it.geosolutions.geostore.services.rest.SecurityTest.java Source code

Java tutorial

Introduction

Here is the source code for it.geosolutions.geostore.services.rest.SecurityTest.java

Source

/*
 *    GeoTools - The Open Source Java GIS Toolkit
 *    http://geotools.org
 *
 *    (C) 2002-2011, Open Source Geospatial Foundation (OSGeo)
 *
 *    This library is free software; you can redistribute it and/or
 *    modify it under the terms of the GNU Lesser General Public
 *    License as published by the Free Software Foundation;
 *    version 2.1 of the License.
 *
 *    This library is distributed in the hope that it will be useful,
 *    but WITHOUT ANY WARRANTY; without even the implied warranty of
 *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *    Lesser General Public License for more details.
 */
package it.geosolutions.geostore.services.rest;

import java.io.IOException;
import java.net.DatagramSocket;
import java.net.ServerSocket;

import it.geosolutions.geostore.core.model.User;
import it.geosolutions.geostore.services.rest.impl.RESTCategoryServiceImpl;

import javax.ws.rs.core.Response;

import org.apache.cxf.endpoint.Server;
import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
import org.apache.cxf.jaxrs.client.JAXRSClientFactory;
import org.apache.cxf.jaxrs.client.WebClient;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;

/**
 * @author Alessio
 * 
 */
public class SecurityTest extends BaseAuthenticationTest {

    private final static String ENDPOINT_ADDRESS = "http://localhost:9000/rest/categories";

    private final static String WADL_ADDRESS = ENDPOINT_ADDRESS + "?_wadl&_type=xml";

    private boolean serverStarted = false;

    @Override
    protected void setUp() throws Exception {

        if (!portIsBusy("localhost", 33389) && !portIsBusy("localhost", 9000)) {
            try {
                super.setUp();
                serverStarted = true;
            } catch (Exception e) {

            }
        }
    }

    /**
     * Checks if a network host / port is already occupied.
     * 
     * @param host
     * @param port
     * @return
     */
    private static boolean portIsBusy(String host, int port) {
        ServerSocket ss = null;
        DatagramSocket ds = null;
        try {
            ss = new ServerSocket(port);
            ss.setReuseAddress(true);
            ds = new DatagramSocket(port);
            ds.setReuseAddress(true);
            return false;
        } catch (IOException e) {
        } finally {
            if (ds != null) {
                ds.close();
            }
            if (ss != null) {
                try {
                    ss.close();
                } catch (IOException e) {
                    /* should not be thrown */
                }
            }
        }
        return true;
    }

    @Override
    protected void tearDown() throws Exception {
        super.tearDown();
    }

    @Test
    public void testSuite() {
        if (serverStarted) {
            springAuthenticationTest();
            webClientAccessTest();
            proxyAccessTest();
        }
    }

    protected void springAuthenticationTest() {
        doAutoLogin("admin", "admin", null);

        assertNotNull(SecurityContextHolder.getContext());
        assertNotNull(SecurityContextHolder.getContext().getAuthentication());

        final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        authentication.getName();

        assertEquals("admin", authentication.getCredentials());

        Object principal = authentication.getPrincipal();
        assertNotNull(principal);

        if (principal instanceof User) {
            User user = (User) principal;

            assertEquals("admin", user.getName());
        } else if (principal instanceof LdapUserDetailsImpl) {
            LdapUserDetailsImpl userDetails = (LdapUserDetailsImpl) principal;

            assertEquals("uid=admin,ou=people,dc=geosolutions,dc=it", userDetails.getDn());
        }

        assertEquals(authentication.getAuthorities().size(), 1);

        for (GrantedAuthority authority : authentication.getAuthorities()) {
            assertEquals("ROLE_ADMIN", authority.getAuthority());
        }

    }

    // protected void testHTTPClientAccess() {
    // final String user = "admin";
    // final String password = "admin";
    // int expectedStatus = 200;
    //
    // GetMethod get = new GetMethod(ENDPOINT_ADDRESS);
    // get.setRequestHeader("Accept", "application/xml");
    // get.setRequestHeader("Authorization", "Basic " + base64Encode(user + ":" + password));
    // HttpClient httpClient = new HttpClient();
    // try {
    // int result = httpClient.executeMethod(get);
    // assertEquals(expectedStatus, result);
    // if (expectedStatus == 200) {
    // String content = getStringFromInputStream(get.getResponseBodyAsStream());
    // String resource = "/org/apache/cxf/systest/jaxrs/resources/expected_get_book123.txt";
    // InputStream expected = getClass().getResourceAsStream(resource);
    // assertEquals("Expected value is wrong", getStringFromInputStream(expected), content);
    // }
    // } catch (HttpException e) {
    // LOGGER.error(e.getMessage(), e);
    // } catch (IOException e) {
    // LOGGER.error(e.getMessage(), e);
    // } catch (Exception e) {
    // LOGGER.error(e.getMessage(), e);
    // } finally {
    // get.releaseConnection();
    // }
    //
    // }

    protected void webClientAccessTest() {
        WebClient client = WebClient.create(ENDPOINT_ADDRESS, "admin", "admin", null);
        client.accept("application/json");
        client.path("category/1");

        assertNotNull(client);

        // RESTCategory category = client.get(RESTCategory.class);
        // System.out.println(category.getName());
    }

    protected void proxyAccessTest() {
        doAutoLogin("admin", "admin", null);
        RESTCategoryServiceImpl client = JAXRSClientFactory.create(ENDPOINT_ADDRESS, RESTCategoryServiceImpl.class);

        assertNotNull(client);

        // SecurityContext sc = null;
        // client.get(sc, 1L);
    }
}