRequest(
325: "http://localhost:8181/authentication/purging/database/remember");
326: response = conversation.getResponse(request);
327: form = response.getForms()[0];
328: form.setParameter("login", "guest");
329: form.setParameter("password", "guestpass");
330: form.setCheckbox("remember", true);
331: response = form.submit();
332: String rememberid3 = conversation.getCookieValue("rememberid");
333: assertEquals(0, response.getForms().length);
334:
335: // check that the previous remember id has been purged
336: conversation = new WebConversation();
337: conversation.addCookie("rememberid", rememberid1);
338: request = new GetMethodWebRequest(
339: "http://localhost:8181/authentication/purging/database/remember");
340: response = conversation.getResponse(request);
341: assertEquals(1, response.getForms().length);
342:
343: // check that the new remember id has not been purged
344: conversation = new WebConversation();
345: conversation.addCookie("rememberid", rememberid3);
346: request = new GetMethodWebRequest(
347: "http://localhost:8181/authentication/purging/database/remember");
348: response = conversation.getResponse(request);
349: assertEquals(0, response.getForms().length);
350: }
351: }
|