diff --git a/testsuite/integration-tests/src/test/java/org/jboss/resteasy/test/security/BasicAuthTest.java b/testsuite/integration-tests/src/test/java/org/jboss/resteasy/test/security/BasicAuthTest.java index 4fafd52ac69..1b73009bc1e 100644 --- a/testsuite/integration-tests/src/test/java/org/jboss/resteasy/test/security/BasicAuthTest.java +++ b/testsuite/integration-tests/src/test/java/org/jboss/resteasy/test/security/BasicAuthTest.java @@ -10,6 +10,8 @@ import org.jboss.arquillian.container.test.api.RunAsClient; import org.jboss.arquillian.junit.Arquillian; import org.jboss.as.arquillian.api.ServerSetup; +import org.jboss.resteasy.category.ExpectedFailing; +import org.jboss.resteasy.category.NotForForwardCompatibility; import org.jboss.resteasy.client.jaxrs.ResteasyClient; import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder; import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine; @@ -27,6 +29,7 @@ import org.junit.Assert; import org.junit.BeforeClass; import org.junit.Test; +import org.junit.experimental.categories.Category; import org.junit.runner.RunWith; import javax.ws.rs.NotAuthorizedException; @@ -226,4 +229,28 @@ public void testAccesForbiddenMessage() throws Exception { Assert.assertEquals(ACCESS_FORBIDDEN_MESSAGE, response.readEntity(String.class)); authorizedClient.close(); } + + /** + * @tpTestDetails Test Content-type when forbidden exception is raised, RESTEASY-1563 + * @tpSince RESTEasy 3.1.1 + */ + @Test + @Category({ExpectedFailing.class, NotForForwardCompatibility.class}) + public void testContentTypeWithForbiddenMessage() { + Response response = unauthorizedClient.target(generateURL("/secured/denyWithContentType")).request().get(); + Assert.assertEquals(HttpResponseCodes.SC_FORBIDDEN, response.getStatus()); + Assert.assertEquals("Incorrect Content-type header", "text/html;charset=UTF-8", response.getHeaderString("Content-type")); + Assert.assertEquals("Missing forbidden message in the response", ACCESS_FORBIDDEN_MESSAGE, response.readEntity(String.class)); + } + + /** + * @tpTestDetails Test Content-type when unauthorized exception is raised + * @tpSince RESTEasy 3.1.1 + */ + @Test + public void testContentTypeWithUnauthorizedMessage() { + Response response = noAutorizationClient.target(generateURL("/secured/denyWithContentType")).request().get(); + Assert.assertEquals(HttpResponseCodes.SC_UNAUTHORIZED, response.getStatus()); + Assert.assertEquals("Incorrect Content-type header", "text/html;charset=UTF-8", response.getHeaderString("Content-type")); + } } diff --git a/testsuite/integration-tests/src/test/java/org/jboss/resteasy/test/security/resource/BasicAuthBaseResource.java b/testsuite/integration-tests/src/test/java/org/jboss/resteasy/test/security/resource/BasicAuthBaseResource.java index 75872e11351..3dc49cd8ed0 100644 --- a/testsuite/integration-tests/src/test/java/org/jboss/resteasy/test/security/resource/BasicAuthBaseResource.java +++ b/testsuite/integration-tests/src/test/java/org/jboss/resteasy/test/security/resource/BasicAuthBaseResource.java @@ -6,6 +6,7 @@ import javax.annotation.security.RolesAllowed; import javax.ws.rs.GET; import javax.ws.rs.Path; +import javax.ws.rs.Produces; import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.Context; import javax.ws.rs.core.SecurityContext; @@ -45,4 +46,12 @@ public String getAuthorized() { public String deny() { return "SHOULD NOT BE REACHED"; } + + @GET + @Path("/denyWithContentType") + @Produces("application/xml") + @RolesAllowed("admin") + public String getWithContentType() { + return "string"; + } }