/** * Retrieves the content under the given URL with username and passwort * authentication. * * @param url * the URL to read * @param username * @param password * @return the read content. * @throws IOException * if an I/O exception occurs. */ private static byte[] getUrlContent(URL url, String username, String password) throws IOException { final HttpClient client = new HttpClient(); // Set credentials: client.getParams().setAuthenticationPreemptive(true); final Credentials credentials = new UsernamePasswordCredentials( username, password); client.getState() .setCredentials( new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), credentials); // Retrieve content: final GetMethod method = new GetMethod(url.toString()); final int status = client.executeMethod(method); if (status != HttpStatus.SC_OK) { throw new IOException("Error " + status + " while retrieving " + url); } return method.getResponseBody(); }
/** * Helper to create a test folder with a single ACE pre-created */ private void createAceOrderTestFolderWithOneAce() throws IOException, JsonException { testUserId = H.createTestUser(); testFolderUrl = H.createTestFolder(); addOrUpdateAce(testFolderUrl, testUserId, true, null); //fetch the JSON for the acl to verify the settings. String getUrl = testFolderUrl + ".acl.json"; Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObject = JsonUtil.parseObject(json); assertEquals(1, jsonObject.size()); JsonObject user = jsonObject.getJsonObject(testUserId); assertNotNull(user); assertEquals(testUserId, user.getString("principal")); assertEquals(0, user.getInt("order")); }
public void testRemoveAce() throws IOException, JsonException { String folderUrl = createFolderWithAces(false); //remove the ace for the testUser principal String postUrl = folderUrl + ".deleteAce.html"; List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair(":applyTo", testUserId)); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null); //fetch the JSON for the acl to verify the settings. String getUrl = folderUrl + ".acl.json"; String json = getAuthenticatedContent(creds, getUrl, CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObject = JsonUtil.parseObject(json); assertNotNull(jsonObject); assertEquals(0, jsonObject.size()); }
/** * Test for SLING-1677 */ public void testRemoveAcesResponseAsJSON() throws IOException, JsonException { String folderUrl = createFolderWithAces(true); //remove the ace for the testUser principal String postUrl = folderUrl + ".deleteAce.json"; List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair(":applyTo", testUserId)); postParams.add(new NameValuePair(":applyTo", testGroupId)); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = getAuthenticatedPostContent(creds, postUrl, CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK); //make sure the json response can be parsed as a JSON object JsonObject jsonObject = JsonUtil.parseObject(json); assertNotNull(jsonObject); }
public void testAnonymousContent() throws Exception { // disable credentials -> anonymous session final URL url = new URL(HTTP_BASE_URL); final AuthScope scope = new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM); httpClient.getParams().setAuthenticationPreemptive(false); httpClient.getState().setCredentials(scope, null); try { assertContent(); } finally { // re-enable credentials -> admin session httpClient.getParams().setAuthenticationPreemptive(true); Credentials defaultcreds = new UsernamePasswordCredentials("admin", "admin"); httpClient.getState().setCredentials(scope, defaultcreds); } }
@Test public void testValidatingIncorrectHttpBasicCredentials() throws Exception { // assume http and webdav are on the same host + port URL url = new URL(HttpTest.HTTP_BASE_URL); Credentials defaultcreds = new UsernamePasswordCredentials("garbage", "garbage"); H.getHttpClient().getState() .setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds); List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new NameValuePair("j_validate", "true")); HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null); assertXReason(post); HttpMethod get = H.assertHttpStatus(HttpTest.HTTP_BASE_URL + "/?j_validate=true", HttpServletResponse.SC_FORBIDDEN); assertXReason(get); }
