SymmetricForbiddenFilterTest xref

View Javadoc

1   /*
2    * SymmetricDS is an open source database synchronization solution.
3    *   
4    * Copyright (C) Keith Naas <knaas@users.sourceforge.net>
5    *
6    * This library is free software; you can redistribute it and/or
7    * modify it under the terms of the GNU Lesser General Public
8    * License as published by the Free Software Foundation; either
9    * version 3 of the License, or (at your option) any later version.
10   *
11   * This library is distributed in the hope that it will be useful,
12   * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14   * Lesser General Public License for more details.
15   *
16   * You should have received a copy of the GNU Lesser General Public
17   * License along with this library; if not, see
18   * <http://www.gnu.org/licenses/>.
19   */
20  
21  package org.jumpmind.symmetric.web;
22  
23  import java.util.Arrays;
24  import java.util.Collection;
25  import java.util.HashMap;
26  import java.util.Map;
27  
28  import javax.servlet.http.HttpServletResponse;
29  
30  import org.jumpmind.symmetric.test.TestSetupUtil;
31  import org.junit.Assert;
32  import org.junit.Test;
33  import org.junit.runner.RunWith;
34  import org.junit.runners.Parameterized;
35  import org.junit.runners.Parameterized.Parameters;
36  import org.springframework.mock.web.MockFilterChain;
37  import org.springframework.mock.web.MockFilterConfig;
38  import org.springframework.mock.web.MockHttpServletRequest;
39  import org.springframework.mock.web.MockHttpServletResponse;
40  
41  /***
42   * This simply makes sure the SymmetricFilter is setup correctly.
43   */
44  @RunWith(Parameterized.class)
45  public class SymmetricForbiddenFilterTest extends AbstractSymmetricFilterTest {
46  
47  
48      public SymmetricForbiddenFilterTest(String method, String uri, Map<String, String> parameters) throws Exception {
49          super(method, uri, parameters);
50      }
51  
52      @Parameters
53      public static Collection<Object[]> authenticationFilterForbiddenParams() {
54          final Map<String, String> emptyAuthentication = new HashMap<String, String>();
55          emptyAuthentication.put(WebConstants.SECURITY_TOKEN, "");
56          emptyAuthentication.put(WebConstants.NODE_ID, "");
57  
58          return Arrays.asList(new Object[][] { { "GET", "/ack", null }, { "GET", "/ack/", null },
59                  { "GET", "/ack/more", null }, { "GET", "/ack?name=value", null },
60                  { "GET", "/ack?name=value&name=value", null },
61                  { "GET", String.format("/ack?%s=1&%s=2", WebConstants.SECURITY_TOKEN, WebConstants.NODE_ID), null },
62                  { "GET", "/ack", emptyAuthentication }, { "PUT", "/ack", null }, { "POST", "/ack", null },
63                  { "DELETE", "/ack", null }, { "TRACE", "/ack", null }, { "OPTIONS", "/ack", null },
64                  { "HEAD", "/ack", null }, { "GET", "/pull", null }, { "GET", "/pull/", null },
65                  { "GET", "/pull/more", null }, { "GET", "/pull?name=value", null },
66                  { "GET", "/pull?name=value&name=value", null },
67                  { "GET", String.format("/pull?%s=1&%s=2", WebConstants.SECURITY_TOKEN, WebConstants.NODE_ID), null },
68                  { "GET", "/pull", emptyAuthentication }, { "PUT", "/pull", null }, { "POST", "/pull", null },
69                  { "DELETE", "/pull", null }, { "TRACE", "/pull", null }, { "OPTIONS", "/pull", null },
70                  { "HEAD", "/pull", null }, { "GET", "/push", null }, { "GET", "/push/", null },
71                  { "GET", "/push/more", null }, { "GET", "/push?name=value", null },
72                  { "GET", "/push?name=value&name=value", null },
73                  { "GET", String.format("/push?%s=1&%s=2", WebConstants.SECURITY_TOKEN, WebConstants.NODE_ID), null },
74                  { "GET", "/push", emptyAuthentication }, { "PUT", "/push", null }, { "POST", "/push", null },
75                  { "DELETE", "/push", null }, { "TRACE", "/push", null }, { "OPTIONS", "/push", null },
76                  { "HEAD", "/push", null }, });
77      }
78  
79      @Test
80      public void testAuthenticationFilterForbidden()
81              throws Exception {
82          final SymmetricFilter filter = new SymmetricFilter();
83          filter.init(new MockFilterConfig(servletContext));
84          final MockHttpServletRequest request = TestSetupUtil.createMockHttpServletRequest(servletContext, method, uri, parameters);
85          final MockHttpServletResponse response = new MockHttpServletResponse();
86          filter.doFilter(request, response, new MockFilterChain());
87          Assert.assertEquals(response.getStatus(), HttpServletResponse.SC_FORBIDDEN);
88          filter.destroy();
89      }
90  
91  }