[WFLY-8893] Improved Elytron audit log test cases

wildfly · Jun 5, 2017 · df63b00 · df63b00
1 parent e1d7137
commit df63b00
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 18 deletions.
diff --git a/...on/src/test/java/org/wildfly/test/integration/elytron/audit/AbstractAuditLogTestCase.java b/...on/src/test/java/org/wildfly/test/integration/elytron/audit/AbstractAuditLogTestCase.java
@@ -54,6 +54,8 @@ public abstract class AbstractAuditLogTestCase {
     protected static final String USER = "user1";
     protected static final String UNKNOWN_USER = "unknown-user";
     protected static final String PASSWORD = "password1";
+    protected static final String WRONG_PASSWORD = "wrongPassword";
+    protected static final String EMPTY_PASSWORD = "";
     protected static final String SD_DEFAULT = "other";
     protected static final String SD_WITHOUT_LOGIN_PERMISSION = "no-login-permission";
 

diff --git a/.../test/java/org/wildfly/test/integration/elytron/audit/AbstractSyslogAuditLogTestCase.java b/.../test/java/org/wildfly/test/integration/elytron/audit/AbstractSyslogAuditLogTestCase.java
@@ -28,7 +28,6 @@
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.as.test.integration.security.common.Utils;
 import org.jboss.as.test.syslogserver.BlockedSyslogServerEventHandler;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.productivity.java.syslog4j.server.SyslogServer;
 import org.productivity.java.syslog4j.server.SyslogServerConfigIF;
@@ -61,33 +60,45 @@ public void testSuccessfulAuth(@ArquillianResource URL url) throws Exception {
     }
 
     /**
-     * Tests whether failed authentication was logged.
+     * Tests whether failed authentication with wrong user was logged.
      */
     @Test
     @OperateOnDeployment(SD_DEFAULT)
-    public void testFailedAuth(@ArquillianResource URL url) throws Exception {
+    public void testFailedAuthWrongUser(@ArquillianResource URL url) throws Exception {
         final URL servletUrl = new URL(url.toExternalForm() + "role1");
         final BlockingQueue<SyslogServerEventIF> queue = BlockedSyslogServerEventHandler.getQueue();
         queue.clear();
 
         Utils.makeCallWithBasicAuthn(servletUrl, UNKNOWN_USER, PASSWORD, SC_UNAUTHORIZED);
-        assertTrue("Failed authentication was not logged", loggedFailedAuth(queue, UNKNOWN_USER));
+        assertTrue("Failed authentication with wrong user was not logged", loggedFailedAuth(queue, UNKNOWN_USER));
     }
 
     /**
-     * Tests whether authentication with empty username was logged.
+     * Tests whether failed authentication with wrong password was logged.
      */
-    @Ignore("https://issues.jboss.org/browse/ELY-1171")
     @Test
     @OperateOnDeployment(SD_DEFAULT)
-    public void testAuthWithEmptyName() throws Exception {
+    public void testFailedAuthWrongPassword(@ArquillianResource URL url) throws Exception {
         final URL servletUrl = new URL(url.toExternalForm() + "role1");
         final BlockingQueue<SyslogServerEventIF> queue = BlockedSyslogServerEventHandler.getQueue();
         queue.clear();
 
-        Utils.makeCallWithBasicAuthn(servletUrl, "", PASSWORD, SC_UNAUTHORIZED);
+        Utils.makeCallWithBasicAuthn(servletUrl, USER, WRONG_PASSWORD, SC_UNAUTHORIZED);
+        assertTrue("Failed authentication with wrong password was not logged", loggedFailedAuth(queue, USER));
+    }
+
+    /**
+     * Tests whether failed authentication with empty password was logged.
+     */
+    @Test
+    @OperateOnDeployment(SD_DEFAULT)
+    public void testFailedAuthEmptyPassword(@ArquillianResource URL url) throws Exception {
+        final URL servletUrl = new URL(url.toExternalForm() + "role1");
+        final BlockingQueue<SyslogServerEventIF> queue = BlockedSyslogServerEventHandler.getQueue();
+        queue.clear();
 
-        assertTrue("Authentication with empty username was not logged", loggedFailedAuth(queue, USER));
+        Utils.makeCallWithBasicAuthn(servletUrl, USER, EMPTY_PASSWORD, SC_UNAUTHORIZED);
+        assertTrue("Failed authentication with empty password was not logged", loggedFailedAuth(queue, USER));
     }
 
     /**

diff --git a/...lytron/src/test/java/org/wildfly/test/integration/elytron/audit/FileAuditLogTestCase.java b/...lytron/src/test/java/org/wildfly/test/integration/elytron/audit/FileAuditLogTestCase.java
@@ -37,7 +37,6 @@
 import org.jboss.as.test.integration.security.common.Utils;
 import org.jboss.as.test.shared.ServerReload;
 import org.junit.Assert;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.wildfly.test.security.common.elytron.FileAuditLog;
@@ -79,32 +78,45 @@ public void testSuccessfulAuth() throws Exception {
     }
 
     /**
-     * Tests whether failed authentication was logged.
+     * Tests whether failed authentication with wrong user was logged.
      */
     @Test
     @OperateOnDeployment(SD_DEFAULT)
-    public void testFailedAuth() throws Exception {
+    public void testFailedAuthWrongUser() throws Exception {
         final URL servletUrl = new URL(url.toExternalForm() + "role1");
 
         discardCurrentContents(AUDIT_LOG_FILE);
         Utils.makeCallWithBasicAuthn(servletUrl, UNKNOWN_USER, PASSWORD, SC_UNAUTHORIZED);
 
-        assertTrue("Failed authentication was not logged", loggedFailedAuth(AUDIT_LOG_FILE, UNKNOWN_USER));
+        assertTrue("Failed authentication with wrong user was not logged", loggedFailedAuth(AUDIT_LOG_FILE, UNKNOWN_USER));
     }
 
     /**
-     * Tests whether authentication with empty username was logged.
+     * Tests whether failed authentication with wrong password was logged.
      */
-    @Ignore("https://issues.jboss.org/browse/ELY-1171")
     @Test
     @OperateOnDeployment(SD_DEFAULT)
-    public void testAuthWithEmptyName() throws Exception {
+    public void testFailedAuthWrongPassword() throws Exception {
         final URL servletUrl = new URL(url.toExternalForm() + "role1");
 
         discardCurrentContents(AUDIT_LOG_FILE);
-        Utils.makeCallWithBasicAuthn(servletUrl, "", PASSWORD, SC_UNAUTHORIZED);
+        Utils.makeCallWithBasicAuthn(servletUrl, USER, WRONG_PASSWORD, SC_UNAUTHORIZED);
 
-        assertTrue("Authentication with empty username was not logged", loggedFailedAuth(AUDIT_LOG_FILE, USER));
+        assertTrue("Failed authentication with wrong password was not logged", loggedFailedAuth(AUDIT_LOG_FILE, USER));
+    }
+
+    /**
+     * Tests whether failed authentication with empty password was logged.
+     */
+    @Test
+    @OperateOnDeployment(SD_DEFAULT)
+    public void testFailedAuthEmptyPassword() throws Exception {
+        final URL servletUrl = new URL(url.toExternalForm() + "role1");
+
+        discardCurrentContents(AUDIT_LOG_FILE);
+        Utils.makeCallWithBasicAuthn(servletUrl, USER, EMPTY_PASSWORD, SC_UNAUTHORIZED);
+
+        assertTrue("Failed authentication with empty password was not logged", loggedFailedAuth(AUDIT_LOG_FILE, USER));
     }
 
     /**