@Test public void testPreventLoopIncorrectHttpBasicCredentials() throws Exception { // assume http and webdav are on the same host + port URL url = new URL(HttpTest.HTTP_BASE_URL); Credentials defaultcreds = new UsernamePasswordCredentials("garbage", "garbage"); H.getHttpClient().getState() .setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds); final String requestUrl = HttpTest.HTTP_BASE_URL + "/junk?param1=1"; HttpMethod get = new GetMethod(requestUrl); get.setRequestHeader("Referer", requestUrl); get.setRequestHeader("User-Agent", "Mozilla/5.0 Sling Integration Test"); int status = H.getHttpClient().executeMethod(get); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, status); }
/** Verify that given URL returns expectedStatusCode * @throws IOException */ public void assertAuthenticatedHttpStatus(Credentials creds, String urlString, int expectedStatusCode, String assertMessage) throws IOException { URL baseUrl = new URL(HTTP_BASE_URL); AuthScope authScope = new AuthScope(baseUrl.getHost(), baseUrl.getPort(), AuthScope.ANY_REALM); GetMethod getMethod = new GetMethod(urlString); getMethod.setDoAuthentication(true); Credentials oldCredentials = httpClient.getState().getCredentials(authScope); try { httpClient.getState().setCredentials(authScope, creds); final int status = httpClient.executeMethod(getMethod); if(assertMessage == null) { assertEquals(urlString,expectedStatusCode, status); } else { assertEquals(assertMessage, expectedStatusCode, status); } } finally { httpClient.getState().setCredentials(authScope, oldCredentials); } }
public String createTestUser() throws IOException { String postUrl = HTTP_BASE_URL + "/system/userManager/user.create.html"; String testUserId = "testUser" + getNextInt(); List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair(":name", testUserId)); postParams.add(new NameValuePair("pwd", "testPwd")); postParams.add(new NameValuePair("pwdConfirm", "testPwd")); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); final String msg = "Unexpected status while attempting to create test user at " + postUrl; assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, msg); final String sessionInfoUrl = HTTP_BASE_URL + "/system/sling/info.sessionInfo.json"; assertAuthenticatedHttpStatus(creds, sessionInfoUrl, HttpServletResponse.SC_OK, "session info failed for user " + testUserId); return testUserId; }
/** * Test for SLING-1677 */ @Test public void testCreateUserResponseAsJSON() throws IOException, JsonException { String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user.create.json"; testUserId = "testUser" + random.nextInt(); List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair(":name", testUserId)); postParams.add(new NameValuePair("marker", testUserId)); postParams.add(new NameValuePair("pwd", "testPwd")); postParams.add(new NameValuePair("pwdConfirm", "testPwd")); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = H.getAuthenticatedPostContent(creds, postUrl, HttpTest.CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK); //make sure the json response can be parsed as a JSON object JsonObject jsonObj = JsonUtil.parseObject(json); assertNotNull(jsonObj); }
/** * Test for SLING-1677 */ @Test public void testUpdateUserResponseAsJSON() throws IOException, JsonException { testUserId = H.createTestUser(); String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + testUserId + ".update.json"; List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair("displayName", "My Updated Test User")); postParams.add(new NameValuePair("url", "http://www.apache.org/updated")); Credentials creds = new UsernamePasswordCredentials(testUserId, "testPwd"); String json = H.getAuthenticatedPostContent(creds, postUrl, HttpTest.CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK); //make sure the json response can be parsed as a JSON object JsonObject jsonObj = JsonUtil.parseObject(json); assertNotNull(jsonObj); }
/** * Checks whether the current user has been granted privileges * to add a new user. */ @Test public void testCanAddUser() throws JsonException, IOException { testUserId = H.createTestUser(); String getUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + testUserId + ".privileges-info.json"; //fetch the JSON for the test page to verify the settings. Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd"); String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObj = JsonUtil.parseObject(json); assertEquals(false, jsonObj.getBoolean("canAddUser")); }
/** * Checks whether the current user has been granted privileges * to add a new group. */ @Test public void testCanAddGroup() throws IOException, JsonException { testUserId = H.createTestUser(); String getUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + testUserId + ".privileges-info.json"; //fetch the JSON for the test page to verify the settings. Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd"); String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObj = JsonUtil.parseObject(json); assertEquals(false, jsonObj.getBoolean("canAddGroup")); }
