/** * Test case for {@link Request#login(String, String)} and * {@link Request#logout()}. */ @Test public void testLoginLogout() throws Exception{ // Setup Tomcat instance Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context ctx = tomcat.addContext("", null); LoginConfig config = new LoginConfig(); config.setAuthMethod("BASIC"); ctx.setLoginConfig(config); ctx.getPipeline().addValve(new BasicAuthenticator()); Tomcat.addServlet(ctx, "servlet", new LoginLogoutServlet()); ctx.addServletMapping("/", "servlet"); MapRealm realm = new MapRealm(); realm.addUser(LoginLogoutServlet.USER, LoginLogoutServlet.PWD); ctx.setRealm(realm); tomcat.start(); ByteChunk res = getUrl("http://localhost:" + getPort() + "/"); assertEquals(LoginLogoutServlet.OK, res.toString()); }
@Before public void setUp() throws Exception { ConcurrentMessageDigest.init("MD5"); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser(USER, PWD); realm.addUserRole(USER, ROLE); // Add the Realm to the Context Context context = new StandardContext(); context.setName(CONTEXT_PATH); context.setRealm(realm); // Make the Context and Realm visible to the Authenticator authenticator.setContainer(context); authenticator.setNonceCountWindowSize(8 * 1024); authenticator.start(); }
private FormAuthClient(boolean clientShouldUseCookies, boolean serverShouldUseCookies, boolean serverShouldChangeSessid) throws Exception { Tomcat tomcat = getTomcatInstance(); File appDir = new File(getBuildDirectory(), "webapps/examples"); Context ctx = tomcat.addWebapp(null, "/examples", appDir.getAbsolutePath()); setUseCookies(clientShouldUseCookies); ctx.setCookies(serverShouldUseCookies); MapRealm realm = new MapRealm(); realm.addUser("tomcat", "tomcat"); realm.addUserRole("tomcat", "tomcat"); ctx.setRealm(realm); tomcat.start(); // perhaps this does not work until tomcat has started? ctx.setSessionTimeout(TIMEOUT_MINS); // Valve pipeline is only established after tomcat starts Valve[] valves = ctx.getPipeline().getValves(); for (Valve valve : valves) { if (valve instanceof AuthenticatorBase) { ((AuthenticatorBase)valve) .setChangeSessionIdOnAuthentication( serverShouldChangeSessid); break; } } // Port only known after Tomcat starts setPort(getPort()); }
@Override public void setUp() throws Exception { super.setUp(); // Configure a context with digest auth and a single protected resource Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context ctxt = tomcat.addContext(CONTEXT_PATH, null); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet", new TesterServlet()); ctxt.addServletMapping(URI, "TesterServlet"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctxt.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser(USER, PWD); realm.addUserRole(USER, ROLE); ctxt.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("DIGEST"); lc.setRealmName(REALM); ctxt.setLoginConfig(lc); ctxt.getPipeline().addValve(new DigestAuthenticator()); }
@Test public void testBug50015() throws Exception { // Test that configuring servlet security constraints programmatically // does work. // Set up a container Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context ctx = tomcat.addContext("", null); // Setup realm MapRealm realm = new MapRealm(); realm.addUser("tomcat", "tomcat"); realm.addUserRole("tomcat", "tomcat"); ctx.setRealm(realm); // Configure app for BASIC auth LoginConfig lc = new LoginConfig(); lc.setAuthMethod("BASIC"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new BasicAuthenticator()); // Add ServletContainerInitializer ServletContainerInitializer sci = new Bug50015SCI(); ctx.addServletContainerInitializer(sci, null); // Start the context tomcat.start(); // Request the first servlet ByteChunk bc = new ByteChunk(); int rc = getUrl("http://localhost:" + getPort() + "/bug50015", bc, null); // Check for a 401 assertNotSame("OK", bc.toString()); assertEquals(401, rc); }
protected static void configureClientCertContext(Tomcat tomcat) { TesterSupport.initSsl(tomcat); // Need a web application with a protected and unprotected URL // No file system docBase required Context ctx = tomcat.addContext("", null); Tomcat.addServlet(ctx, "simple", new SimpleServlet()); ctx.addServletMapping("/unprotected", "simple"); ctx.addServletMapping("/protected", "simple"); // Security constraints SecurityCollection collection = new SecurityCollection(); collection.addPattern("/protected"); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctx.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser("CN=user1, C=US", "not used"); realm.addUserRole("CN=user1, C=US", ROLE); ctx.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("CLIENT-CERT"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new SSLAuthenticator()); }
