@Test public void testAllowsRenewContextParam() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("service", CAS_SERVICE_URL); context.addInitParameter("renew", "true"); f.init(new MockFilterConfig(context)); final Field renewField = AuthenticationFilter.class.getDeclaredField("renew"); renewField.setAccessible(true); assertTrue((Boolean) renewField.get(f)); }
private void replaceFilterWithPrefixConfiguredFilter() throws ServletException { this.filter = new AuthenticationFilter(); final MockFilterConfig config = new MockFilterConfig(); config.addInitParameter("casServerUrlPrefix", CAS_PREFIX); config.addInitParameter("service", CAS_SERVICE_URL); this.filter.init(config); }
@Test public void testRenewInitParamThrows() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockFilterConfig config = new MockFilterConfig(); config.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); config.addInitParameter("service", CAS_SERVICE_URL); config.addInitParameter("renew", "true"); try { f.init(config); fail("Should have thrown IllegalArgumentException."); } catch (final IllegalArgumentException e) { assertTrue(e.getMessage().contains("Renew MUST")); } }
@Before public void setUp() throws Exception { this.filter = new AuthenticationFilter(); final MockFilterConfig config = new MockFilterConfig(); config.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); config.addInitParameter("service", CAS_SERVICE_URL); this.filter.init(config); }
@Test public void customRedirectStrategy() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("service", CAS_SERVICE_URL); context.addInitParameter("authenticationRedirectStrategyClass", "org.jasig.cas.client.authentication.FacesCompatibleAuthenticationRedirectStrategy"); f.init(new MockFilterConfig(context)); }
@Test public void testIgnorePatternsWithExactMatching() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); final URL url = new URL(CAS_SERVICE_URL + "?param=valueToIgnore"); context.addInitParameter("ignorePattern", url.toExternalForm()); context.addInitParameter("ignoreUrlPatternType", "EXACT"); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); request.setScheme(url.getProtocol()); request.setServerName(url.getHost()); request.setServerPort(url.getPort()); request.setQueryString(url.getQuery()); request.setRequestURI(url.getPath()); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); assertNull(response.getRedirectedUrl()); }
@Test public void testIgnorePatternsWithInvalidClassname() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("ignorePattern", "=valueToIgnore"); context.addInitParameter("ignoreUrlPatternType", "unknown.class.name"); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); final String URL = CAS_SERVICE_URL + "?param=valueToIgnore"; request.setRequestURI(URL); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); System.out.println(response.getRedirectedUrl()); } }
@Test public void testIgnorePatternsWithExactClassname() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("ignorePattern", "=valueToIgnore"); context.addInitParameter("ignoreUrlPatternType", ContainsPatternUrlPatternMatcherStrategy.class.getName()); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); final String URL = CAS_SERVICE_URL + "?param=valueToIgnore"; request.setRequestURI(URL); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); assertNull(response.getRedirectedUrl()); }
@Test public void testRedirectWithQueryString() throws Exception { final MockHttpSession session = new MockHttpSession(); final MockHttpServletRequest request = new MockHttpServletRequest(); final MockHttpServletResponse response = new MockHttpServletResponse(); request.setQueryString("test=12456"); request.setRequestURI("/test"); request.setSecure(true); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { // nothing to do } }; request.setSession(session); this.filter = new AuthenticationFilter(); final MockFilterConfig config = new MockFilterConfig(); config.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); config.addInitParameter("serverName", "localhost:8443"); this.filter.init(config); this.filter.doFilter(request, response, filterChain); assertEquals( CAS_LOGIN_URL + "?service=" + URLEncoder.encode( "https://localhost:8443" + request.getRequestURI() + "?" + request.getQueryString(), "UTF-8"), response.getRedirectedUrl()); }
@Test public void testIgnorePatterns() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("ignorePattern", "=valueTo(\\w+)"); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); final String URL = CAS_SERVICE_URL + "?param=valueToIgnore"; request.setRequestURI(URL); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); assertNull(response.getRedirectedUrl()); }
@Test public void testIgnorePatternsWithContainsMatching() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("ignorePattern", "=valueToIgnore"); context.addInitParameter("ignoreUrlPatternType", "CONTAINS"); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); final String URL = CAS_SERVICE_URL + "?param=valueToIgnore"; request.setRequestURI(URL); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); assertNull(response.getRedirectedUrl()); }