List of usage examples for org.springframework.mock.web MockHttpServletRequest getSession
@Override
@Nullable
public HttpSession getSession(boolean create)
From source file:org.springframework.test.web.servlet.htmlunit.HtmlUnitRequestBuilderTests.java
@Test public void buildRequestSessionFalseWithExistingSession() throws Exception { String sessionId = "session-id"; webRequest.setAdditionalHeader("Cookie", "JSESSIONID=" + sessionId); MockHttpServletRequest actualRequest = requestBuilder.buildRequest(servletContext); HttpSession session = actualRequest.getSession(false); assertThat(session, notNullValue()); }
From source file:fr.paris.lutece.portal.web.user.AdminUserJspBeanTest.java
public void testGetCreateAdminUserTEMPLATE_DEFAULT_CREATE_USER() throws PasswordResetException, AccessDeniedException { AdminUserJspBean bean = new AdminUserJspBean(); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession(true).setAttribute("lutece_admin_user", getLevel1AdminUserWithCORE_USERS_MANAGEMENTRight()); bean.init(request, "CORE_USERS_MANAGEMENT"); bean.getCreateAdminUser(request); // should not throw }
From source file:fr.paris.lutece.portal.web.user.AdminUserJspBeanTest.java
public void testGetModifyUserPasswordNoRight() throws AccessDeniedException, UserNotSignedException { AdminUserJspBean bean = new AdminUserJspBean(); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession(true).setAttribute("lutece_admin_user", AdminUserHome.findUserByLogin("lutece")); request.setParameter("id_user", Integer.toString(1)); try {/* ww w . jav a2 s . com*/ bean.getModifyUserPassword(request); fail("Should have thrown"); } catch (AccessDeniedException e) { // OK } }
From source file:fr.paris.lutece.portal.web.user.AdminUserJspBeanTest.java
public void testDoModifyAdminUserPasswordNoRight() { AdminUserJspBean bean = new AdminUserJspBean(); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession(true).setAttribute("lutece_admin_user", AdminUserHome.findUserByLogin("lutece")); request.setParameter("id_user", Integer.toString(1)); try {/*from www .j a va 2s . c o m*/ bean.doModifyAdminUserPassword(request); fail("Should have thrown"); } catch (AccessDeniedException e) { // OK } }
From source file:fr.paris.lutece.portal.web.user.AdminUserJspBeanTest.java
public void testDoModifyAdminUser() throws AccessDeniedException, UserNotSignedException { AdminUser userToModify = getUserToModify(); try {/* www. j ava2 s . com*/ AdminUserJspBean bean = new AdminUserJspBean(); MockHttpServletRequest request = new MockHttpServletRequest(); request.getSession(true).setAttribute("lutece_admin_user", getLevel1AdminUserWithCORE_USERS_MANAGEMENTRight()); request.addParameter("id_user", Integer.toString(userToModify.getUserId())); try { bean.doModifyAdminUser(request); fail("Should not be able to modify a user with a lower level"); } catch (AccessDeniedException e) { } request = new MockHttpServletRequest(); AdminAuthenticationService.getInstance().registerUser(request, AdminUserHome.findUserByLogin("admin")); request.addParameter("id_user", Integer.toString(userToModify.getUserId())); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/ModifyUser.jsp")); bean.doModifyAdminUser(request); AdminMessage message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); final String modifiedName = userToModify.getAccessCode() + "_mod"; request = new MockHttpServletRequest(); AdminAuthenticationService.getInstance().registerUser(request, AdminUserHome.findUserByLogin("admin")); request.addParameter("id_user", Integer.toString(userToModify.getUserId())); request.addParameter("access_code", modifiedName); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/ModifyUser.jsp")); bean.doModifyAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); AdminAuthenticationService.getInstance().registerUser(request, AdminUserHome.findUserByLogin("admin")); request.addParameter("id_user", Integer.toString(userToModify.getUserId())); request.addParameter("access_code", modifiedName); request.addParameter("last_name", modifiedName); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/ModifyUser.jsp")); bean.doModifyAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); AdminAuthenticationService.getInstance().registerUser(request, AdminUserHome.findUserByLogin("admin")); request.addParameter("id_user", Integer.toString(userToModify.getUserId())); request.addParameter("access_code", modifiedName); request.addParameter("last_name", modifiedName); request.addParameter("first_name", modifiedName); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/ModifyUser.jsp")); bean.doModifyAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); AdminAuthenticationService.getInstance().registerUser(request, AdminUserHome.findUserByLogin("admin")); request.addParameter("id_user", Integer.toString(userToModify.getUserId())); request.addParameter("access_code", modifiedName); request.addParameter("last_name", modifiedName); request.addParameter("first_name", modifiedName); request.addParameter("email", " "); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/ModifyUser.jsp")); bean.doModifyAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); AdminAuthenticationService.getInstance().registerUser(request, AdminUserHome.findUserByLogin("admin")); request.addParameter("id_user", Integer.toString(userToModify.getUserId())); request.addParameter("access_code", "admin"); request.addParameter("last_name", modifiedName); request.addParameter("first_name", modifiedName); request.addParameter("email", modifiedName + "@lutece.fr"); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/ModifyUser.jsp")); bean.doModifyAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString("portal.users.message.user.accessCodeAlreadyUsed", Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); AdminAuthenticationService.getInstance().registerUser(request, AdminUserHome.findUserByLogin("admin")); request.addParameter("id_user", Integer.toString(userToModify.getUserId())); request.addParameter("access_code", modifiedName); request.addParameter("last_name", modifiedName); request.addParameter("first_name", modifiedName); request.addParameter("email", "admin@lutece.fr"); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/ModifyUser.jsp")); bean.doModifyAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString("portal.users.message.user.accessEmailUsed", Locale.FRENCH), message.getText(Locale.FRENCH)); } finally { disposeOfUser(userToModify); } }
From source file:fr.paris.lutece.portal.web.user.AdminUserJspBeanTest.java
public void testDoCreateAdminUserNoToken() throws PasswordResetException, AccessDeniedException, UserNotSignedException { AdminUserJspBean bean = new AdminUserJspBean(); MockHttpServletRequest request = new MockHttpServletRequest(); String randomUserName = "User_" + new SecureRandom().nextLong(); try {//from w w w .java 2 s. c om request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", randomUserName + "@lutece.fr"); request.addParameter("user_level", "0"); request.addParameter("first_password", randomUserName); request.addParameter("second_password", randomUserName); request.addParameter("status", Integer.toString(AdminUser.ACTIVE_CODE)); // NPE if absent request.addParameter("language", "fr"); // NPE if absent request.getSession(true).setAttribute("lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight()); bean.init(request, "CORE_USERS_MANAGEMENT"); bean.doCreateAdminUser(request); fail("Should have thrown"); } catch (AccessDeniedException e) { AdminMessage message = AdminMessageService.getMessage(request); assertNull(message); AdminUser createdUser = AdminUserHome.findUserByLogin(randomUserName); assertNull(createdUser); } finally { AdminUser user = AdminUserHome.findUserByLogin(randomUserName); if (user != null) { AdminUserHome.remove(user.getUserId()); } } }
From source file:fr.paris.lutece.portal.web.user.AdminUserJspBeanTest.java
public void testDoCreateAdminUserInvalidToken() throws PasswordResetException, AccessDeniedException, UserNotSignedException { AdminUserJspBean bean = new AdminUserJspBean(); MockHttpServletRequest request = new MockHttpServletRequest(); String randomUserName = "User_" + new SecureRandom().nextLong(); try {// w w w . j a v a 2s . c om request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", randomUserName + "@lutece.fr"); request.addParameter("user_level", "0"); request.addParameter("first_password", randomUserName); request.addParameter("second_password", randomUserName); request.addParameter("status", Integer.toString(AdminUser.ACTIVE_CODE)); // NPE if absent request.addParameter("language", "fr"); // NPE if absent request.getSession(true).setAttribute("lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight()); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp") + "b"); bean.init(request, "CORE_USERS_MANAGEMENT"); bean.doCreateAdminUser(request); fail("Should have thrown"); } catch (AccessDeniedException e) { AdminMessage message = AdminMessageService.getMessage(request); assertNull(message); AdminUser createdUser = AdminUserHome.findUserByLogin(randomUserName); assertNull(createdUser); } finally { AdminUser user = AdminUserHome.findUserByLogin(randomUserName); if (user != null) { AdminUserHome.remove(user.getUserId()); } } }
From source file:fr.paris.lutece.portal.web.user.AdminUserJspBeanTest.java
public void testDoCreateAdminUser() throws PasswordResetException, AccessDeniedException, UserNotSignedException { AdminUserJspBean bean = new AdminUserJspBean(); MockHttpServletRequest request = new MockHttpServletRequest(); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.doCreateAdminUser(request);/*from w w w.jav a 2s . c om*/ AdminMessage message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); String randomUserName = "User_" + new SecureRandom().nextLong(); try { request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", " "); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", "admin"); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", randomUserName + "@lutece.fr"); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString("portal.users.message.user.accessCodeAlreadyUsed", Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", "admin@lutece.fr"); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString("portal.users.message.user.accessEmailUsed", Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", randomUserName + "@lutece.fr"); request.addParameter("user_level", "0"); request.getSession(true).setAttribute("lutece_admin_user", getLevel1AdminUserWithCORE_USERS_MANAGEMENTRight()); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.init(request, "CORE_USERS_MANAGEMENT"); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.USER_ACCESS_DENIED, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", randomUserName + "@lutece.fr"); request.addParameter("user_level", "0"); request.getSession(true).setAttribute("lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight()); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.init(request, "CORE_USERS_MANAGEMENT"); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString(Messages.MANDATORY_FIELDS, Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", randomUserName + "@lutece.fr"); request.addParameter("user_level", "0"); request.addParameter("first_password", randomUserName); request.getSession(true).setAttribute("lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight()); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.init(request, "CORE_USERS_MANAGEMENT"); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString("portal.users.message.differentsPassword", Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", randomUserName + "@lutece.fr"); request.addParameter("user_level", "0"); request.addParameter("first_password", randomUserName); request.getSession(true).setAttribute("lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight()); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.init(request, "CORE_USERS_MANAGEMENT"); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNotNull(message); assertEquals(I18nService.getLocalizedString("portal.users.message.differentsPassword", Locale.FRENCH), message.getText(Locale.FRENCH)); request = new MockHttpServletRequest(); request.addParameter("access_code", randomUserName); request.addParameter("last_name", randomUserName); request.addParameter("first_name", randomUserName); request.addParameter("email", randomUserName + "@lutece.fr"); request.addParameter("user_level", "0"); request.addParameter("first_password", randomUserName); request.addParameter("second_password", randomUserName); request.addParameter("status", Integer.toString(AdminUser.ACTIVE_CODE)); // NPE if absent request.addParameter("language", "fr"); // NPE if absent request.getSession(true).setAttribute("lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight()); request.setParameter(SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance().getToken(request, "jsp/admin/user/CreateUser.jsp")); bean.init(request, "CORE_USERS_MANAGEMENT"); bean.doCreateAdminUser(request); message = AdminMessageService.getMessage(request); assertNull(message); AdminUser createdUser = AdminUserHome.findUserByLogin(randomUserName); assertNotNull(createdUser); LuteceDefaultAdminUser createdUserWithPassword = AdminUserHome .findLuteceDefaultAdminUserByPrimaryKey(createdUser.getUserId()); assertNotNull(createdUserWithPassword); assertTrue(createdUserWithPassword.getPassword().check(randomUserName)); } finally { AdminUser user = AdminUserHome.findUserByLogin(randomUserName); if (user != null) { AdminUserHome.remove(user.getUserId()); } } }
From source file:org.apache.archiva.webdav.RepositoryServletSecurityTest.java
@Test public void testPutWithValidUserWithNoWriteAccess() throws Exception { servlet.setDavSessionProvider(davSessionProvider); ArchivaDavResourceFactory archivaDavResourceFactory = (ArchivaDavResourceFactory) servlet .getResourceFactory();// ww w . j a v a 2 s. c om archivaDavResourceFactory.setHttpAuth(httpAuth); archivaDavResourceFactory.setServletAuth(servletAuth); servlet.setResourceFactory(archivaDavResourceFactory); AuthenticationResult result = new AuthenticationResult(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), anyObject(AuthenticationResult.class))).andReturn(true); // ArchivaDavResourceFactory#isAuthorized() SecuritySession session = new DefaultSecuritySession(); EasyMock.expect(httpAuth.getAuthenticationResult(anyObject(HttpServletRequest.class), anyObject(HttpServletResponse.class))).andReturn(result); MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(); EasyMock.expect(httpAuth.getSecuritySession(mockHttpServletRequest.getSession(true))).andReturn(session); EasyMock.expect(httpAuth.getSessionUser(mockHttpServletRequest.getSession())).andReturn(new SimpleUser()); EasyMock.expect(servletAuth.isAuthenticated(anyObject(HttpServletRequest.class), eq(result))) .andReturn(true); EasyMock.expect(servletAuth.isAuthorized(anyObject(HttpServletRequest.class), eq(session), eq("internal"), eq(ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD))) .andThrow(new UnauthorizedException("User not authorized")); httpAuthControl.replay(); servletAuthControl.replay(); InputStream is = getClass().getResourceAsStream("/artifact.jar"); assertNotNull("artifact.jar inputstream", is); mockHttpServletRequest.addHeader("User-Agent", "foo"); mockHttpServletRequest.setMethod("PUT"); mockHttpServletRequest.setRequestURI("/repository/internal/path/to/artifact.jar"); mockHttpServletRequest.setContent(IOUtils.toByteArray(is)); mockHttpServletRequest.setContentType("application/octet-stream"); MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse(); servlet.service(mockHttpServletRequest, mockHttpServletResponse); httpAuthControl.verify(); servletAuthControl.verify(); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, mockHttpServletResponse.getStatus()); }
From source file:org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilterTests.java
/** * SEC-571/* w w w . ja v a2 s.co m*/ */ @Test public void testNoSessionIsCreatedIfAllowSessionCreationIsFalse() throws Exception { MockHttpServletRequest request = createMockAuthenticationRequest(); MockFilterConfig config = new MockFilterConfig(null, null); MockFilterChain chain = new MockFilterChain(true); MockHttpServletResponse response = new MockHttpServletResponse(); // Reject authentication, so exception would normally be stored in session MockAuthenticationFilter filter = new MockAuthenticationFilter(false); failureHandler.setAllowSessionCreation(false); filter.setAuthenticationFailureHandler(failureHandler); filter.doFilter(request, response, chain); assertThat(request.getSession(false)).isNull(); }