@Override protected void onSetUp(org.geoserver.data.test.SystemTestData testData) throws Exception { super.onSetUp(testData); LiveCasData td = (LiveCasData) getTestData(); casServerURLPrefix = td.getServerURLPrefix(); loginUrl = td.getLoginURL(); serviceUrl = td.getServiceURL(); proxyCallbackUrlPrefix = td.getProxyCallbackURLPrefix(); if (httpsServer == null) httpsServer = createAndStartHttpsServer(); }
protected HttpsServer createAndStartHttpsServer() throws Exception { HttpsServer httpsServer = ((LiveCasData) getTestData()).createSSLServer(); URL callbackUrl = new URL( GeoServerCasConstants.createProxyCallBackURl(proxyCallbackUrlPrefix.toString())); httpsServer.createContext(callbackUrl.getPath(), new HttpsProxyCallBackHandler()); httpsServer.createContext(createRequest("/j_spring_cas_security_check").getRequestURI(), new SingleSignOutHandler("/j_spring_cas_security_check")); httpsServer.createContext(createRequest("/wms").getRequestURI(), new SingleSignOutHandler( "/wms")); httpsServer.start(); return httpsServer; }
protected String loginUsingTicket(CasFormAuthenticationHelper helper, MockHttpServletRequest request, MockHttpServletResponse response,MockFilterChain chain) throws Exception { String ticket = helper.getServiceTicket(new URL(request.getRequestURL().toString())); request.setQueryString("ticket=" + ticket); request.setupAddParameter("ticket", ticket); getProxy().doFilter(request, response, chain); return ticket; }
pconfig1.setUserGroupServiceName("ug1"); pconfig1.setSingleSignOut(true); getSecurityManager().saveFilter(pconfig1); prepareFilterChain(ServiceLoginFilterChain.class ,pattern,casProxyFilterName); MockHttpServletRequest request = createRequest("wms"); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); request.setQueryString("ticket=ST-blabla"); request.setHeader(GeoServerCasAuthenticationEntryPoint.CAS_REDIRECT, "false"); getProxy().doFilter(request, response, chain); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode()); getCache().removeAll(); String username = "castest"; CasFormAuthenticationHelper helper = new CasFormAuthenticationHelper(casServerURLPrefix, request = createRequest("wms"); request.setQueryString("request=getCapabilities"); request.setHeader(GeoServerCasAuthenticationEntryPoint.CAS_REDIRECT, "false"); chain = new MockFilterChain(); request.setupAddParameter("ticket", ticket); getProxy().doFilter(request, response, chain); assertEquals(HttpServletResponse.SC_OK, response.getErrorCode()); TestingAuthenticationCache cache = getCache(); Authentication casAuth = cache.get(casProxyFilterName, username);
getSecurityManager().saveFilter(config); prepareFilterChain(pattern,casFilterName); modifyChain(pattern, false, true, null); MockHttpServletRequest request = createRequest("/foo/bar"); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); getProxy().doFilter(request, response, chain); request = createRequest("/foo/bar"); response = new MockHttpServletResponse(); chain = new MockFilterChain(); String ticket =loginUsingTicket(helper, request, response, chain); assertEquals(HttpServletResponse.SC_OK, response.getErrorCode()); assertFalse(response.wasRedirectSent()); assertNotNull(auth); assertNull(SecurityContextHolder.getContext().getAuthentication()); checkForAuthenticatedRole(auth); assertEquals(username, auth.getPrincipal()); assertTrue(auth.getAuthorities().contains(new GeoServerRole(rootRole))); helper = new CasFormAuthenticationHelper(casServerURLPrefix, username, password); helper.ssoLogin(); request = createRequest("/foo/bar"); response = new MockHttpServletResponse(); chain = new MockFilterChain(); ticket =loginUsingTicket(helper, request, response, chain);
(LogoutFilterChain) getSecurityManager().getSecurityConfig().getFilterChain().getRequestChainByName("webLogout"); config.setUserGroupServiceName("ug1"); config.setSingleSignOut(true); getSecurityManager().saveFilter(config); prepareFilterChain(pattern,casFilterName); modifyChain(pattern, false, true, null); getCache().removeAll(); MockHttpServletRequest request = createRequest(pattern); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); loginUsingTicket(helper, request, response, chain); assertEquals(HttpServletResponse.SC_OK, response.getErrorCode()); assertFalse(response.wasRedirectSent()); request = createRequest(logoutchain.getPatterns().get(0)); (GeoServerLogoutFilter) getSecurityManager().loadFilter(GeoServerSecurityFilterChain.FORM_LOGOUT_FILTER); logoutFilter.doFilter(request, response, chain); assertEquals(HttpServletResponse.SC_OK, response.getErrorCode()); request = createRequest(pattern); response = new MockHttpServletResponse(); chain = new MockFilterChain(); String ticket = loginUsingTicket(helper, request, response, chain); assertEquals(HttpServletResponse.SC_OK, response.getErrorCode());
@Before public void checkOnline() { Assume.assumeTrue(getTestData().isTestDataAvailable()); }
pconfig1.setRoleSource(RoleSource.UserGroupService); pconfig1.setUserGroupServiceName("ug1"); getSecurityManager().saveFilter(pconfig1); prepareFilterChain(ServiceLoginFilterChain.class ,pattern,casProxyFilterName); MockHttpServletRequest request = createRequest("wms"); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); request.setQueryString("ticket=ST-blabla"); request.setHeader(GeoServerCasAuthenticationEntryPoint.CAS_REDIRECT, "false"); getProxy().doFilter(request, response, chain); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode()); request = createRequest("wms"); response = new MockHttpServletResponse(); chain = new MockFilterChain(); request.setupAddParameter(GeoServerCasAuthenticationEntryPoint.CAS_REDIRECT, "false"); request.setQueryString("ticket=ST-blabla&"+GeoServerCasAuthenticationEntryPoint.CAS_REDIRECT+"=false"); getProxy().doFilter(request, response, chain); assertEquals(HttpServletResponse.SC_UNAUTHORIZED, response.getErrorCode()); getCache().removeAll(); String username = "castest"; CasFormAuthenticationHelper helper = new CasFormAuthenticationHelper(casServerURLPrefix, username, username); Assertion ass = authenticateWithPGT(helper);