/** * Checks whether the current user has been granted privileges * to update the properties of the specified group. */ @Test public void testCanUpdateGroupProperties() throws IOException, JsonException { testGroupId = H.createTestGroup(); testUserId = H.createTestUser(); //1. Verify non admin user can not update group properties String getUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".privileges-info.json"; //fetch the JSON for the test page to verify the settings. Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd"); String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObj = JsonUtil.parseObject(json); //normal user can not update group properties assertEquals(false, jsonObj.getBoolean("canUpdateProperties")); }
/** * Checks whether the current user has been granted privileges * to remove the specified group. */ @Test public void testCanRemoveGroup() throws IOException, JsonException { testGroupId = H.createTestGroup(); testUserId = H.createTestUser(); //1. Verify non admin user can not remove group String getUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".privileges-info.json"; //fetch the JSON for the test page to verify the settings. Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd"); String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObj = JsonUtil.parseObject(json); //normal user can not remove group assertEquals(false, jsonObj.getBoolean("canRemove")); }
/** * Checks whether the current user has been granted privileges * to update the membership of the specified group. */ @Test public void testCanUpdateGroupMembers() throws IOException, JsonException { testGroupId = H.createTestGroup(); testUserId = H.createTestUser(); //1. Verify non admin user can not update group membership String getUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".privileges-info.json"; //fetch the JSON for the test page to verify the settings. Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd"); String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObj = JsonUtil.parseObject(json); //normal user can not remove group assertEquals(false, jsonObj.getBoolean("canUpdateGroupMembers")); }
public void testCreateGroup() throws IOException, JsonException { String postUrl = HTTP_BASE_URL + "/system/userManager/group.create.html"; testGroupId = "testGroup" + random.nextInt(); List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair(":name", testGroupId)); postParams.add(new NameValuePair("marker", testGroupId)); assertAuthenticatedAdminPostStatus(postUrl, HttpServletResponse.SC_OK, postParams, null); //fetch the group profile json to verify the settings String getUrl = HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".json"; Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = getAuthenticatedContent(creds, getUrl, CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObj = JsonUtil.parseObject(json); assertEquals(testGroupId, jsonObj.getString("marker")); }
public void testCreateGroupWithExtraProperties() throws IOException, JsonException { String postUrl = HTTP_BASE_URL + "/system/userManager/group.create.html"; testGroupId = "testGroup" + random.nextInt(); List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair(":name", testGroupId)); postParams.add(new NameValuePair("marker", testGroupId)); postParams.add(new NameValuePair("displayName", "My Test Group")); postParams.add(new NameValuePair("url", "http://www.apache.org")); assertAuthenticatedAdminPostStatus(postUrl, HttpServletResponse.SC_OK, postParams, null); //fetch the group profile json to verify the settings String getUrl = HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".json"; Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = getAuthenticatedContent(creds, getUrl, CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObj = JsonUtil.parseObject(json); assertEquals(testGroupId, jsonObj.getString("marker")); assertEquals("My Test Group", jsonObj.getString("displayName")); assertEquals("http://www.apache.org", jsonObj.getString("url")); }
