date:20021025

RE: FormAuthentication

2002-10-25 Thread Dhar, Pranab

Jason,
   I found the Redirector change happening at function
(AbstractHttpClient.java)
private WebTestResult callGetResult(
AbstractAuthentication theAuthentication) throws Throwable
{
WebRequest resultsRequest = new WebRequest(this.configuration); <---
here
  // Add authentication details
if (theAuthentication != null)
{
resultsRequest.setAuthentication(theAuthentication);
}

// Open the second connection to get the test results
 ConnectionHelper helper = ConnectionHelperFactory.getConnectionHelper(
getRedirectorURL(resultsRequest), this.configuration);

The ServletConfiguration does not contain the redirector set in WebRequest
object
instead it loads it default redirector from the cactus.properties.
   this.configuration is coming from new Configuration being initialized in 
ServletTestCase class 
 * @see AbstractTestCase#createConfiguration()
 */
protected Configuration createConfiguration()
{
return new ServletConfiguration();
}
When the user sets the redirector in Webrequest that never gets updated in
the configuration.
So when getRedirectorURL() gets called in AbstractHttpClient.java which is
actually implemented 
in ServletHttpClient.java as 
protected String getRedirectorURL(WebRequest theRequest)
{
String url;

// Check if user has overriden the servlet redirector

if (theRequest.getRedirectorName() != null)
{
url = this.configuration.getContextURL() + "/"
+ theRequest.getRedirectorName();
}
else
{
url = this.configuration.getRedirectorURL();
}

return url;
}

The theRequest parameter being a newly intialized WebRequest object does not
have the 
redirector set from the old request object used for Form Authentication.
Hence callResult function never goes to the Secured Servlet Redirector used
earlier to run the test.
I am not too sure if the unsecured redirector will be able to return the
results.
Maybe cactus guru's will know the answer to this design.

Pranab




-Original Message-
From: Robertson, Jason [mailto:Jason.Robertson@;acs-inc.com]
Sent: Friday, October 25, 2002 6:20 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Yes, you're correct with the need to get the context URL as well.

As for the rest of it, I'm not sure. I'll try looking at the log again, but
there's a lot of information there!

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 3:43 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Jason,
 Sorry for the typo Error in my last post.it should be
 getConfiguration().getContextURL()+"/"+theRequest.getRedirectorName();

I just compiled the code and tested it. I am getting past the authentication
now
but getting stuck somewhere after that. Somewhere down the line the
ServletRedirectorSecure
 is getting switched back to ServletRedirector even though I am setting the
URL to a
secured resource.I am getting a Error  404 instead of the regulars output
from the servlet.

Pranab

I added the following in the test code
public void beginBasicAuthentication(WebRequest theRequest) {
theRequest.setURL("localhost:8080", "/", "/secure/idsconf",
null, null); <--
theRequest.addCookie( "test", "test" );
theRequest.setRedirectorName("ServletRedirectorSecure");
theRequest.setAuthentication(   new
FormAuthentication("admin", "admin"));
}
public void testBasicAuthentication() {
try {
idsconfServlet servlet = new
idsconfServlet();<--
servlet.init(this.config);<--

servlet.doGet(this.request,this.response);<--
assertEquals("admin",
request.getUserPrincipal().getName());
assertEquals("admin",
request.getRemoteUser());
assertTrue("User not in 'admin' role",
request.isUserInRole("admin"));
} catch (ServletException e) {
log.error(e);
} catch (IOException e) {
log.error(e);
}
}


Debug LOG

15:25:40,563 [main] DEBUG util.UrlUtil-
http://localhost:8080/ServletRedirectorSecure?Cactus_TestMethod=te
stBasicAuthentication&Cactus_URL_ContextPath=%2F&Cactus_URL_Server=localhost
%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fidsconf&Cactus_TestClass=com.ids.
servlet.TestLoginServlet&Cactus_AutomaticSession=true&Cactus_URL_Protocol=ht
tp&Cactus_Service=CALL_TEST]) 
15:25:40,563 [main] DEBUG util.UrlUtil- >getPath =
[/ServletRedirectorSecure] 
15:25:40,563 [main] DEBUG util.UrlUtil-
http://localhost:8080/

