/** * On GET, present a login form if the user isn't authenticated. */ @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { // If the user is already logged in, we'll try to redirect them immediately. resp.setCharacterEncoding("UTF-8"); req.setCharacterEncoding("UTF-8"); HttpSession session = req.getSession(false); ParticipantId user = sessionManager.getLoggedInUser(session); if (user != null) { redirectLoggedInUser(req, resp); } else { if (isClientAuthEnabled && !failedClientAuth) { X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate"); if (certs != null) { doPost(req, resp); } } if (!isLoginPageDisabled) { resp.setStatus(HttpServletResponse.SC_OK); } else { resp.setStatus(HttpServletResponse.SC_FORBIDDEN); } resp.setContentType("text/html;charset=utf-8"); AuthenticationPage.write(resp.getWriter(), new GxpContext(req.getLocale()), domain, "", RESPONSE_STATUS_NONE, isLoginPageDisabled, analyticsAccount); } }
private void attemptLogin(String address, String password, boolean expectSuccess) throws IOException { // The query string is escaped. PercentEscaper escaper = new PercentEscaper(PercentEscaper.SAFECHARS_URLENCODER, true); String data = "address=" + escaper.escape(address) + "&" + "password=" + escaper.escape(password); Reader reader = new StringReader(data); when(req.getReader()).thenReturn(new BufferedReader(reader)); PrintWriter writer = mock(PrintWriter.class); when(resp.getWriter()).thenReturn(writer); when(req.getSession(false)).thenReturn(null); when(req.getSession(true)).thenReturn(session); when(req.getLocale()).thenReturn(Locale.ENGLISH); // Servlet control flow forces us to set these return values first and // verify the logged in user was set afterwards. if (expectSuccess) { when(manager.getLoggedInUser(Mockito.any())).thenReturn(USER); when(session.getAttribute("user")).thenReturn(USER); } servlet.doPost(req, resp); if (expectSuccess) { verify(manager).setLoggedInUser(session, USER); } } }
servlet.doPost(req, resp); if (expectSuccess) { if (participant.isAnonymous())