public void testUpdateGroup() throws IOException, JsonException { testGroupId = createTestGroup(); String postUrl = HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".update.html"; List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair("displayName", "My Updated Test Group")); postParams.add(new NameValuePair("url", "http://www.apache.org/updated")); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null); //fetch the user profile json to verify the settings String getUrl = HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".json"; assertAuthenticatedHttpStatus(creds, getUrl, HttpServletResponse.SC_OK, null); //make sure the profile request returns some data String json = getAuthenticatedContent(creds, getUrl, CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObj = JsonUtil.parseObject(json); assertEquals("My Updated Test Group", jsonObj.getString("displayName")); assertEquals("http://www.apache.org/updated", jsonObj.getString("url")); }
/** * Test for SLING-1677 */ public void testUpdateGroupResponseAsJSON() throws IOException, JsonException { testGroupId = createTestGroup(); String postUrl = HTTP_BASE_URL + "/system/userManager/group/" + testGroupId + ".update.json"; List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair("displayName", "My Updated Test Group")); postParams.add(new NameValuePair("url", "http://www.apache.org/updated")); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = getAuthenticatedPostContent(creds, postUrl, CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK); //make sure the json response can be parsed as a JSON object JsonObject jsonObj = JsonUtil.parseObject(json); assertNotNull(jsonObj); }
public void testRemoveAuthorizables() throws IOException { String userId = createTestUser(); String groupId = createTestGroup(); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String getUrl = HTTP_BASE_URL + "/system/userManager/user/" + userId + ".json"; assertAuthenticatedHttpStatus(creds, getUrl, HttpServletResponse.SC_OK, null); //make sure the profile request returns some data getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId + ".json"; assertAuthenticatedHttpStatus(creds, getUrl, HttpServletResponse.SC_OK, null); //make sure the profile request returns some data String postUrl = HTTP_BASE_URL + "/system/userManager.delete.html"; List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair(":applyTo", "group/" + groupId)); postParams.add(new NameValuePair(":applyTo", "user/" + userId)); assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null); getUrl = HTTP_BASE_URL + "/system/userManager/user/" + userId + ".json"; assertAuthenticatedHttpStatus(creds, getUrl, HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request returns some data getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId + ".json"; assertAuthenticatedHttpStatus(creds, getUrl, HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request returns some data }
/** * Test the problem reported as SLING-1237 */ public void testRemoveGroupWithMembers() throws IOException { String groupId = createTestGroup(); String userId = createTestUser(); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String addMemberPostUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId + ".update.html"; List<NameValuePair> addMemberPostParams = new ArrayList<NameValuePair>(); addMemberPostParams.add(new NameValuePair(":member", userId)); assertAuthenticatedPostStatus(creds, addMemberPostUrl, HttpServletResponse.SC_OK, addMemberPostParams, null); String getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId + ".json"; assertAuthenticatedHttpStatus(creds, getUrl, HttpServletResponse.SC_OK, null); //make sure the profile request returns some data String postUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId + ".delete.html"; List<NameValuePair> postParams = new ArrayList<NameValuePair>(); assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null); getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId + ".json"; assertAuthenticatedHttpStatus(creds, getUrl, HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request returns some data }
/** * Test for SLING-1677 */ public void testRemoveAuthorizablesResponseAsJSON() throws IOException, JsonException { String userId = createTestUser(); String groupId = createTestGroup(); Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String postUrl = HTTP_BASE_URL + "/system/userManager.delete.json"; List<NameValuePair> postParams = new ArrayList<NameValuePair>(); postParams.add(new NameValuePair(":applyTo", "group/" + groupId)); postParams.add(new NameValuePair(":applyTo", "user/" + userId)); String json = getAuthenticatedPostContent(creds, postUrl, CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK); //make sure the json response can be parsed as a JSON object JsonObject jsonObj = JsonUtil.parseObject(json); assertNotNull(jsonObj); }