/** * Test case for {@link Request#login(String, String)} and * {@link Request#logout()}. */ @Test public void testLoginLogout() throws Exception{ // Setup Tomcat instance Tomcat tomcat = getTomcatInstance(); // Must have a real docBase - just use temp Context ctx = tomcat.addContext("", System.getProperty("java.io.tmpdir")); LoginConfig config = new LoginConfig(); config.setAuthMethod("BASIC"); ctx.setLoginConfig(config); ctx.getPipeline().addValve(new BasicAuthenticator()); Tomcat.addServlet(ctx, "servlet", new LoginLogoutServlet()); ctx.addServletMapping("/", "servlet"); MapRealm realm = new MapRealm(); realm.addUser(LoginLogoutServlet.USER, LoginLogoutServlet.PWD); ctx.setRealm(realm); tomcat.start(); ByteChunk res = getUrl("http://localhost:" + getPort() + "/"); assertEquals(LoginLogoutServlet.OK, res.toString()); }
@Override public void setUp() throws Exception { super.setUp(); // Configure a context with digest auth and a single protected resource Tomcat tomcat = getTomcatInstance(); // Must have a real docBase - just use temp Context ctxt = tomcat.addContext(CONTEXT_PATH, System.getProperty("java.io.tmpdir")); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet", new TesterServlet()); ctxt.addServletMapping(URI, "TesterServlet"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctxt.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser(USER, PWD); realm.addUserRole(USER, ROLE); ctxt.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("DIGEST"); lc.setRealmName(REALM); ctxt.setLoginConfig(lc); ctxt.getPipeline().addValve(new DigestAuthenticator()); }
@Test public void testBug50015() throws Exception { // Test that configuring servlet security constraints programmatically // does work. // Set up a container Tomcat tomcat = getTomcatInstance(); // Must have a real docBase - just use temp File docBase = new File(System.getProperty("java.io.tmpdir")); Context ctx = tomcat.addContext("", docBase.getAbsolutePath()); // Setup realm MapRealm realm = new MapRealm(); realm.addUser("tomcat", "tomcat"); realm.addUserRole("tomcat", "tomcat"); ctx.setRealm(realm); // Configure app for BASIC auth LoginConfig lc = new LoginConfig(); lc.setAuthMethod("BASIC"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new BasicAuthenticator()); // Add ServletContainerInitializer ServletContainerInitializer sci = new Bug50015SCI(); ctx.addServletContainerInitializer(sci, null); // Start the context tomcat.start(); // Request the first servlet ByteChunk bc = new ByteChunk(); int rc = getUrl("http://localhost:" + getPort() + "/bug50015", bc, null); // Check for a 401 assertNotSame("OK", bc.toString()); assertEquals(401, rc); }
protected static void configureClientCertContext(Tomcat tomcat) { TesterSupport.initSsl(tomcat); // Need a web application with a protected and unprotected URL // Must have a real docBase - just use temp Context ctx = tomcat.addContext("", System.getProperty("java.io.tmpdir")); Tomcat.addServlet(ctx, "simple", new SimpleServlet()); ctx.addServletMapping("/unprotected", "simple"); ctx.addServletMapping("/protected", "simple"); // Security constraints SecurityCollection collection = new SecurityCollection(); collection.addPattern("/protected"); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole("testrole"); sc.addCollection(collection); ctx.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser("CN=user1, C=US", "not used"); realm.addUserRole("CN=user1, C=US", "testrole"); ctx.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("CLIENT-CERT"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new SSLAuthenticator()); }
protected static void configureClientCertContext(Tomcat tomcat) { TesterSupport.initSsl(tomcat); // Need a web application with a protected and unprotected URL // Must have a real docBase - just use temp Context ctx = tomcat.addContext("", System.getProperty("java.io.tmpdir")); Tomcat.addServlet(ctx, "simple", new SimpleServlet()); ctx.addServletMapping("/unprotected", "simple"); ctx.addServletMapping("/protected", "simple"); // Security constraints SecurityCollection collection = new SecurityCollection(); collection.addPattern("/protected"); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctx.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser("CN=user1, C=US", "not used"); realm.addUserRole("CN=user1, C=US", ROLE); ctx.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("CLIENT-CERT"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new SSLAuthenticator()); }
private FormAuthClient() throws Exception { Tomcat tomcat = getTomcatInstance(); File appDir = new File(getBuildDirectory(), "webapps/examples"); Context ctx = tomcat.addWebapp(null, "/examples", appDir.getAbsolutePath()); MapRealm realm = new MapRealm(); realm.addUser("tomcat", "tomcat"); realm.addUserRole("tomcat", "tomcat"); ctx.setRealm(realm); setPort(getPort()); tomcat.start(); }