Problem with cactus, ant and weblogic 6.1: runservertests hangs if weblogic dooesn't start

2002-10-25 Thread Herve Marcellini

Hello,

I am using the ant task 'runservertests' as indicated in the manual.
It works perfectly well when the server starts correctly, but I have a
problem when the weblogic server doesn't start (because of a
misconfiguration,
a file missing...).
The ant logs returns "Java Result: 1", and ant never exits from the
"start.weblogic"
task I defined.
Is there any "timeout" that I could set up in 'runservertests'?

Thanks for your help,
Herve







http://localhost:7001/ServletRedirector?Cactus_Service=RUN_TEST";
startTarget="start.weblogic"
stopTarget="stop.weblogic"
testTarget="unittests.all"/>



 ...



 ...


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: FormAuthentication

2002-10-25 Thread Robertson, Jason

Yes, you're correct with the need to get the context URL as well.

As for the rest of it, I'm not sure. I'll try looking at the log again, but
there's a lot of information there!

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 3:43 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Jason,
 Sorry for the typo Error in my last post.it should be
 getConfiguration().getContextURL()+"/"+theRequest.getRedirectorName();

I just compiled the code and tested it. I am getting past the authentication
now
but getting stuck somewhere after that. Somewhere down the line the
ServletRedirectorSecure
 is getting switched back to ServletRedirector even though I am setting the
URL to a
secured resource.I am getting a Error  404 instead of the regulars output
from the servlet.

Pranab

I added the following in the test code
public void beginBasicAuthentication(WebRequest theRequest) {
theRequest.setURL("localhost:8080", "/", "/secure/idsconf",
null, null); <--
theRequest.addCookie( "test", "test" );
theRequest.setRedirectorName("ServletRedirectorSecure");
theRequest.setAuthentication(   new
FormAuthentication("admin", "admin"));
}
public void testBasicAuthentication() {
try {
idsconfServlet servlet = new
idsconfServlet();<--
servlet.init(this.config);<--

servlet.doGet(this.request,this.response);<--
assertEquals("admin",
request.getUserPrincipal().getName());
assertEquals("admin",
request.getRemoteUser());
assertTrue("User not in 'admin' role",
request.isUserInRole("admin"));
} catch (ServletException e) {
log.error(e);
} catch (IOException e) {
log.error(e);
}
}