public void init() { ParameterCheck.mandatory("solrHost", solrHost); ParameterCheck.mandatory("solrPort", solrPort); ParameterCheck.mandatory("solrUser", solrUser); ParameterCheck.mandatory("solrPassword", solrPassword); ParameterCheck.mandatory("solrPingCronExpression", solrPingCronExpression); ParameterCheck.mandatory("solrConnectTimeout", solrConnectTimeout); try { StringBuilder sb = new StringBuilder(); sb.append(httpClientFactory.isSSL() ? "https://" : "http://"); sb.append(solrHost); sb.append(":"); sb.append(httpClientFactory.isSSL() ? solrSSLPort: solrPort); sb.append(baseUrl); this.solrUrl = sb.toString(); HttpClient httpClient = httpClientFactory.getHttpClient(); server = new CommonsHttpSolrServer(solrUrl, httpClient); server.setParser(new XMLResponseParser()); // TODO remove credentials because we're using SSL? Credentials defaultcreds = new UsernamePasswordCredentials(solrUser, solrPassword); server.getHttpClient().getState().setCredentials(new AuthScope(solrHost, solrPort, AuthScope.ANY_REALM), defaultcreds); server.setConnectionTimeout(solrConnectTimeout); server.setSoTimeout(20000); this.solrTracker = new SolrTracker(scheduler); } catch(MalformedURLException e) { throw new AlfrescoRuntimeException("Cannot initialise Solr admin http client", e); } }
/** * Returns the Ticket in the form used for HTTP Basic Authentication. * This should be added as the value to a HTTP Request Header with * key Authorization */ public String getAsHTTPAuthorization() { // Build from the Username and Password Pair<String,String> userPass = getAsUsernameAndPassword(); Credentials credentials = new UsernamePasswordCredentials(userPass.getFirst(), userPass.getSecond()); // Encode it into the required format String credentialsEncoded = Base64.encodeBytes( credentials.toString().getBytes(utf8), Base64.DONT_BREAK_LINES ); // Mark it as Basic, and we're done return "Basic " + credentialsEncoded; }
@Override public Object connect() { HttpClient client = new HttpClient(); client.getParams().setAuthenticationPreemptive(false); Credentials creds = new UsernamePasswordCredentials(AppProperties.getProperty("username"), AppProperties.getProperty("password")); client.getState().setCredentials(AuthScope.ANY, creds); return client; }
public void setAnonymAuth(HttpState httpState) { // Setting anonym authentication for proxy if ((!this.proxyServer.equals("")) && (!this.proxyUser.equals(""))) { httpState.setProxyCredentials( new AuthScope(AuthScope.ANY), new Credentials() { }); Engine.logProxyManager.debug("(ProxyManager) Proxy credentials: anonym"); } }
private Credentials getCredentials() { Credentials credentials = null; if (httpState != null) { if (host != null) { AuthScope authScope = new AuthScope(host, AuthScope.ANY_PORT, realm, AuthScope.ANY_SCHEME); credentials = httpState.getCredentials(authScope); } } return credentials; }
public String getUserName() { String userName = null; Credentials credentials = getCredentials(); if (credentials != null) { if (credentials instanceof UsernamePasswordCredentials) { userName = ((UsernamePasswordCredentials)credentials).getUserName(); } } return userName; }
public String getUserPassword() { String userPassword = null; Credentials credentials = getCredentials(); if (credentials != null) { if (credentials instanceof UsernamePasswordCredentials) { userPassword = ((UsernamePasswordCredentials)credentials).getPassword(); } } return userPassword; }
/** * Test to verify adding an ACE in the first position of * the ACL */ @Test public void testAddAceOrderByFirst() throws IOException, JsonException { createAceOrderTestFolderWithOneAce(); testGroupId = H.createTestGroup(); addOrUpdateAce(testFolderUrl, testGroupId, true, "first"); //fetch the JSON for the acl to verify the settings. String getUrl = testFolderUrl + ".acl.json"; Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObject = JsonUtil.parseObject(json); assertEquals(2, jsonObject.size()); JsonObject group = jsonObject.getJsonObject(testGroupId); assertNotNull(group); assertEquals(testGroupId, group.getString("principal")); assertEquals(0, group.getInt("order")); JsonObject user = jsonObject.getJsonObject(testUserId); assertNotNull(user); assertEquals(testUserId, user.getString("principal")); assertEquals(1, user.getInt("order")); }
