GeoServerRoleFilterTest.java example

Explorer

geoserver-master
- doc
  - en
    - developer
      - source
        programming-guide
        ows-services
        hello
        src
        main
        java
        HelloWorld.java
        web-ui
        ComponentInfo.java
    - user
      - source
        security
        tutorials
        ldap
        acme-ldap
        src
        main
        java
        org
        acme
        Ldap.java
- src

/* (c) 2014 - 2016 Open Source Geospatial Foundation - all rights reserved
 * (c) 2001 - 2013 OpenPlans
 * This code is licensed under the GPL 2.0 license, available at the root
 * application directory.
 */
package org.geoserver.security;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;

import javax.servlet.Servlet;

import org.easymock.EasyMock;
import org.geoserver.platform.GeoServerExtensions;
import org.geoserver.security.config.RoleFilterConfig;
import org.geoserver.security.filter.GeoServerRoleFilter;
import org.geoserver.security.impl.GeoServerRole;
import org.geoserver.test.SystemTest;
import org.junit.Test;
import org.junit.experimental.categories.Category;

import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Category(SystemTest.class)
public class GeoServerRoleFilterTest extends GeoServerSecurityTestSupport {

    @Test
    public void testFilterChainWithEnabled() throws Exception {
        
        GeoServerSecurityManager secMgr = getSecurityManager();
        RoleFilterConfig config = new RoleFilterConfig();
        config.setName("roleConverter");
        config.setClassName(GeoServerRoleFilter.class.getName());
        config.setRoleConverterName("roleConverter");
        config.setHttpResponseHeaderAttrForIncludedRoles("ROLES");
        secMgr.saveFilter(config);

        
        MockHttpServletRequest request = createRequest("/foo");
        
        MockHttpServletResponse response = new MockHttpServletResponse();
        Servlet servlet = EasyMock.createNiceMock(Servlet.class);
        MockFilterChain chain = new MockFilterChain(servlet, getSecurityManager().loadFilter("roleConverter"));
        
        GeoServerSecurityFilterChainProxy filterChainProxy = 
            GeoServerExtensions.bean(GeoServerSecurityFilterChainProxy.class);
        filterChainProxy.doFilter(request, response, chain);
        assertEquals(GeoServerRole.ANONYMOUS_ROLE.getAuthority(),response.getHeader("ROLES"));        
    }

    @Test
    public void testFilterChainWithDisabled() throws Exception {

        MockHttpServletRequest request = createRequest("/foo");
        
        MockHttpServletResponse response = new MockHttpServletResponse();
        MockFilterChain chain = new MockFilterChain();
        
        GeoServerSecurityFilterChainProxy filterChainProxy = 
            GeoServerExtensions.bean(GeoServerSecurityFilterChainProxy.class);
        filterChainProxy.doFilter(request, response, chain);
        assertNull(response.getHeader("ROLES"));
        
    }
}