From 1db622dead93599a01e7a03e6cb39ddb1ca7d40d Mon Sep 17 00:00:00 2001 From: Cleverson Sacramento Date: Fri, 22 Aug 2014 07:13:57 -0300 Subject: [PATCH] Movendo o BasiFilter e seus testes da extensão servlet para a rest --- impl/extension/rest/src/test/arquillian.xml | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/domain.xml | 417 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/java/security/authentication/basic/HelperServlet.java | 30 ++++++++++++++++++++++++++++++ impl/extension/rest/src/test/java/test/Tests.java | 118 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/login.conf | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/resources/arquillian.xml | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/resources/domain.xml | 417 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/resources/keyfile | 1 + impl/extension/rest/src/test/resources/login.conf | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/resources/security/authentication/basic/web.xml | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/resources/test/beans.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/test/test/beans.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/servlet/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java | 84 ------------------------------------------------------------------------------------ impl/extension/servlet/src/test/java/security/authentication/basic/HelperServlet.java | 30 ------------------------------ impl/extension/servlet/src/test/resources/security/authentication/basic/web.xml | 70 ---------------------------------------------------------------------- 16 files changed, 1485 insertions(+), 184 deletions(-) create mode 100644 impl/extension/rest/src/test/arquillian.xml create mode 100644 impl/extension/rest/src/test/domain.xml create mode 100644 impl/extension/rest/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java create mode 100644 impl/extension/rest/src/test/java/security/authentication/basic/HelperServlet.java create mode 100644 impl/extension/rest/src/test/java/test/Tests.java create mode 100644 impl/extension/rest/src/test/login.conf create mode 100644 impl/extension/rest/src/test/resources/arquillian.xml create mode 100644 impl/extension/rest/src/test/resources/domain.xml create mode 100644 impl/extension/rest/src/test/resources/keyfile create mode 100644 impl/extension/rest/src/test/resources/login.conf create mode 100644 impl/extension/rest/src/test/resources/security/authentication/basic/web.xml create mode 100644 impl/extension/rest/src/test/resources/test/beans.xml create mode 100644 impl/extension/rest/src/test/test/beans.xml delete mode 100644 impl/extension/servlet/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java delete mode 100644 impl/extension/servlet/src/test/java/security/authentication/basic/HelperServlet.java delete mode 100644 impl/extension/servlet/src/test/resources/security/authentication/basic/web.xml diff --git a/impl/extension/rest/src/test/arquillian.xml b/impl/extension/rest/src/test/arquillian.xml new file mode 100644 index 0000000..f9f6efa --- /dev/null +++ b/impl/extension/rest/src/test/arquillian.xml @@ -0,0 +1,66 @@ + + + + + + target/deployments + + + + + + + src/test/resources/domain.xml + + + + + diff --git a/impl/extension/rest/src/test/domain.xml b/impl/extension/rest/src/test/domain.xml new file mode 100644 index 0000000..f96f5eb --- /dev/null +++ b/impl/extension/rest/src/test/domain.xml @@ -0,0 +1,417 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -XX:MaxPermSize=192m + -XX:PermSize=64m + -client + -Djava.awt.headless=true + -Djavax.management.builder.initial=com.sun.enterprise.v3.admin.AppServerMBeanServerBuilder + -XX:+UnlockDiagnosticVMOptions + -Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed + -Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy + -Djava.security.auth.login.config=src/test/resources/login.conf + -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as + -Xmx512m + -Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks + -Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks + -Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext + -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver + -DANTLR_USE_DIRECT_CLASS_LOADING=true + -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory + -Dosgi.shell.telnet.port=6666 + -Dosgi.shell.telnet.maxconn=1 + -Dosgi.shell.telnet.ip=127.0.0.1 + -Dgosh.args=--nointeractive + -Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/ + -Dfelix.fileinstall.poll=5000 + -Dfelix.fileinstall.log.level=2 + -Dfelix.fileinstall.bundles.new.start=true + -Dfelix.fileinstall.bundles.startTransient=true + -Dfelix.fileinstall.disableConfigSave=false + -XX:NewRatio=2 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -XX:MaxPermSize=192m + -XX:PermSize=64m + -server + -Djava.awt.headless=true + -XX:+UnlockDiagnosticVMOptions + -Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed + -Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy + -Djava.security.auth.login.config=src/test/resources/login.conf + -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as + -Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks + -Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks + -Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext + -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver + -DANTLR_USE_DIRECT_CLASS_LOADING=true + -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory + -XX:NewRatio=2 + -Xmx512m + -Dosgi.shell.telnet.port=${OSGI_SHELL_TELNET_PORT} + -Dosgi.shell.telnet.maxconn=1 + -Dosgi.shell.telnet.ip=127.0.0.1 + -Dgosh.args=--noshutdown -c noop=true + -Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/ + -Dfelix.fileinstall.poll=5000 + -Dfelix.fileinstall.log.level=3 + -Dfelix.fileinstall.bundles.new.start=true + -Dfelix.fileinstall.bundles.startTransient=true + -Dfelix.fileinstall.disableConfigSave=false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/impl/extension/rest/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java b/impl/extension/rest/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java new file mode 100644 index 0000000..7c9a6be --- /dev/null +++ b/impl/extension/rest/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java @@ -0,0 +1,84 @@ +package security.authentication.basic; + +import static org.apache.http.HttpStatus.SC_UNAUTHORIZED; +import static org.apache.http.HttpStatus.SC_FORBIDDEN; +import static org.apache.http.HttpStatus.SC_OK; +import static org.junit.Assert.assertEquals; + +import java.io.IOException; +import java.net.URL; + +import org.apache.commons.codec.binary.Base64; +import org.apache.http.HttpEntity; +import org.apache.http.HttpResponse; +import org.apache.http.client.ClientProtocolException; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.jboss.arquillian.container.test.api.Deployment; +import org.jboss.arquillian.junit.Arquillian; +import org.jboss.arquillian.test.api.ArquillianResource; +import org.jboss.shrinkwrap.api.spec.WebArchive; +import org.junit.Test; +import org.junit.runner.RunWith; + +import test.Tests; + +@RunWith(Arquillian.class) +public class BasicAuthenticationFilterTest { + + private static final String PATH = "src/test/resources/security/authentication/basic"; + + @ArquillianResource + private URL deploymentUrl; + + @Deployment(testable = false) + public static WebArchive createDeployment() { + return Tests.createDeployment().addClasses(BasicAuthenticationFilterTest.class) + .addAsWebInfResource(Tests.createFileAsset(PATH + "/web.xml"), "web.xml"); + } + + @Test + public void loginSucessfull() throws ClientProtocolException, IOException { + CloseableHttpClient client = HttpClientBuilder.create().build(); + HttpGet get; + HttpResponse response; + int status; + + String username = "demoiselle"; + String password = "changeit"; + get = new HttpGet(deploymentUrl + "/helper"); + byte[] encoded = Base64.encodeBase64((username + ":" + password).getBytes()); + get.setHeader("Authorization", "Basic " + new String(encoded)); + response = client.execute(get); + status = response.getStatusLine().getStatusCode(); + assertEquals(SC_OK, status); + + get = new HttpGet(deploymentUrl + "/helper"); + response = client.execute(get); + status = response.getStatusLine().getStatusCode(); + assertEquals(SC_FORBIDDEN, status); + } + + @Test + public void loginFailed() throws ClientProtocolException, IOException { + String username = "invalid"; + String password = "invalid"; + + + HttpPost x = new HttpPost(); + x.setEntity(null); + + //HttpEntity entity + + HttpGet get = new HttpGet(deploymentUrl + "/helper"); + byte[] encoded = Base64.encodeBase64((username + ":" + password).getBytes()); + get.setHeader("Authorization", "Basic " + new String(encoded)); + + HttpResponse response = HttpClientBuilder.create().build().execute(get); + + int status = response.getStatusLine().getStatusCode(); + assertEquals(SC_UNAUTHORIZED, status); + } +} diff --git a/impl/extension/rest/src/test/java/security/authentication/basic/HelperServlet.java b/impl/extension/rest/src/test/java/security/authentication/basic/HelperServlet.java new file mode 100644 index 0000000..8e1456e --- /dev/null +++ b/impl/extension/rest/src/test/java/security/authentication/basic/HelperServlet.java @@ -0,0 +1,30 @@ +package security.authentication.basic; + +import static org.apache.http.HttpStatus.SC_FORBIDDEN; +import static org.apache.http.HttpStatus.SC_OK; + +import java.io.IOException; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import br.gov.frameworkdemoiselle.security.SecurityContext; +import br.gov.frameworkdemoiselle.util.Beans; + +public class HelperServlet extends HttpServlet { + + private static final long serialVersionUID = 1L; + + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + boolean loggedIn = Beans.getReference(SecurityContext.class).isLoggedIn(); + + if (loggedIn) { + response.setStatus(SC_OK); + } else { + response.setStatus(SC_FORBIDDEN); + } + } +} diff --git a/impl/extension/rest/src/test/java/test/Tests.java b/impl/extension/rest/src/test/java/test/Tests.java new file mode 100644 index 0000000..adeee97 --- /dev/null +++ b/impl/extension/rest/src/test/java/test/Tests.java @@ -0,0 +1,118 @@ +/* + * Demoiselle Framework + * Copyright (C) 2010 SERPRO + * ---------------------------------------------------------------------------- + * This file is part of Demoiselle Framework. + * + * Demoiselle Framework is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License version 3 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License version 3 + * along with this program; if not, see + * or write to the Free Software Foundation, Inc., 51 Franklin Street, + * Fifth Floor, Boston, MA 02110-1301, USA. + * ---------------------------------------------------------------------------- + * Este arquivo é parte do Framework Demoiselle. + * + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação + * do Software Livre (FSF). + * + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português + * para maiores detalhes. + * + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título + * "LICENCA.txt", junto com esse programa. Se não, acesse + * ou escreva para a Fundação do Software Livre (FSF) Inc., + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. + */ +package test; + +import java.io.File; + +import org.jboss.shrinkwrap.api.ShrinkWrap; +import org.jboss.shrinkwrap.api.asset.FileAsset; +import org.jboss.shrinkwrap.api.spec.WebArchive; +import org.jboss.shrinkwrap.resolver.api.maven.Maven; +import org.junit.Ignore; + +import br.gov.frameworkdemoiselle.BadRequestException; +import br.gov.frameworkdemoiselle.ForbiddenException; +import br.gov.frameworkdemoiselle.HttpViolationException; +import br.gov.frameworkdemoiselle.InternalServerErrorException; +import br.gov.frameworkdemoiselle.NotFoundException; +import br.gov.frameworkdemoiselle.ServiceUnavailableException; +import br.gov.frameworkdemoiselle.UnprocessableEntityException; +import br.gov.frameworkdemoiselle.internal.implementation.AuthenticationExceptionMapper; +import br.gov.frameworkdemoiselle.internal.implementation.AuthorizationExceptionMapper; +import br.gov.frameworkdemoiselle.internal.implementation.ConstraintViolationExceptionMapper; +import br.gov.frameworkdemoiselle.internal.implementation.DefaultExceptionMapper; +import br.gov.frameworkdemoiselle.internal.implementation.HttpViolationExceptionMapper; +import br.gov.frameworkdemoiselle.internal.implementation.NotLoggedInExceptionMapper; +import br.gov.frameworkdemoiselle.internal.implementation.SessionNotPermittedListener; +import br.gov.frameworkdemoiselle.security.AbstractHTTPAuthorizationFilter; +import br.gov.frameworkdemoiselle.security.BasicAuthFilter; +import br.gov.frameworkdemoiselle.security.RESTSecurityConfig; +import br.gov.frameworkdemoiselle.security.Token; +//import br.gov.frameworkdemoiselle.util.BasicAuthFilter; +import br.gov.frameworkdemoiselle.security.TokenAuthFilter; +import br.gov.frameworkdemoiselle.util.Rests; +import br.gov.frameworkdemoiselle.util.ValidatePayload; +import