/** * Test to verify adding an ACE at the end * the ACL */ @Test public void testAddAceOrderByLast() throws IOException, JsonException { createAceOrderTestFolderWithOneAce(); testGroupId = H.createTestGroup(); addOrUpdateAce(testFolderUrl, testGroupId, true, "last"); //fetch the JSON for the acl to verify the settings. String getUrl = testFolderUrl + ".acl.json"; Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObject = JsonUtil.parseObject(json); assertEquals(2, jsonObject.size()); JsonObject user = jsonObject.getJsonObject(testUserId); assertNotNull(user); assertEquals(testUserId, user.getString("principal")); assertEquals(0, user.getInt("order")); JsonObject group = jsonObject.getJsonObject(testGroupId); assertNotNull(group); assertEquals(testGroupId, group.getString("principal")); assertEquals(1, group.getInt("order")); }
/** * Test to verify adding an ACE before an existing ACE * the ACL */ @Test public void testAddAceOrderByBefore() throws IOException, JsonException { createAceOrderTestFolderWithOneAce(); testGroupId = H.createTestGroup(); addOrUpdateAce(testFolderUrl, testGroupId, true, "before " + testUserId); //fetch the JSON for the acl to verify the settings. String getUrl = testFolderUrl + ".acl.json"; Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObject = JsonUtil.parseObject(json); assertEquals(2, jsonObject.size()); JsonObject group = jsonObject.getJsonObject(testGroupId); assertNotNull(group); assertEquals(testGroupId, group.getString("principal")); assertEquals(0, group.getInt("order")); JsonObject user = jsonObject.getJsonObject(testUserId); assertNotNull(user); assertEquals(testUserId, user.getString("principal")); assertEquals(1, user.getInt("order")); }
/** * Test to verify adding an ACE after an existing ACE * the ACL */ @Test public void testAddAceOrderByAfter() throws IOException, JsonException { createAceOrderTestFolderWithOneAce(); testGroupId = H.createTestGroup(); addOrUpdateAce(testFolderUrl, testGroupId, true, "after " + testUserId); //fetch the JSON for the acl to verify the settings. String getUrl = testFolderUrl + ".acl.json"; Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObject = JsonUtil.parseObject(json); assertEquals(2, jsonObject.size()); JsonObject user = jsonObject.getJsonObject(testUserId); assertNotNull(user); assertEquals(testUserId, user.getString("principal")); assertEquals(0, user.getInt("order")); JsonObject group = jsonObject.getJsonObject(testGroupId); assertNotNull(group); assertEquals(testGroupId, group.getString("principal")); assertEquals(1, group.getInt("order")); }
/** * Test to make sure modifying an existing ace without changing the order * leaves the ACE in the same position in the ACL */ @Test public void testUpdateAcePreservePosition() throws IOException, JsonException { createAceOrderTestFolderWithOneAce(); testGroupId = H.createTestGroup(); addOrUpdateAce(testFolderUrl, testGroupId, true, "first"); //update the ace to make sure the update does not change the ACE order addOrUpdateAce(testFolderUrl, testGroupId, false, null); //fetch the JSON for the acl to verify the settings. String getUrl = testFolderUrl + ".acl.json"; Credentials creds = new UsernamePasswordCredentials("admin", "admin"); String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK); assertNotNull(json); JsonObject jsonObject = JsonUtil.parseObject(json); assertEquals(2, jsonObject.size()); JsonObject group = jsonObject.getJsonObject(testGroupId); assertNotNull(group); assertEquals(testGroupId, group.getString("principal")); assertEquals(0, group.getInt("order")); JsonObject user = jsonObject.getJsonObject(testUserId); assertNotNull(user); assertEquals(testUserId, user.getString("principal")); assertEquals(1, user.getInt("order")); }
@SuppressWarnings("deprecation") public String getAccessToken() { if (this.oAuth2AccessToken != null) { return this.oAuth2AccessToken; } try { HttpClient client = new HttpClient(); client.getParams().setAuthenticationPreemptive(true); Credentials defaultcreds = new UsernamePasswordCredentials(this.getUsername(), this.getPassword()); client.getState().setCredentials(AuthScope.ANY, defaultcreds); PostMethod method = new PostMethod(this.getOAuthAuthorizationServer()); method.setRequestBody("grant_type=client_credentials"); int responseCode = client.executeMethod(method); if (responseCode != 200) { throw new RuntimeException("Failed to fetch access token form authorization server, " + this.getOAuthAuthorizationServer() + ", got response code " + responseCode); } String responseBody = method.getResponseBodyAsString(); JSONObject accessResponse = new JSONObject(responseBody); accessResponse.getString("access_token"); return (this.oAuth2AccessToken = accessResponse.getString("access_token")); } catch (Exception e) { throw new RuntimeException("Failed to read response from authorizationServer at " + this.getOAuthAuthorizationServer(), e); } }