private void setUpDigest(Tomcat tomcat) throws Exception { // No file system docBase required Context ctxt = tomcat.addContext(CONTEXT_PATH_DIGEST, null); ctxt.setSessionTimeout(SHORT_TIMEOUT_SECS); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet3", new TesterServlet()); ctxt.addServletMapping(URI_PROTECTED, "TesterServlet3"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI_PROTECTED); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctxt.addConstraint(sc); // Configure the appropriate authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("DIGEST"); ctxt.setLoginConfig(lc); ctxt.getPipeline().addValve(new DigestAuthenticator()); }
private void setUpDigest(Tomcat tomcat) throws Exception { // Must have a real docBase for webapps - just use temp Context ctxt = tomcat.addContext(CONTEXT_PATH_DIGEST, System.getProperty("java.io.tmpdir")); ctxt.setSessionTimeout(SHORT_TIMEOUT_SECS); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet3", new TesterServlet()); ctxt.addServletMapping(URI_PROTECTED, "TesterServlet3"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI_PROTECTED); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctxt.addConstraint(sc); // Configure the appropriate authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("DIGEST"); ctxt.setLoginConfig(lc); ctxt.getPipeline().addValve(new DigestAuthenticator()); }
@Test public void testStop() throws Exception { Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context root = tomcat.addContext("", null); Wrapper w = Tomcat.addServlet(root, "tester", new TesterServlet()); w.setAsyncSupported(true); root.addServletMapping("/", "tester"); Connector connector = tomcat.getConnector(); tomcat.start(); ByteChunk bc = new ByteChunk(); int rc = getUrl("http://localhost:" + getPort() + "/", bc, null, null); assertEquals(200, rc); assertEquals("OK", bc.toString()); rc = -1; bc.recycle(); connector.stop(); try { rc = getUrl("http://localhost:" + getPort() + "/", bc, 1000, null, null); } catch (SocketTimeoutException ste) { // May also see this with NIO // Make sure the test passes if we do rc = 503; } assertEquals(503, rc); }
private void setUpNonLogin(Tomcat tomcat) throws Exception { // No file system docBase required Context ctxt = tomcat.addContext(CONTEXT_PATH_NOLOGIN, null); ctxt.setSessionTimeout(LONG_TIMEOUT_SECS); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet1", new TesterServlet()); ctxt.addServletMapping(URI_PROTECTED, "TesterServlet1"); SecurityCollection collection1 = new SecurityCollection(); collection1.addPattern(URI_PROTECTED); SecurityConstraint sc1 = new SecurityConstraint(); sc1.addAuthRole(ROLE); sc1.addCollection(collection1); ctxt.addConstraint(sc1); // Add unprotected servlet Tomcat.addServlet(ctxt, "TesterServlet2", new TesterServlet()); ctxt.addServletMapping(URI_PUBLIC, "TesterServlet2"); SecurityCollection collection2 = new SecurityCollection(); collection2.addPattern(URI_PUBLIC); SecurityConstraint sc2 = new SecurityConstraint(); // do not add a role - which signals access permitted without one sc2.addCollection(collection2); ctxt.addConstraint(sc2); // Configure the appropriate authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("NONE"); ctxt.setLoginConfig(lc); ctxt.getPipeline().addValve(new NonLoginAuthenticator()); }
private void setUpNonLogin() throws Exception { // No file system docBase required nonloginContext = tomcat.addContext(CONTEXT_PATH_NOLOGIN, null); nonloginContext.setSessionTimeout(LONG_SESSION_TIMEOUT_MINS); // Add protected servlet to the context Tomcat.addServlet(nonloginContext, "TesterServlet1", new TesterServlet()); nonloginContext.addServletMapping(URI_PROTECTED, "TesterServlet1"); SecurityCollection collection1 = new SecurityCollection(); collection1.addPattern(URI_PROTECTED); SecurityConstraint sc1 = new SecurityConstraint(); sc1.addAuthRole(ROLE); sc1.addCollection(collection1); nonloginContext.addConstraint(sc1); // Add unprotected servlet to the context Tomcat.addServlet(nonloginContext, "TesterServlet2", new TesterServlet()); nonloginContext.addServletMapping(URI_PUBLIC, "TesterServlet2"); SecurityCollection collection2 = new SecurityCollection(); collection2.addPattern(URI_PUBLIC); SecurityConstraint sc2 = new SecurityConstraint(); // do not add a role - which signals access permitted without one sc2.addCollection(collection2); nonloginContext.addConstraint(sc2); // Configure the authenticator and inherit the Realm from Engine LoginConfig lc = new LoginConfig(); lc.setAuthMethod("NONE"); nonloginContext.setLoginConfig(lc); AuthenticatorBase nonloginAuthenticator = new NonLoginAuthenticator(); nonloginContext.getPipeline().addValve(nonloginAuthenticator); }
