Examples of waffle.mock.http.SimpleFilterChain

waffle.mock.http.SimpleFilterChain
Simple filter chain. @author dblock[at]dblock[dot]org

            clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
            clientContext.setCredentialsHandle(clientCredentials.getHandle());
            clientContext.setSecurityPackage(securityPackage);
            clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername());
            // filter chain
            SimpleFilterChain filterChain = new SimpleFilterChain();
            // negotiate
            boolean authenticated = false;
            SimpleHttpRequest request = new SimpleHttpRequest();
            while (true) {
                String clientToken = BaseEncoding.base64().encode(clientContext.getToken());
                request.addHeader("Authorization", securityPackage + " " + clientToken);


                SimpleHttpResponse response = new SimpleHttpResponse();
                this.filter.doFilter(request, response, filterChain);


                Subject subject = (Subject) request.getSession().getAttribute("javax.security.auth.subject");
                authenticated = (subject != null && subject.getPrincipals().size() > 0);


                if (authenticated) {
                    Assertions.assertThat(response.getHeaderNamesSize()).isGreaterThanOrEqualTo(0);
                    break;
                }


                assertTrue(response.getHeader("WWW-Authenticate").startsWith(securityPackage + " "));
                assertEquals("keep-alive", response.getHeader("Connection"));
                assertEquals(2, response.getHeaderNamesSize());
                assertEquals(401, response.getStatus());
                String continueToken = response.getHeader("WWW-Authenticate").substring(securityPackage.length() + 1);
                byte[] continueTokenBytes = BaseEncoding.base64().decode(continueToken);
                Assertions.assertThat(continueTokenBytes.length).isGreaterThan(0);
                SecBufferDesc continueTokenBuffer = new SecBufferDesc(Sspi.SECBUFFER_TOKEN, continueTokenBytes);
                clientContext.initialize(clientContext.getHandle(), continueTokenBuffer, "localhost");
            }
            assertTrue(authenticated);
            assertTrue(filterChain.getRequest() instanceof NegotiateRequestWrapper);
            assertTrue(filterChain.getResponse() instanceof SimpleHttpResponse);
            NegotiateRequestWrapper wrappedRequest = (NegotiateRequestWrapper) filterChain.getRequest();
            assertEquals(NEGOTIATE.toUpperCase(), wrappedRequest.getAuthType());
            assertEquals(Secur32Util.getUserNameEx(EXTENDED_NAME_FORMAT.NameSamCompatible),
                    wrappedRequest.getRemoteUser());
            assertTrue(wrappedRequest.getUserPrincipal() instanceof WindowsPrincipal);
            String everyoneGroupName = Advapi32Util.getAccountBySid("S-1-1-0").name;

View Full Code Here

    public void testNegotiatePreviousAuthWithWindowsPrincipal() throws IOException, ServletException {
        MockWindowsIdentity mockWindowsIdentity = new MockWindowsIdentity("user", new ArrayList<String>());
        SimpleHttpRequest request = new SimpleHttpRequest();
        WindowsPrincipal windowsPrincipal = new WindowsPrincipal(mockWindowsIdentity);
        request.setUserPrincipal(windowsPrincipal);
        SimpleFilterChain filterChain = new SimpleFilterChain();
        SimpleHttpResponse response = new SimpleHttpResponse();
        this.filter.doFilter(request, response, filterChain);
        assertTrue(filterChain.getRequest() instanceof NegotiateRequestWrapper);
        NegotiateRequestWrapper wrappedRequest = (NegotiateRequestWrapper) filterChain.getRequest();
        assertTrue(wrappedRequest.getUserPrincipal() instanceof WindowsPrincipal);
        assertEquals(windowsPrincipal, wrappedRequest.getUserPrincipal());
    }

View Full Code Here

        WindowsPrincipal windowsPrincipal = new WindowsPrincipal(mockWindowsIdentity);
        request.setUserPrincipal(windowsPrincipal);
        request.setMethod("POST");
        request.setContentLength(0);
        request.addHeader("Authorization", "NTLM TlRMTVNTUAABAAAABzIAAAYABgArAAAACwALACAAAABXT1JLU1RBVElPTkRPTUFJTg==");
        SimpleFilterChain filterChain = new SimpleFilterChain();
        SimpleHttpResponse response = new SimpleHttpResponse();
        this.filter.doFilter(request, response, filterChain);
        assertEquals(401, response.getStatus());
        String[] wwwAuthenticates = response.getHeaderValues("WWW-Authenticate");
        assertEquals(1, wwwAuthenticates.length);

