TestDefaultAuthenticatorSessionEstablishment xref


1   package com.atlassian.seraph.auth;
2   
3   import com.atlassian.seraph.config.SecurityConfig;
4   import com.atlassian.seraph.filter.MockSecurityConfig;
5   import junit.framework.TestCase;
6   import mock.MockHttpRequest;
7   import mock.MockHttpResponse;
8   import mock.MockPrincipal;
9   
10  import javax.servlet.http.HttpServletRequest;
11  import java.security.Principal;
12  
13  /**
14   */
15  public class TestDefaultAuthenticatorSessionEstablishment extends TestCase
16  {
17  
18      private MockPrincipal principalFred;
19      private MockPrincipal principalBill;
20      private MockSession httpSession;
21      private MockHttpRequest httpRequest;
22      private MockHttpResponse httpResponse;
23  
24      protected void setUp() throws Exception
25      {
26          super.setUp();
27          principalFred = new MockPrincipal("fred");
28          principalBill = new MockPrincipal("bill");
29          httpSession = new MockSession(false);
30          httpRequest = new MockHttpRequest(httpSession);
31          httpResponse = new MockHttpResponse();
32      }
33  
34      public void testSessionContext_NeedsTearDown_NoOneInSession()
35      {
36          StubAuthenticator authenticator = new StubAuthenticator(new StubSecurityConfig());
37          authenticator.authoriseUserAndEstablishSession(httpRequest, httpResponse, principalFred);
38  
39          assertEquals(1, httpSession.getInvalidateCount());
40      }
41  
42      public void testSessionContext_NeedsTearDown_DifferentPrincipalInSession()
43      {
44          httpSession.setAttribute(DefaultAuthenticator.LOGGED_IN_KEY, principalBill);
45  
46          StubAuthenticator authenticator = new StubAuthenticator(new StubSecurityConfig());
47          authenticator.authoriseUserAndEstablishSession(httpRequest, httpResponse, principalFred);
48  
49          assertEquals(1, httpSession.getInvalidateCount());
50      }
51  
52      public void testSessionContext_DoesNotNeedTearDown_PrincipalInSession()
53      {
54          MockPrincipal principalOtherFred = new MockPrincipal("fred");
55          httpSession.setAttribute(DefaultAuthenticator.LOGGED_IN_KEY, principalOtherFred);
56  
57          StubAuthenticator authenticator = new StubAuthenticator(new StubSecurityConfig());
58          authenticator.authoriseUserAndEstablishSession(httpRequest, httpResponse, principalFred);
59  
60          assertEquals(0, httpSession.getInvalidateCount());
61      }
62  
63      private static class StubAuthenticator extends DefaultAuthenticator
64      {
65          SecurityConfig securityConfig;
66  
67          private StubAuthenticator(SecurityConfig securityConfig)
68          {
69              this.securityConfig = securityConfig;
70          }
71  
72          @Override
73          protected boolean isAuthorised(HttpServletRequest httpServletRequest, Principal principal)
74          {
75              return true;
76          }
77  
78          @Override
79          protected SecurityConfig getConfig()
80          {
81              return securityConfig;
82          }
83  
84          @Override
85          protected Principal getUser(String username)
86          {
87              return null;
88          }
89  
90          @Override
91          protected boolean authenticate(Principal user, String password) throws AuthenticatorException
92          {
93              return false;
94          }
95      }
96  
97      private static class StubSecurityConfig extends MockSecurityConfig
98      {
99          @Override
100         public boolean isInvalidateSessionOnLogin()
101         {
102             return true;
103         }
104     }
105 
106 }