private void setUpLogin() throws Exception { // No file system docBase required basicContext = tomcat.addContext(CONTEXT_PATH_LOGIN, null); basicContext.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS); // Add protected servlet to the context Tomcat.addServlet(basicContext, "TesterServlet3", new TesterServlet()); basicContext.addServletMapping(URI_PROTECTED, "TesterServlet3"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI_PROTECTED); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); basicContext.addConstraint(sc); // Add unprotected servlet to the context Tomcat.addServlet(basicContext, "TesterServlet4", new TesterServlet()); basicContext.addServletMapping(URI_PUBLIC, "TesterServlet4"); SecurityCollection collection2 = new SecurityCollection(); collection2.addPattern(URI_PUBLIC); SecurityConstraint sc2 = new SecurityConstraint(); // do not add a role - which signals access permitted without one sc2.addCollection(collection2); basicContext.addConstraint(sc2); // Configure the authenticator and inherit the Realm from Engine LoginConfig lc = new LoginConfig(); lc.setAuthMethod("BASIC"); basicContext.setLoginConfig(lc); AuthenticatorBase basicAuthenticator = new BasicAuthenticator(); basicContext.getPipeline().addValve(basicAuthenticator); }
@Override public void setUp() throws Exception { super.setUp(); // Configure a context with digest auth and a single protected resource Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context ctxt = tomcat.addContext(CONTEXT_PATH, null); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet", new TesterServlet()); ctxt.addServletMapping(URI, "TesterServlet"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctxt.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser(USER, PWD); realm.addUserRole(USER, ROLE); ctxt.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("DIGEST"); lc.setRealmName(REALM); ctxt.setLoginConfig(lc); ctxt.getPipeline().addValve(new DigestAuthenticator()); }
private Exception doRequest() { Tomcat tomcat = getTomcatInstance(); Context root = tomcat.addContext("", TEMP_DIR); Tomcat.addServlet(root, "test", new TesterServlet()); root.addServletMapping("/test", "test"); try { tomcat.start(); setPort(tomcat.getConnector().getLocalPort()); // Open connection connect(); String[] request = new String[1]; request[0] = newLines + "GET http://localhost:8080/test HTTP/1.1" + CRLF + "X-Bug48839: abcd" + CRLF + "\tefgh" + CRLF + "Connection: close" + CRLF + CRLF; setRequest(request); processRequest(); // blocks until response has been read // Close the connection disconnect(); } catch (Exception e) { return e; } return null; }
private Exception doRequest() { Tomcat tomcat = getTomcatInstance(); Context root = tomcat.addContext("", TEMP_DIR); Tomcat.addServlet(root, "Bug54947", new TesterServlet()); root.addServletMapping("/test", "Bug54947"); try { tomcat.start(); setPort(tomcat.getConnector().getLocalPort()); // Open connection connect(); String[] request = new String[2]; request[0] = "GET http://localhost:8080/test HTTP/1.1" + CR; request[1] = LF + "Connection: close" + CRLF + CRLF; setRequest(request); processRequest(); // blocks until response has been read // Close the connection disconnect(); } catch (Exception e) { return e; } return null; }
@Test public void testStop() throws Exception { Tomcat tomcat = getTomcatInstance(); Context root = tomcat.addContext("", TEMP_DIR); Wrapper w = Tomcat.addServlet(root, "tester", new TesterServlet()); w.setAsyncSupported(true); root.addServletMapping("/", "tester"); Connector connector = tomcat.getConnector(); tomcat.start(); ByteChunk bc = new ByteChunk(); int rc = getUrl("http://localhost:" + getPort() + "/", bc, null, null); assertEquals(200, rc); assertEquals("OK", bc.toString()); rc = -1; bc.recycle(); connector.stop(); try { rc = getUrl("http://localhost:" + getPort() + "/", bc, 1000, null, null); } catch (SocketTimeoutException ste) { // May also see this with NIO // Make sure the test passes if we do rc = 503; } assertEquals(503, rc); }