br.gov.frameworkdemoiselle.util.ValidatePayloadInterceptor; + +@Ignore +public final class Tests { + + private Tests() { + } + + public static WebArchive createDeployment(final Class baseClass) { + return createDeployment().addPackages(true, baseClass.getPackage()).addClass(Tests.class); + } + + public static WebArchive createDeployment() { + File[] libs = Maven.resolver().offline().loadPomFromFile("pom.xml", "arquillian-test") + .importCompileAndRuntimeDependencies().resolve().withTransitivity().asFile(); + + return ShrinkWrap + .create(WebArchive.class) + .addClass(BadRequestException.class) + .addClass(ForbiddenException.class) + .addClass(HttpViolationException.class) + .addClass(InternalServerErrorException.class) + .addClass(NotFoundException.class) + .addClass(ServiceUnavailableException.class) + .addClass(UnprocessableEntityException.class) + .addClass(AuthenticationExceptionMapper.class) + .addClass(AuthorizationExceptionMapper.class) + .addClass(ConstraintViolationExceptionMapper.class) + .addClass(DefaultExceptionMapper.class) + .addClass(HttpViolationExceptionMapper.class) + .addClass(NotLoggedInExceptionMapper.class) + .addClass(SessionNotPermittedListener.class) + .addClass(AbstractHTTPAuthorizationFilter.class) + .addClass(BasicAuthFilter.class) + .addClass(RESTSecurityConfig.class) + .addClass(Token.class) + .addClass(TokenAuthFilter.class) + .addClass(Rests.class) + .addClass(ValidatePayload.class) + .addClass(ValidatePayloadInterceptor.class) + .addAsResource(createFileAsset("src/main/resources/demoiselle-rest-bundle.properties"), + "demoiselle-rest-bundle.properties") + .addAsWebInfResource(createFileAsset("src/test/resources/test/beans.xml"), "beans.xml") + .addAsLibraries(libs); + } + + public static FileAsset createFileAsset(final String pathname) { + return new FileAsset(new File(pathname)); + } +} diff --git a/impl/extension/rest/src/test/login.conf b/impl/extension/rest/src/test/login.conf new file mode 100644 index 0000000..2d9f91d --- /dev/null +++ b/impl/extension/rest/src/test/login.conf @@ -0,0 +1,61 @@ +/* + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. + * + * Copyright (c) 2004-2010 Oracle and/or its affiliates. All rights reserved. + * + * The contents of this file are subject to the terms of either the GNU + * General Public License Version 2 only ("GPL") or the Common Development + * and Distribution License("CDDL") (collectively, the "License"). You + * may not use this file except in compliance with the License. You can + * obtain a copy of the License at + * https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html + * or packager/legal/LICENSE.txt. See the License for the specific + * language governing permissions and limitations under the License. + * + * When distributing the software, include this License Header Notice in each + * file and include the License file at packager/legal/LICENSE.txt. + * + * GPL Classpath Exception: + * Oracle designates this particular file as subject to the "Classpath" + * exception as provided by Oracle in the GPL Version 2 section of the License + * file that accompanied this code. + * + * Modifications: + * If applicable, add the following below the License Header, with the fields + * enclosed by brackets [] replaced by your own identifying information: + * "Portions Copyright [year] [name of copyright owner]" + * + * Contributor(s): + * If you wish your version of this file to be governed by only the CDDL or + * only the GPL Version 2, indicate your decision by adding "[Contributor] + * elects to include this software in this distribution under the [CDDL or GPL + * Version 2] license." If you don't indicate a single choice of license, a + * recipient has the option to distribute your version of this file under + * either the CDDL, the GPL Version 2 or to extend the choice of license to + * its licensees as provided above. However, if you add GPL Version 2 code + * and therefore, elected the GPL Version 2 license, then the option applies + * only if the new code is made subject to such option by the copyright + * holder. + */ + +fileRealm { + com.sun.enterprise.security.auth.login.FileLoginModule required; +}; + +ldapRealm { + com.sun.enterprise.security.auth.login.LDAPLoginModule required; +}; + +solarisRealm { + com.sun.enterprise.security.auth.login.SolarisLoginModule required; +}; + +jdbcRealm { + com.sun.enterprise.security.auth.login.JDBCLoginModule required; +}; +jdbcDigestRealm { + com.sun.enterprise.security.auth.login.JDBCDigestLoginModule required; +}; +pamRealm { + com.sun.enterprise.security.auth.login.PamLoginModule required; +}; diff --git a/impl/extension/rest/src/test/resources/arquillian.xml b/impl/extension/rest/src/test/resources/arquillian.xml new file mode 100644 index 0000000..f9f6efa --- /dev/null +++ b/impl/extension/rest/src/test/resources/arquillian.xml @@ -0,0 +1,66 @@ + + + + + + target/deployments + + + + + + + src/test/resources/domain.xml + + + + + diff --git a/impl/extension/rest/src/test/resources/domain.xml b/impl/extension/rest/src/test/resources/domain.xml new file mode 100644 index 0000000..f96f5eb --- /dev/null +++ b/impl/extension/rest/src/test/resources/domain.xml @@ -0,0 +1,417 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -XX:MaxPermSize=192m + -XX:PermSize=64m + -client + -Djava.awt.headless=true + -Djavax.management.builder.initial=com.sun.enterprise.v3.admin.AppServerMBeanServerBuilder + -XX:+UnlockDiagnosticVMOptions + -Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed + -Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy + -Djava.security.auth.login.config=src/test/resources/login.conf + -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as + -Xmx512m + -Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks + -Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks + -Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext + -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver + -DANTLR_USE_DIRECT_CLASS_LOADING=true + -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory + -Dosgi.shell.telnet.port=6666 + -Dosgi.shell.telnet.maxconn=1 + -Dosgi.shell.telnet.ip=127.0.0.1 + -Dgosh.args=--nointeractive + -Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/ + -Dfelix.fileinstall.poll=5000 + -Dfelix.fileinstall.log.level=2 + -Dfelix.fileinstall.bundles.new.start=true + -Dfelix.fileinstall.bundles.startTransient=true + -Dfelix.fileinstall.disableConfigSave=false + -XX:NewRatio=2 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -XX:MaxPermSize=192m + -XX:PermSize=64m + -server + -Djava.awt.headless=true + -XX:+UnlockDiagnosticVMOptions + -Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed + -Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy + -Djava.security.auth.login.config=src/test/resources/login.conf + -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as + -Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks + -Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks + -Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext + -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver + -DANTLR_USE_DIRECT_CLASS_LOADING=true + -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory + -XX:NewRatio=2 + -Xmx512m + -Dosgi.shell.telnet.port=${OSGI_SHELL_TELNET_PORT} + -Dosgi.shell.telnet.maxconn=1 + -Dosgi.shell.telnet.ip=127.0.0.1 + -Dgosh.args=--noshutdown -c noop=true + -Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/ + -Dfelix.fileinstall.poll=5000 + -Dfelix.fileinstall.log.level=3 + -Dfelix.fileinstall.bundles.new.start=true + -Dfelix.fileinstall.bundles.startTransient=true + -Dfelix.fileinstall.disableConfigSave=false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/impl/extension/rest/src/test/resources/keyfile b/impl/extension/rest/src/test/resources/keyfile new file mode 100644 index 0000000..1049bc9 --- /dev/null +++ b/impl/extension/rest/src/test/resources/keyfile @@ -0,0 +1 @@ +demoiselle;{SSHA256}yuPqrU5lEMJR0I4qNaegEK9hd5afM0Yo3rnLgYY7Sw0MlUFhbj9EmQ==;users diff --git a/impl/extension/rest/src/test/resources/login.conf b/impl/extension/rest/src/test/resources/login.conf new file mode 100644 index 0000000..2d9f91d --- /dev/null +++ b/impl/extension/rest/src/test/resources/login.conf @@ -0,0 +1,61 @@ +/* + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. + * + * Copyright (c) 2004-2010 Oracle and/or its affiliates. All rights reserved. + * + * The contents of this file are subject to the terms of either the GNU + * General Public License Version 2 only ("GPL") or the Common Development + * and Distribution License("CDDL") (collectively, the "License"). You + * may not use this file except in compliance with the License. You can + * obtain a copy of the License at + * https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html + * or packager/legal/LICENSE.txt. See the License for the specific + * language governing permissions and limitations under the License. + * + * When distributing the software, include this License Header Notice in each + * file and include the License file at packager/legal/LICENSE.txt. + * + * GPL Classpath Exception: + * Oracle designates this particular file as subject to the "Classpath" + * exception as provided by Oracle in the GPL Version 2 section of the License + * file that accompanied this code. + * + * Modifications: + * If applicable, add the following below the License Header, with the fields + * enclosed by brackets [] replaced by your own identifying information: + * "Portions Copyright [year] [name of copyright owner]" + * + * Contributor(s): + * If you wish your version of this file to be governed by only the CDDL or + * only the GPL Version 2, indicate your decision by adding "[Contributor] + * elects to include this software in this distribution under the [CDDL or GPL + * Version 2] license." If you don't indicate a single choice of license, a + * recipient has the option to distribute your version of this file under + * either the CDDL, the GPL Version 2 or to extend the choice of license to + * its licensees as provided above. However, if you add GPL Version 2 code + * and therefore, elected the GPL Version 2 license, then the option applies + * only if the new code is made subject to such option by the copyright + * holder. + */ + +fileRealm { + com.sun.enterprise.security.auth.login.FileLoginModule required; +}; + +ldapRealm { + com.sun.enterprise.security.auth.login.LDAPLoginModule required; +}; + +solarisRealm { + com.sun.enterprise.security.auth.login.SolarisLoginModule required; +}; + +jdbcRealm { + com.sun.enterprise.security.auth.login.JDBCLoginModule required; +}; +jdbcDigestRealm { + com.sun.enterprise.security.auth.login.JDBCDigestLoginModule required; +}; +pamRealm { + com.sun.enterprise.security.auth.login.PamLoginModule required; +}; diff --git a/impl/extension/rest/src/test/resources/security/authentication/basic/web.xml b/impl/extension/rest/src/test/resources/security/authentication/basic/web.xml new file mode 100644 index 0000000..f168923 --- /dev/null +++ b/impl/extension/rest/src/test/resources/security/authentication/basic/web.xml @@ -0,0 +1,70 @@ + + + + + br.gov.frameworkdemoiselle.util.ServletListener + + + + Demoiselle Servlet Filter + br.gov.frameworkdemoiselle.util.ServletFilter + + + Demoiselle Servlet Filter + /* + + + + Demoiselle BasicAuth Filter + br.gov.frameworkdemoiselle.security.BasicAuthFilter + + + Demoiselle BasicAuth Filter + /* + + + + Helper Servlet + security.authentication.basic.HelperServlet + + + Helper Servlet + /helper + + \ No newline at end of file diff --git a/impl/extension/rest/src/test/resources/test/beans.xml b/impl/extension/rest/src/test/resources/test/beans.xml new file mode 100644 index 0000000..2bb9523 --- /dev/null +++ b/impl/extension/rest/src/test/resources/test/beans.xml @@ -0,0 +1,47 @@ + + + + + br.gov.frameworkdemoiselle.transaction.TransactionalInterceptor + br.gov.frameworkdemoiselle.security.RequiredPermissionInterceptor + br.gov.frameworkdemoiselle.security.RequiredRoleInterceptor + br.gov.frameworkdemoiselle.exception.ExceptionHandlerInterceptor + + + diff --git a/impl/extension/rest/src/test/test/beans.xml b/impl/extension/rest/src/test/test/beans.xml new file mode 100644 index 0000000..2bb9523 --- /dev/null +++ b/impl/extension/rest/src/test/test/beans.xml @@ -0,0 +1,47 @@ + + + + + br.gov.frameworkdemoiselle.transaction.TransactionalInterceptor + br.gov.frameworkdemoiselle.security.RequiredPermissionInterceptor + br.gov.frameworkdemoiselle.security.RequiredRoleInterceptor + br.gov.frameworkdemoiselle.exception.ExceptionHandlerInterceptor + + + diff --git a/impl/extension/servlet/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java b/impl/extension/servlet/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java deleted file mode 100644 index 7c9a6be..0000000 --- a/impl/extension/servlet/src/test/java/security/authentication/basic/BasicAuthenticationFilterTest.java +++ /dev/null @@ -1,84 +0,0 @@ -package security.authentication.basic; - -import static org.apache.http.HttpStatus.SC_UNAUTHORIZED; -import static org.apache.http.HttpStatus.SC_FORBIDDEN; -import