From 500252c6995e68934501748520097d5bdad1cb71 Mon Sep 17 00:00:00 2001 From: bdemers Date: Tue, 25 Oct 2011 15:13:09 -0400 Subject: [PATCH] NEXUS-4257, add a test to verify sessions are handled the same way for the anonymous user as normal users. --- .../Nexus4257CookieVerificationIT.java | 65 ++++++++++++++++++- 1 file changed, 63 insertions(+), 2 deletions(-) diff --git a/nexus/nexus-test-harness/nexus-test-harness-its/src/test/java/org/sonatype/nexus/integrationtests/nexus4257/Nexus4257CookieVerificationIT.java b/nexus/nexus-test-harness/nexus-test-harness-its/src/test/java/org/sonatype/nexus/integrationtests/nexus4257/Nexus4257CookieVerificationIT.java index f1f084adee..ee0e5cac7c 100644 --- a/nexus/nexus-test-harness/nexus-test-harness-its/src/test/java/org/sonatype/nexus/integrationtests/nexus4257/Nexus4257CookieVerificationIT.java +++ b/nexus/nexus-test-harness/nexus-test-harness-its/src/test/java/org/sonatype/nexus/integrationtests/nexus4257/Nexus4257CookieVerificationIT.java @@ -77,9 +77,8 @@ public void testCookieForStateFullClient() Cookie sessionCookie = this.getSessionCookie( httpClient.getState().getCookies() ); Assert.assertNotNull( sessionCookie, "Session Cookie not set" ); - httpClient.getState().clear(); // remove cookies, credentials, etc - + // do not set the cookie, expect failure GetMethod failedGetMethod = new GetMethod( url ); Assert.assertEquals( httpClient.executeMethod( failedGetMethod ), 401 ); @@ -108,6 +107,68 @@ public void testCookieForStateLessClient() HttpClient httpClient = new HttpClient(); httpClient.getState().setCredentials( AuthScope.ANY, new UsernamePasswordCredentials( username, password ) ); + GetMethod getMethod = new GetMethod( url ); + getMethod.addRequestHeader( header ); + getMethod.releaseConnection(); + Assert.assertEquals( httpClient.executeMethod( getMethod ), 200 ); + + Cookie sessionCookie = this.getSessionCookie( httpClient.getState().getCookies() ); + Assert.assertNull( sessionCookie, "Session Cookie is set" ); + } + + + @Test + public void testCookieForStateFullClientForAnonUser() + throws HttpException, IOException + { + + GlobalConfigurationResource settings = SettingsMessageUtil.getCurrentSettings(); + settings.setSecurityAnonymousAccessEnabled( true ); + SettingsMessageUtil.save( settings ); + + TestContext context = TestContainer.getInstance().getTestContext(); + String username = context.getAdminUsername(); + String password = context.getPassword(); + String url = this.getBaseNexusUrl() + "content/"; + + // default useragent is: Jakarta Commons-HttpClient/3.1[\r][\n] + HttpClient httpClient = new HttpClient(); // anonymous access + + GetMethod getMethod = new GetMethod( url ); + Assert.assertEquals( httpClient.executeMethod( getMethod ), 200 ); + getMethod.releaseConnection(); + + Cookie sessionCookie = this.getSessionCookie( httpClient.getState().getCookies() ); + Assert.assertNotNull( sessionCookie, "Session Cookie not set" ); + + + httpClient.getState().clear(); // remove cookies, credentials, etc + // set the cookie expect greatness + httpClient.getState().addCookie( sessionCookie ); + getMethod = new GetMethod( url ); + Assert.assertEquals( httpClient.executeMethod( getMethod ), 200 ); + getMethod.releaseConnection(); + } + + + @Test + public void testCookieForStateLessClientForAnonUser() + throws HttpException, IOException + { + GlobalConfigurationResource settings = SettingsMessageUtil.getCurrentSettings(); + settings.setSecurityAnonymousAccessEnabled( true ); + SettingsMessageUtil.save( settings ); + + TestContext context = TestContainer.getInstance().getTestContext(); + String username = context.getAdminUsername(); + String password = context.getPassword(); + String url = this.getBaseNexusUrl() + "content/"; + + Header header = new Header("User-Agent", "Java/1.6" ); + + // default useragent is: Jakarta Commons-HttpClient/3.1[\r][\n] + HttpClient httpClient = new HttpClient(); // anonymous access + GetMethod getMethod = new GetMethod( url ); getMethod.addRequestHeader( header ); Assert.assertEquals( httpClient.executeMethod( getMethod ), 200 );