package hudson.security;
import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
import com.gargoylesoftware.htmlunit.html.HtmlPage;
import org.jvnet.hudson.test.HudsonTestCase;
import org.jvnet.hudson.test.recipes.PresetData;
import org.jvnet.hudson.test.recipes.PresetData.DataSet;
import org.xml.sax.SAXException;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URL;
import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
/**
* @author Kohsuke Kawaguchi
*/
public class LoginTest extends HudsonTestCase {
/**
* Requesting a loginError page directly should result in a redirect,
* on a non-secured Hudson.
*/
public void testLoginErrorRedirect() throws Exception {
verifyNotError(createWebClient());
}
private void verifyNotError(WebClient wc) throws IOException, SAXException {
HtmlPage p = wc.goTo("loginError");
URL url = p.getWebResponse().getUrl();
System.out.println(url);
assertFalse(url.toExternalForm().contains("login"));
}
/**
* Same as {@link #testLoginErrorRedirect()} if the user has already successfully authenticated.
*/
@PresetData(DataSet.ANONYMOUS_READONLY)
public void testLoginErrorRedirect2() throws Exception {
// in a secured Hudson, the error page should render.
WebClient wc = createWebClient();
try {
wc.goTo("loginError");
fail("Expecting a 401 error");
} catch (FailingHttpStatusCodeException e) {
e.printStackTrace();
assertEquals(SC_UNAUTHORIZED,e.getStatusCode());
}
// but not once the user logs in.
verifyNotError(wc.login("alice"));
}
}