static org.apache.http.HttpStatus.SC_OK; -import static org.junit.Assert.assertEquals; - -import java.io.IOException; -import java.net.URL; - -import org.apache.commons.codec.binary.Base64; -import org.apache.http.HttpEntity; -import org.apache.http.HttpResponse; -import org.apache.http.client.ClientProtocolException; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClientBuilder; -import org.jboss.arquillian.container.test.api.Deployment; -import org.jboss.arquillian.junit.Arquillian; -import org.jboss.arquillian.test.api.ArquillianResource; -import org.jboss.shrinkwrap.api.spec.WebArchive; -import org.junit.Test; -import org.junit.runner.RunWith; - -import test.Tests; - -@RunWith(Arquillian.class) -public class BasicAuthenticationFilterTest { - - private static final String PATH = "src/test/resources/security/authentication/basic"; - - @ArquillianResource - private URL deploymentUrl; - - @Deployment(testable = false) - public static WebArchive createDeployment() { - return Tests.createDeployment().addClasses(BasicAuthenticationFilterTest.class) - .addAsWebInfResource(Tests.createFileAsset(PATH + "/web.xml"), "web.xml"); - } - - @Test - public void loginSucessfull() throws ClientProtocolException, IOException { - CloseableHttpClient client = HttpClientBuilder.create().build(); - HttpGet get; - HttpResponse response; - int status; - - String username = "demoiselle"; - String password = "changeit"; - get = new HttpGet(deploymentUrl + "/helper"); - byte[] encoded = Base64.encodeBase64((username + ":" + password).getBytes()); - get.setHeader("Authorization", "Basic " + new String(encoded)); - response = client.execute(get); - status = response.getStatusLine().getStatusCode(); - assertEquals(SC_OK, status); - - get = new HttpGet(deploymentUrl + "/helper"); - response = client.execute(get); - status = response.getStatusLine().getStatusCode(); - assertEquals(SC_FORBIDDEN, status); - } - - @Test - public void loginFailed() throws ClientProtocolException, IOException { - String username = "invalid"; - String password = "invalid"; - - - HttpPost x = new HttpPost(); - x.setEntity(null); - - //HttpEntity entity - - HttpGet get = new HttpGet(deploymentUrl + "/helper"); - byte[] encoded = Base64.encodeBase64((username + ":" + password).getBytes()); - get.setHeader("Authorization", "Basic " + new String(encoded)); - - HttpResponse response = HttpClientBuilder.create().build().execute(get); - - int status = response.getStatusLine().getStatusCode(); - assertEquals(SC_UNAUTHORIZED, status); - } -} diff --git a/impl/extension/servlet/src/test/java/security/authentication/basic/HelperServlet.java b/impl/extension/servlet/src/test/java/security/authentication/basic/HelperServlet.java deleted file mode 100644 index 8e1456e..0000000 --- a/impl/extension/servlet/src/test/java/security/authentication/basic/HelperServlet.java +++ /dev/null @@ -1,30 +0,0 @@ -package security.authentication.basic; - -import static org.apache.http.HttpStatus.SC_FORBIDDEN; -import static org.apache.http.HttpStatus.SC_OK; - -import java.io.IOException; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import br.gov.frameworkdemoiselle.security.SecurityContext; -import br.gov.frameworkdemoiselle.util.Beans; - -public class HelperServlet extends HttpServlet { - - private static final long serialVersionUID = 1L; - - @Override - protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - boolean loggedIn = Beans.getReference(SecurityContext.class).isLoggedIn(); - - if (loggedIn) { - response.setStatus(SC_OK); - } else { - response.setStatus(SC_FORBIDDEN); - } - } -} diff --git a/impl/extension/servlet/src/test/resources/security/authentication/basic/web.xml b/impl/extension/servlet/src/test/resources/security/authentication/basic/web.xml deleted file mode 100644 index de63266..0000000 --- a/impl/extension/servlet/src/test/resources/security/authentication/basic/web.xml +++ /dev/null @@ -1,70 +0,0 @@ - - - - - br.gov.frameworkdemoiselle.util.ServletListener - - - - Demoiselle Servlet Filter - br.gov.frameworkdemoiselle.util.ServletFilter - - - Demoiselle Servlet Filter - /* - - - - Demoiselle BasicAuth Filter - br.gov.frameworkdemoiselle.util.BasicAuthFilter - - - Demoiselle BasicAuth Filter - /* - - - - Helper Servlet - security.authentication.basic.HelperServlet - - - Helper Servlet - /helper - - \ No newline at end of file -- libgit2 0.21.2