/**
* Copyright 2005-2014 Restlet
*
* The contents of this file are subject to the terms of one of the following
* open source licenses: Apache 2.0 or or EPL 1.0 (the "Licenses"). You can
* select the license that you prefer but you may not use this file except in
* compliance with one of these Licenses.
*
* You can obtain a copy of the Apache 2.0 license at
* http://www.opensource.org/licenses/apache-2.0
*
* You can obtain a copy of the EPL 1.0 license at
* http://www.opensource.org/licenses/eclipse-1.0
*
* See the Licenses for the specific language governing permissions and
* limitations under the Licenses.
*
* Alternatively, you can obtain a royalty free commercial license with less
* limitations, transferable or non-transferable, directly at
* http://restlet.com/products/restlet-framework
*
* Restlet is a registered trademark of Restlet S.A.S.
*/
package org.restlet.test.security;
import org.junit.After;
import org.junit.Before;
import org.restlet.Component;
import org.restlet.data.ChallengeResponse;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.Status;
import org.restlet.resource.ClientResource;
import org.restlet.resource.ResourceException;
import org.restlet.test.RestletTestCase;
/**
* Restlet unit tests for the security package.
*
* @author Jerome Louvel
*/
public class SecurityTestCase extends RestletTestCase {
private Component component;
@Before
public void startComponent() throws Exception {
this.component = new SaasComponent();
this.component.start();
}
@After
public void stopServer() throws Exception {
if ((this.component != null) && this.component.isStarted()) {
this.component.stop();
}
this.component = null;
}
public void testSecurity() {
try {
startComponent();
String uri = "http://localhost:" + TEST_PORT + "/test1";
ClientResource resource = new ClientResource(uri);
// TEST SERIES 1
// Try without authentication
try {
resource.get();
} catch (ResourceException e) {
}
resource.release();
assertEquals(Status.CLIENT_ERROR_UNAUTHORIZED, resource.getStatus());
// Try with authentication
resource.setChallengeResponse(new ChallengeResponse(
ChallengeScheme.HTTP_BASIC, "stiger", "pwd"));
try {
resource.get();
} catch (ResourceException e) {
}
resource.release();
assertEquals(Status.SUCCESS_OK, resource.getStatus());
// TEST SERIES 2
uri = "http://localhost:" + TEST_PORT + "/test2";
resource = new ClientResource(uri);
try {
resource.get();
} catch (ResourceException e) {
}
resource.release();
assertEquals(Status.SUCCESS_OK, resource.getStatus());
// TEST SERIES 3
uri = "http://localhost:" + TEST_PORT + "/test3";
resource = new ClientResource(uri);
try {
resource.get();
} catch (ResourceException e) {
}
resource.release();
assertEquals(Status.CLIENT_ERROR_FORBIDDEN, resource.getStatus());
// TEST SERIES 4
uri = "http://localhost:" + TEST_PORT + "/test4";
resource = new ClientResource(uri);
resource.setChallengeResponse(new ChallengeResponse(
ChallengeScheme.HTTP_BASIC, "stiger", "pwd"));
try {
resource.get();
} catch (ResourceException e) {
}
resource.release();
assertEquals(Status.CLIENT_ERROR_FORBIDDEN, resource.getStatus());
// Try again with another user
resource.setChallengeResponse(new ChallengeResponse(
ChallengeScheme.HTTP_BASIC, "larmstrong", "pwd"));
try {
resource.get();
} catch (ResourceException e) {
}
resource.release();
assertEquals(Status.SUCCESS_OK, resource.getStatus());
// TEST SERIES 5
uri = "http://localhost:" + TEST_PORT + "/test5";
resource = new ClientResource(uri);
resource.setChallengeResponse(new ChallengeResponse(
ChallengeScheme.HTTP_BASIC, "stiger", "pwd"));
try {
resource.get();
} catch (ResourceException e) {
}
resource.release();
assertEquals(Status.SUCCESS_OK, resource.getStatus());
// Try again with another user
resource.setChallengeResponse(new ChallengeResponse(
ChallengeScheme.HTTP_BASIC, "larmstrong", "pwd"));
try {
resource.get();
} catch (ResourceException e) {
}
resource.release();
assertEquals(Status.CLIENT_ERROR_FORBIDDEN, resource.getStatus());
stopServer();
} catch (Exception e) {
e.printStackTrace();
}
}
}