Debug LOG

15:25:40,563 [main] DEBUG util.UrlUtil-
http://localhost:8080/ServletRedirectorSecure?Cactus_TestMethod=te
stBasicAuthentication&Cactus_URL_ContextPath=%2F&Cactus_URL_Server=localhost
%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fidsconf&Cactus_TestClass=com.ids.
servlet.TestLoginServlet&Cactus_AutomaticSession=true&Cactus_URL_Protocol=ht
tp&Cactus_Service=CALL_TEST]) 
15:25:40,563 [main] DEBUG util.UrlUtil- >getPath =
[/ServletRedirectorSecure] 
15:25:40,563 [main] DEBUG util.UrlUtil-
http://localhost:8080/ServletRedirectorSecure?Cactus_TestMethod=t
estBasicAuthentication&Cactus_URL_ContextPath=%2F&Cactus_URL_Server=localhos
t%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fidsconf&Cactus_TestClass=com.ids
.servlet.TestLoginServlet&Cactus_AutomaticSession=true&Cactus_URL_Protocol=h
ttp&Cactus_Service=CALL_TEST]) 
15:25:40,563 [main] DEBUG util.UrlUtil- >getQuery =
[Cactus_TestMethod=testBasicAuthentication&Cactus_URL_ContextPath=%2F&Cactus
_URL_Server=localhost%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fidsconf&Cact
us_TestClass=com.ids.servlet.TestLoginServlet&Cactus_AutomaticSession=true&C
actus_URL_Protocol=http&Cactus_Service=CALL_TEST] 
15:25:40,563 [main] DEBUG ent.HttpClientConnectionHelper  -
http://localhost:8080/ServletRedirectorSecure?Cactus_TestMethod=testBasicAu
thentication&Cactus_URL_ContextPath=%2F&Cactus_URL_Server=localhost%3A8080&C
actus_URL_ServletPath=%2Fsecure%2Fidsconf&Cactus_TestClass=com.ids.servlet.T
estLoginServlet&Cactus_AutomaticSession=true&Cactus_URL_Protocol=http&Cactus
_Service=CALL_TEST]) 
15:25:40,563 [main] DEBUG cactus.Cookie   -
getCookiePath =
[//secure/idsconf] 
15:25:40,563 [main] DEBUG cactus.Cookie   -
getCookiePath =
[//secure/idsconf] 
15:25:40,563 [main] DEBUG cactus.Cookie   -
getCookieDomain
= [localhost] 
15:25:40,563 [main] DEBUG cactus.Cookie   -
getCookiePath =
[//secure/idsconf] 
15:25:40,683 [main] DEBUG ent.HttpClientConnectionHelper  - >getCookieString
= [$Version=0; test=test; JSESSIONID=B9D9DDE0DD962B211E36D92FBE854D67] 
15:25:50,928 [main] DEBUG ent.HttpClientConnectionHelper  - >connect =
[org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir
ectorSecure?Cactus_TestMethod=testBasicAuthentication&Cactus_URL_ContextPath
=%2F&Cactus_URL_Server=localhost%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fi
dsconf&Cactus_TestClass=com.ids.servlet.TestLoginServlet&Cactus_AutomaticSes
sion=true&Cactus_URL_Protocol=http&Cactus_Service=CALL_TEST] 
15:25:50,938 [main] DEBUG ient.AutoReadHttpURLConnection  - Original
connection =
org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedire
ctorSecure?Cactus_TestMethod=testBasicAuthentication&Cactus_URL_ContextPath=
%2F&Cactus_URL_Server=localhost%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fid
scon

RE: About Cactus and Quality Assurance

2002-10-25 Thread Marco Barcella

Thanks a lot,
I think your email was very helpful for me, I will be
even more specific:

1) Using Ant, and running 10 tests in one build.xml,
how can I complete all of them, even if the third one
(for example) fails. Right now, since I don't catch
the exceptions the build fails and the following tests
are not run.

2) I am thinking about this functional test:
I click on a link and then I submit a form, then
I go and click on a second link and check if the
result of that form submission is in the state and
is correct. I would like to do this in one single test
as the two requests (first and second link) are related.
What is the best way to do it and extend the concept to
multiple requests in series?