private void setUpNonLogin(Tomcat tomcat) throws Exception { // Must have a real docBase for webapps - just use temp Context ctxt = tomcat.addContext(CONTEXT_PATH_NOLOGIN, System.getProperty("java.io.tmpdir")); ctxt.setSessionTimeout(LONG_TIMEOUT_SECS); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet1", new TesterServlet()); ctxt.addServletMapping(URI_PROTECTED, "TesterServlet1"); SecurityCollection collection1 = new SecurityCollection(); collection1.addPattern(URI_PROTECTED); SecurityConstraint sc1 = new SecurityConstraint(); sc1.addAuthRole(ROLE); sc1.addCollection(collection1); ctxt.addConstraint(sc1); // Add unprotected servlet Tomcat.addServlet(ctxt, "TesterServlet2", new TesterServlet()); ctxt.addServletMapping(URI_PUBLIC, "TesterServlet2"); SecurityCollection collection2 = new SecurityCollection(); collection2.addPattern(URI_PUBLIC); SecurityConstraint sc2 = new SecurityConstraint(); // do not add a role - which signals access permitted without one sc2.addCollection(collection2); ctxt.addConstraint(sc2); // Configure the appropriate authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("NONE"); ctxt.setLoginConfig(lc); ctxt.getPipeline().addValve(new NonLoginAuthenticator()); }
private void setUpNonLogin() throws Exception { // Must have a real docBase for webapps - just use temp nonloginContext = tomcat.addContext(CONTEXT_PATH_NOLOGIN, System.getProperty("java.io.tmpdir")); nonloginContext.setSessionTimeout(LONG_SESSION_TIMEOUT_MINS); // Add protected servlet to the context Tomcat.addServlet(nonloginContext, "TesterServlet1", new TesterServlet()); nonloginContext.addServletMapping(URI_PROTECTED, "TesterServlet1"); SecurityCollection collection1 = new SecurityCollection(); collection1.addPattern(URI_PROTECTED); SecurityConstraint sc1 = new SecurityConstraint(); sc1.addAuthRole(ROLE); sc1.addCollection(collection1); nonloginContext.addConstraint(sc1); // Add unprotected servlet to the context Tomcat.addServlet(nonloginContext, "TesterServlet2", new TesterServlet()); nonloginContext.addServletMapping(URI_PUBLIC, "TesterServlet2"); SecurityCollection collection2 = new SecurityCollection(); collection2.addPattern(URI_PUBLIC); SecurityConstraint sc2 = new SecurityConstraint(); // do not add a role - which signals access permitted without one sc2.addCollection(collection2); nonloginContext.addConstraint(sc2); // Configure the authenticator and inherit the Realm from Engine LoginConfig lc = new LoginConfig(); lc.setAuthMethod("NONE"); nonloginContext.setLoginConfig(lc); AuthenticatorBase nonloginAuthenticator = new NonLoginAuthenticator(); nonloginContext.getPipeline().addValve(nonloginAuthenticator); }
private void setUpLogin() throws Exception { // Must have a real docBase for webapps - just use temp basicContext = tomcat.addContext(CONTEXT_PATH_LOGIN, System.getProperty("java.io.tmpdir")); basicContext.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS); // Add protected servlet to the context Tomcat.addServlet(basicContext, "TesterServlet3", new TesterServlet()); basicContext.addServletMapping(URI_PROTECTED, "TesterServlet3"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI_PROTECTED); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); basicContext.addConstraint(sc); // Add unprotected servlet to the context Tomcat.addServlet(basicContext, "TesterServlet4", new TesterServlet()); basicContext.addServletMapping(URI_PUBLIC, "TesterServlet4"); SecurityCollection collection2 = new SecurityCollection(); collection2.addPattern(URI_PUBLIC); SecurityConstraint sc2 = new SecurityConstraint(); // do not add a role - which signals access permitted without one sc2.addCollection(collection2); basicContext.addConstraint(sc2); // Configure the authenticator and inherit the Realm from Engine LoginConfig lc = new LoginConfig(); lc.setAuthMethod("BASIC"); basicContext.setLoginConfig(lc); AuthenticatorBase basicAuthenticator = new BasicAuthenticator(); basicContext.getPipeline().addValve(basicAuthenticator); }
@Override public void setUp() throws Exception { super.setUp(); // Configure a context with digest auth and a single protected resource Tomcat tomcat = getTomcatInstance(); // Must have a real docBase - just use temp Context ctxt = tomcat.addContext(CONTEXT_PATH, System.getProperty("java.io.tmpdir")); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet", new TesterServlet()); ctxt.addServletMapping(URI, "TesterServlet"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctxt.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser(USER, PWD); realm.addUserRole(USER, ROLE); ctxt.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("DIGEST"); lc.setRealmName(REALM); ctxt.setLoginConfig(lc); ctxt.getPipeline().addValve(new DigestAuthenticator()); }