@Override public void setUp() throws Exception { super.setUp(); // Configure a context with digest auth and a single protected resource Tomcat tomcat = getTomcatInstance(); // Must have a real docBase - just use temp Context ctxt = tomcat.addContext(CONTEXT_PATH, System.getProperty("java.io.tmpdir")); // Add protected servlet Tomcat.addServlet(ctxt, "TesterServlet", new TesterServlet()); ctxt.addServletMapping(URI, "TesterServlet"); SecurityCollection collection = new SecurityCollection(); collection.addPattern(URI); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctxt.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser(USER, PWD); realm.addUserRole(USER, ROLE); ctxt.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("DIGEST"); lc.setRealmName(REALM); ctxt.setLoginConfig(lc); DigestAuthenticator authenticator = new DigestAuthenticator(); authenticator.setCnonceCacheSize(100); ctxt.getPipeline().addValve(authenticator); }
@Test public void testBug50015() throws Exception { // Set up a container Tomcat tomcat = getTomcatInstance(); // Must have a real docBase - just use temp File docBase = new File(System.getProperty("java.io.tmpdir")); Context ctx = tomcat.addContext("", docBase.getAbsolutePath()); // Setup realm MapRealm realm = new MapRealm(); realm.addUser("tomcat", "tomcat"); realm.addUserRole("tomcat", "tomcat"); ctx.setRealm(realm); // Configure app for BASIC auth LoginConfig lc = new LoginConfig(); lc.setAuthMethod("BASIC"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new BasicAuthenticator()); // Add ServletContainerInitializer ServletContainerInitializer sci = new Bug50015SCI(); ctx.addServletContainerInitializer(sci, null); // Start the context tomcat.start(); // Request the first servlet ByteChunk bc = new ByteChunk(); int rc = getUrl("http://localhost:" + getPort() + "/bug50015", bc, null); // Check for a 401 assertNotSame("OK", bc.toString()); assertEquals(401, rc); }
private FormAuthClientSelectedMethods(boolean clientShouldUseCookies, boolean serverShouldUseCookies, boolean serverShouldChangeSessid) throws Exception { Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context ctx = tomcat.addContext("", null); Tomcat.addServlet(ctx, "SelectedMethods", new SelectedMethodsServlet()); ctx.addServletMapping("/test", "SelectedMethods"); // Login servlet just needs to respond "OK". Client will handle // creating a valid response. No need for a form. Tomcat.addServlet(ctx, "Login", new TesterServlet()); ctx.addServletMapping("/login", "Login"); // Configure the security constraints SecurityConstraint constraint = new SecurityConstraint(); SecurityCollection collection = new SecurityCollection(); collection.setName("Protect PUT"); collection.addMethod("PUT"); collection.addPattern("/test"); constraint.addCollection(collection); constraint.addAuthRole("tomcat"); ctx.addConstraint(constraint); // Configure authentication LoginConfig lc = new LoginConfig(); lc.setAuthMethod("FORM"); lc.setLoginPage("/login"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new FormAuthenticator()); setUseCookies(clientShouldUseCookies); ctx.setCookies(serverShouldUseCookies); MapRealm realm = new MapRealm(); realm.addUser("tomcat", "tomcat"); realm.addUserRole("tomcat", "tomcat"); ctx.setRealm(realm); tomcat.start(); // perhaps this does not work until tomcat has started? ctx.setSessionTimeout(TIMEOUT_MINS); // Valve pipeline is only established after tomcat starts Valve[] valves = ctx.getPipeline().getValves(); for (Valve valve : valves) { if (valve instanceof AuthenticatorBase) { ((AuthenticatorBase)valve) .setChangeSessionIdOnAuthentication( serverShouldChangeSessid); break; } } // Port only known after Tomcat starts setPort(getPort()); }
private void doTest(String servletClassName, boolean usePost, boolean useRole, boolean expect200) throws Exception { // Setup Tomcat instance Tomcat tomcat = getTomcatInstance(); // No file system docBase required Context ctx = tomcat.addContext("", null); Wrapper wrapper = Tomcat.addServlet(ctx, "servlet", servletClassName); wrapper.setAsyncSupported(true); ctx.addServletMapping("/", "servlet"); if (useRole) { MapRealm realm = new MapRealm(); realm.addUser("testUser", "testPwd"); realm.addUserRole("testUser", "testRole"); ctx.setRealm(realm); ctx.setLoginConfig(new LoginConfig("BASIC", null, null, null)); ctx.getPipeline().addValve(new BasicAuthenticator()); } tomcat.start(); ByteChunk bc = new ByteChunk(); Map<String,List<String>> reqHeaders = null; if (useRole) { reqHeaders = new HashMap<String,List<String>>(); List<String> authHeaders = new ArrayList<String>(); // testUser, testPwd authHeaders.add("Basic dGVzdFVzZXI6dGVzdFB3ZA=="); reqHeaders.put("Authorization", authHeaders); } int rc; if (usePost) { rc = postUrl(null, "http://localhost:" + getPort() + "/", bc, reqHeaders, null); } else { rc = getUrl("http://localhost:" + getPort() + "/", bc, reqHeaders, null); } if (expect200) { assertEquals("OK", bc.toString()); assertEquals(200, rc); } else { assertTrue(bc.getLength() > 0); assertEquals(403, rc); } }
