SLING-1401 - AuthRequestLoginTest added
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk@912555 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthRequestLoginTest.java b/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthRequestLoginTest.java
new file mode 100644
index 0000000..46daaf9
--- /dev/null
+++ b/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/login/AuthRequestLoginTest.java
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.launchpad.webapp.integrationtest.login;
+
+import java.net.URL;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.httpclient.Credentials;
+import org.apache.commons.httpclient.UsernamePasswordCredentials;
+import org.apache.commons.httpclient.auth.AuthScope;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.sling.commons.testing.integration.HttpTestBase;
+
+/** Verify that the sling:authRequestLogin parameter forces login */
+public class AuthRequestLoginTest extends HttpTestBase {
+ private final static String SESSION_INFO_PATH = "/system/sling/info.sessionInfo.json";
+
+ public void testForcedLogin() throws Exception {
+ // disable credentials -> anonymous session
+ final URL url = new URL(HTTP_BASE_URL);
+ final AuthScope scope = new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM);
+ httpClient.getParams().setAuthenticationPreemptive(false);
+ httpClient.getState().setCredentials(scope, null);
+ {
+ final String content = getContent(HTTP_BASE_URL + SESSION_INFO_PATH, CONTENT_TYPE_JSON);
+ assertJavascript("anonymous", content, "out.println(data.userID)");
+ }
+
+ // root must return 20x or 30x
+ final GetMethod get = new GetMethod(HTTP_BASE_URL + "/");
+ final int status = httpClient.executeMethod(get);
+ final int status10 = status / 10;
+ if(status10 != 20 && status10 != 30) {
+ fail("Expected 20x or 30x status, got " + status);
+ }
+
+ // root with sling:authRequestLogin=true must return 401
+ assertHttpStatus(HTTP_BASE_URL + "/?sling:authRequestLogin=true", HttpServletResponse.SC_UNAUTHORIZED);
+
+ // re-enable credentials -> admin session
+ httpClient.getParams().setAuthenticationPreemptive(true);
+ Credentials defaultcreds = new UsernamePasswordCredentials("admin", "admin");
+ httpClient.getState().setCredentials(scope, defaultcreds);
+ {
+ final String content = getContent(HTTP_BASE_URL + SESSION_INFO_PATH, CONTENT_TYPE_JSON);
+ assertJavascript("admin", content, "out.println(data.userID)");
+ }
+ }
+
+}