Thanks a lot,
Marco

<>-Original Message-
<>From: Vincent Massol [mailto:vmassol@;octo.com]
<>Sent: Thursday, October 24, 2002 8:51 AM
<>To: 'Cactus Users List'
<>Subject: RE: About Cactus and Quality Assurance
<>
<>
<>
<>
<>> -Original Message-
<>> From: Marco Barcella [mailto:barcella@;appiancorp.com]
<>> Sent: 24 October 2002 01:36
<>> To: Cactus Users List
<>> Subject: About Cactus and Quality Assurance
<>>
<>> Hi,
<>> I would really like to ask the following two things:
<>> 1) I am using cactus for unit testing. When should the testing start
<>in
<>> the process of developing some code (beginning, end), in order to have
<>the
<>> best Quality Assurance in the shortest time? And also how to integrate
<>> the testing with the development? Any ideas or links would be greatly
<>> appreciated.
<>
<>The best is to do test-first development. Write your unit test first
<>(before the code they test). Run the test: they will fail. Write the
<>code. One by one the tests will turn from red to green.
<>
<>Why is it good?
<>- because you get better tests (retrofitting tests to match code is
<>always a best effort)
<>- because you can then skip the detailed design phase as it is done in
<>the unit tests. The unit tests also acts as design documentation.
<>- because you will find that, as a result your code under tests is
<>better written
<>
<>> 2) Considering to extend Cactus for functional testing, what, other
<>than
<>> HttpUnit,
<>> could/should I integrate? What are the fundamental limits I will
<>> encounter?
<>> Thanks a lot,
<>> Marco
<>
<>Cool! HttpUnit is already integrated but for checking results only. Do
<>you mean you would like to extend Cactus to use it for sending requests,
<>too (as part of a Web conversation)?
<>
<>It is definitely possible and I would be happy to help you and offer
<>support for that.
<>
<>I don't see any fundamental issue (especially as I am happy to let you
<>modify Cactus internals to make it more pluggable!).
<>
<>Before choosing the tools to use for that you need to tell us what you
<>have in mind for functional testing. What would be a typical scenario?
<>
<>Thanks
<>-Vincent
<>
<>>
<>>
<>>
<>> --
<>> To unsubscribe, e-mail:   > [EMAIL PROTECTED]>
<>> For additional commands, e-mail: > [EMAIL PROTECTED]>
<>
<>
<>
<>--
<>To unsubscribe, e-mail:

For additional commands, e-mail:




--
To unsubscribe, e-mail:   
For additional commands, e-mail:

configuring struts1.0 with lateste version of cactus

2002-10-25 Thread Manoj, Mathew

Hi
I am finding problems in configuring Jakarta struts 1.0 with cactus latest 
version.because the package name has changed in ths latest version of cactus...Do i 
have to use struts1.1B with latest version of cactus to overcome that?Or is there any 
fix?anyway i want to use latest version of cactus.


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: FormAuthentication

2002-10-25 Thread Dhar, Pranab

Jason,
 Sorry for the typo Error in my last post.it should be
 getConfiguration().getContextURL()+"/"+theRequest.getRedirectorName();

I just compiled the code and tested it. I am getting past the authentication
now
but getting stuck somewhere after that. Somewhere down the line the
ServletRedirectorSecure
 is getting switched back to ServletRedirector even though I am setting the
URL to a
secured resource.I am getting a Error  404 instead of the regulars output
from the servlet.

Pranab

I added the following in the test code
public void beginBasicAuthentication(WebRequest theRequest) {
theRequest.setURL("localhost:8080", "/", "/secure/idsconf",
null, null); <--
theRequest.addCookie( "test", "test" );
theRequest.setRedirectorName("ServletRedirectorSecure");
theRequest.setAuthentication(   new
FormAuthentication("admin", "admin"));
}
public void testBasicAuthentication() {
try {
idsconfServlet servlet = new
idsconfServlet();<--
servlet.init(this.config);<--

servlet.doGet(this.request,this.response);<--
assertEquals("admin",
request.getUserPrincipal().getName());
assertEquals("admin",
request.getRemoteUser());
assertTrue("User not in 'admin' role",
request.isUserInRole("admin"));
} catch (ServletException e) {
log.error(e);
} catch (IOException e) {
log.error(e);
}
}