View Full Code Here

        WindowsPrincipal windowsPrincipal = new WindowsPrincipal(mockWindowsIdentity);
        request.setUserPrincipal(windowsPrincipal);
        request.setMethod("PUT");
        request.setContentLength(0);
        request.addHeader("Authorization", "NTLM TlRMTVNTUAABAAAABzIAAAYABgArAAAACwALACAAAABXT1JLU1RBVElPTkRPTUFJTg==");
        SimpleFilterChain filterChain = new SimpleFilterChain();
        SimpleHttpResponse response = new SimpleHttpResponse();
        this.filter.doFilter(request, response, filterChain);
        assertEquals(401, response.getStatus());
        String[] wwwAuthenticates = response.getHeaderValues("WWW-Authenticate");
        assertEquals(1, wwwAuthenticates.length);

View Full Code Here

    @Test
    public void testNoChallengeGET() throws IOException, ServletException {
        final SimpleHttpRequest request = new SimpleHttpRequest();
        request.setMethod("GET");
        final SimpleHttpResponse response = new SimpleHttpResponse();
        final SimpleFilterChain chain = new SimpleFilterChain();
        this.filter.doFilter(request, response, chain);
        // unlike servlet filters, it's a passthrough
        assertEquals(500, response.getStatus());
    }

View Full Code Here


    @SuppressWarnings("unchecked")
    @Test
    public void testNegotiate() throws IOException, ServletException {
        final String securityPackage = "Negotiate";
        final SimpleFilterChain filterChain = new SimpleFilterChain();
        final SimpleHttpRequest request = new SimpleHttpRequest();


        final String clientToken = BaseEncoding.base64().encode(
                WindowsAccountImpl.getCurrentUsername().getBytes(Charsets.UTF_8));
        request.addHeader("Authorization", securityPackage + " " + clientToken);

View Full Code Here

        assertEquals(0, response.getHeaderNamesSize());
    }


    @Test
    public void testUnsupportedSecurityPackagePassthrough() throws IOException, ServletException {
        final SimpleFilterChain filterChain = new SimpleFilterChain();
        final SimpleHttpRequest request = new SimpleHttpRequest();
        request.addHeader("Authorization", "Unsupported challenge");
        final SimpleHttpResponse response = new SimpleHttpResponse();
        this.filter.doFilter(request, response, filterChain);
        // the filter should ignore authorization for an unsupported security package, ie. not return a 401

View Full Code Here

    }


    @Test
    public void testGuestIsDisabled() throws IOException, ServletException {
        final String securityPackage = "Negotiate";
        final SimpleFilterChain filterChain = new SimpleFilterChain();
        final SimpleHttpRequest request = new SimpleHttpRequest();


        final String clientToken = BaseEncoding.base64().encode("Guest".getBytes(Charsets.UTF_8));
        request.addHeader("Authorization", securityPackage + " " + clientToken);

View Full Code Here

    @Test
    public void testNoChallengeGET() throws IOException, ServletException {
        final SimpleHttpRequest request = new SimpleHttpRequest();
        request.setMethod("GET");
        final SimpleHttpResponse response = new SimpleHttpResponse();
        final SimpleFilterChain chain = new SimpleFilterChain();
        this.filter.doFilter(request, response, chain);
        // unlike servlet filters, it's a passthrough
        assertEquals(500, response.getStatus());
    }

View Full Code Here

    }


    @Test
    public void testNegotiate() throws IOException, ServletException {
        final String securityPackage = "Negotiate";
        final SimpleFilterChain filterChain = new SimpleFilterChain();
        final SimpleHttpRequest request = new SimpleHttpRequest();


        final String clientToken = BaseEncoding.base64().encode(
                WindowsAccountImpl.getCurrentUsername().getBytes(Charsets.UTF_8));
        request.addHeader("Authorization", securityPackage + " " + clientToken);

View Full Code Here

0 1

TOP

Related Classes of waffle.mock.http.SimpleFilterChain

waffle.servlet.NegotiateSecurityFilterTests

waffle.spring.NegotiateSecurityFilterTests

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.