Debug LOG

15:25:40,563 [main] DEBUG util.UrlUtil-
http://localhost:8080/ServletRedirectorSecure?Cactus_TestMethod=te
stBasicAuthentication&Cactus_URL_ContextPath=%2F&Cactus_URL_Server=localhost
%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fidsconf&Cactus_TestClass=com.ids.
servlet.TestLoginServlet&Cactus_AutomaticSession=true&Cactus_URL_Protocol=ht
tp&Cactus_Service=CALL_TEST]) 
15:25:40,563 [main] DEBUG util.UrlUtil- >getPath =
[/ServletRedirectorSecure] 
15:25:40,563 [main] DEBUG util.UrlUtil-
http://localhost:8080/ServletRedirectorSecure?Cactus_TestMethod=t
estBasicAuthentication&Cactus_URL_ContextPath=%2F&Cactus_URL_Server=localhos
t%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fidsconf&Cactus_TestClass=com.ids
.servlet.TestLoginServlet&Cactus_AutomaticSession=true&Cactus_URL_Protocol=h
ttp&Cactus_Service=CALL_TEST]) 
15:25:40,563 [main] DEBUG util.UrlUtil- >getQuery =
[Cactus_TestMethod=testBasicAuthentication&Cactus_URL_ContextPath=%2F&Cactus
_URL_Server=localhost%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fidsconf&Cact
us_TestClass=com.ids.servlet.TestLoginServlet&Cactus_AutomaticSession=true&C
actus_URL_Protocol=http&Cactus_Service=CALL_TEST] 
15:25:40,563 [main] DEBUG ent.HttpClientConnectionHelper  -
http://localhost:8080/ServletRedirectorSecure?Cactus_TestMethod=testBasicAu
thentication&Cactus_URL_ContextPath=%2F&Cactus_URL_Server=localhost%3A8080&C
actus_URL_ServletPath=%2Fsecure%2Fidsconf&Cactus_TestClass=com.ids.servlet.T
estLoginServlet&Cactus_AutomaticSession=true&Cactus_URL_Protocol=http&Cactus
_Service=CALL_TEST]) 
15:25:40,563 [main] DEBUG cactus.Cookie   -
getCookiePath =
[//secure/idsconf] 
15:25:40,563 [main] DEBUG cactus.Cookie   -
getCookiePath =
[//secure/idsconf] 
15:25:40,563 [main] DEBUG cactus.Cookie   -
getCookieDomain
= [localhost] 
15:25:40,563 [main] DEBUG cactus.Cookie   -
getCookiePath =
[//secure/idsconf] 
15:25:40,683 [main] DEBUG ent.HttpClientConnectionHelper  - >getCookieString
= [$Version=0; test=test; JSESSIONID=B9D9DDE0DD962B211E36D92FBE854D67] 
15:25:50,928 [main] DEBUG ent.HttpClientConnectionHelper  - >connect =
[org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir
ectorSecure?Cactus_TestMethod=testBasicAuthentication&Cactus_URL_ContextPath
=%2F&Cactus_URL_Server=localhost%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fi
dsconf&Cactus_TestClass=com.ids.servlet.TestLoginServlet&Cactus_AutomaticSes
sion=true&Cactus_URL_Protocol=http&Cactus_Service=CALL_TEST] 
15:25:50,938 [main] DEBUG ient.AutoReadHttpURLConnection  - Original
connection =
org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedire
ctorSecure?Cactus_TestMethod=testBasicAuthentication&Cactus_URL_ContextPath=
%2F&Cactus_URL_Server=localhost%3A8080&Cactus_URL_ServletPath=%2Fsecure%2Fid
sconf&Cactus_TestClass=com.ids.servlet.TestLoginServlet&Cactus_AutomaticSess
ion=true&Cactus_URL_Protocol=http&Cactus_Service=CALL_TEST 
15:25:50,938 [main] DEBUG util.HttpURLConnection  -
getHeaderField
= [null] 
15:25:50,938 [main] DEBUG ient.AutoReadHttpURLConnection  - Content-Length :
[-1] 
15:25:50,938 [main] DEBUG util.HttpURLConnection  -
getHead

RE: FormAuthentication

2002-10-25 Thread Dhar, Pranab

Jason,
  I think the resource string should be the URL (
http://localhost:8080/ServletRedirectorSecure )
   String resource =
theRequest.getConfiguration().getContextURL()+"/"+theRequest.getRedirectorUR
L();

Pranab

-Original Message-
From: Robertson, Jason [mailto:Jason.Robertson@;acs-inc.com]
Sent: Friday, October 25, 2002 1:47 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


I think you've found a problem! 

I was unaware that you could change the redirector name in the WebRequest so
I didn't deal with that scenario. If you can, change the authenticate
function to be this (add the WebRequest argument, and then use it to get the
redirector name):

public void authenticate(WebRequest theRequest)
{
//Note: This method needs refactoring. It is too complex.

try
{
// Create a helper that will connect to a restricted resource.
String resource = theRequest.getRedirectorName();
...

and pass theRequest to the authenticate function in configuration method:

if (this.sessionId == null)
{
   authenticate(theRequest);
}

and give it a try.

If that fixes things I'll work up a proper patch and submit it.

Good catch!

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 1:32 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Jason,
  The servlet mapping in WEB-INF/web.xml is
  
  
ServletRedirector
 
org.apache.cactus.server.ServletTestRedirector
  
  
ServletRedirectorSecure
 
org.apache.cactus.server.ServletTestRedirector
  
two aliases for the same Redirector servlet and the security constraint is
on the 
ServletRedirectorSecure alias.


SecurityRestriction
Protect the Cactus
redirectorservlet.
/ServletRedirectorSecure
GET
POST


Authorized Users Group
idsconf_admin
idsconf_user


NONE


cactus.properties contains :-
cactus.contextURL = http://localhost:8080   only

and the testcase sets the redirector by calling :-
theRequest.setRedirectorName("ServletRedirectorSecure");


As long as I set the redirector in the test case it will override the
default redirector.
Then the question is why the default redirector is being used after the
override.
[org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir
ector] 

I think I found the problem in cactus code.
 I am setting redirector in the class WebRequest.redirectorName whereas the 
FormAuthentication is getting the redirector name from the WebConfiguration
interface 
implemented by the ServletConfiguration class which reads the redirector
name from
cactus.properties and used the default "ServletRedirector" if not specified.
  The WebRequest wrapper should rather modify the stored configuration
object to
the new Redirector or the Servlet Configuration should check the request
object to get
the modified redirector. 
   /**
 * @param theConfiguration the Cactus configuration
*/
public WebRequest(WebConfiguration theConfiguration)
{
this.configuration = theConfiguration;
}
   /**
 * Override the redirector Name defined in
cactus.properties.
 * This is useful to define a per test case Name (for example, if some
 * test case need to have authentication turned on and not other tests,
 * etc).
 *
 * @param theRedirectorName the new redirector Name to use
 */
public void setRedirectorName(String theRedirectorName)
{
this.redirectorName = theRedirectorName;
}

Tell me what you think.

Pranab

-Original Message-
From: Robertson, Jason [mailto:Jason.Robertson@;acs-inc.com]
Sent: Friday, October 25, 2002 12:44 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


One thing I notice is that cactus connects to
http://localhost:8080/ServletRedirector but you have the Tomcat config url
pattern as /ServletRedirectorSecure. Try removing the "Secure" from the end.
Make the ServletRedirector servlet a secure resource. (Alternatively, you
could add "Secure" to you cactus.properties file, but I'd say it would be
better to remove it.)

Let me know if that changes anything.

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 11:47 AM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Hi Jason,
 Yes Authentication works. I am using JBoss app server.
with user defined security realm/domain where all the users and roles are
mapped
using users.properties and roles.properties.I can run the servlet
straightaway and 
I am asked to authenticate using a FormLogin.I have been able to set
security role-mapping 
JSP/Servlets-to-EJB.I was trying to write test ca

RE: FormAuthentication

2002-10-25 Thread Robertson, Jason

I think you've found a problem! 

I was unaware that you could change the redirector name in the WebRequest so
I didn't deal with that scenario. If you can, change the authenticate
function to be this (add the WebRequest argument, and then use it to get the
redirector name):

public void authenticate(WebRequest theRequest)
{
//Note: This method needs refactoring. It is too complex.

try
{
// Create a helper that will connect to a restricted resource.
String resource = theRequest.getRedirectorName();
...

and pass theRequest to the authenticate function in configuration method:

if (this.sessionId == null)
{
   authenticate(theRequest);
}

and give it a try.

If that fixes things I'll work up a proper patch and submit it.

Good catch!

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 1:32 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Jason,
  The servlet mapping in WEB-INF/web.xml is
  
  
ServletRedirector
 
org.apache.cactus.server.ServletTestRedirector
  
  
ServletRedirectorSecure
 
org.apache.cactus.server.ServletTestRedirector
  
two aliases for the same Redirector servlet and the security constraint is
on the 
ServletRedirectorSecure alias.


SecurityRestriction
Protect the Cactus
redirectorservlet.
/ServletRedirectorSecure
GET
POST


Authorized Users Group
idsconf_admin
idsconf_user


NONE


cactus.properties contains :-
cactus.contextURL = http://localhost:8080   only

and the testcase sets the redirector by calling :-
theRequest.setRedirectorName("ServletRedirectorSecure");


As long as I set the redirector in the test case it will override the
default redirector.
Then the question is why the default redirector is being used after the
override.
[org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir
ector] 

I think I found the problem in cactus code.
 I am setting redirector in the class WebRequest.redirectorName whereas the 
FormAuthentication is getting the redirector name from the WebConfiguration
interface 
implemented by the ServletConfiguration class which reads the redirector
name from
cactus.properties and used the default "ServletRedirector" if not specified.
  The WebRequest wrapper should rather modify the stored configuration
object to
the new Redirector or the Servlet Configuration should check the request
object to get
the modified redirector. 
   /**
 * @param theConfiguration the Cactus configuration
*/
public WebRequest(WebConfiguration theConfiguration)
{
this.configuration = theConfiguration;
}
   /**
 * Override the redirector Name defined in
cactus.properties.
 * This is useful to define a per test case Name (for example, if some
 * test case need to have authentication turned on and not other tests,
 * etc).
 *
 * @param theRedirectorName the new redirector Name to use
 */
public void setRedirectorName(String theRedirectorName)
{
this.redirectorName = theRedirectorName;
}

Tell me what you think.

Pranab

-Original Message-
From: Robertson, Jason [mailto:Jason.Robertson@;acs-inc.com]
Sent: Friday, October 25, 2002 12:44 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


One thing I notice is that cactus connects to
http://localhost:8080/ServletRedirector but you have the Tomcat config url
pattern as /ServletRedirectorSecure. Try removing the "Secure" from the end.
Make the ServletRedirector servlet a secure resource. (Alternatively, you
could add "Secure" to you cactus.properties file, but I'd say it would be
better to remove it.)

Let me know if that changes anything.

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 11:47 AM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Hi Jason,
 Yes Authentication works. I am using JBoss app server.
with user defined security realm/domain where all the users and roles are
mapped
using users.properties and roles.properties.I can run the servlet
straightaway and 
I am asked to authenticate using a FormLogin.I have been able to set
security role-mapping 
JSP/Servlets-to-EJB.I was trying to write test cases to test Servlet's &
EJB's with their
roles for which I need the JBoss App Server to authenticate and set up
Identity/Principal
and their roles.
  Let me know how can I help.

Pranab
--
JBoss Security Realm login-config.xml:-

   
   
  
 guest
  
   

--

RE: FormAuthentication

2002-10-25 Thread Dhar, Pranab

Jason,
  The servlet mapping in WEB-INF/web.xml is
  
  
ServletRedirector
 
org.apache.cactus.server.ServletTestRedirector
  
  
ServletRedirectorSecure
 
org.apache.cactus.server.ServletTestRedirector
  
two aliases for the same Redirector servlet and the security constraint is
on the 
ServletRedirectorSecure alias.


SecurityRestriction
Protect the Cactus
redirectorservlet.
/ServletRedirectorSecure
GET
POST


Authorized Users Group
idsconf_admin
idsconf_user


NONE


cactus.properties contains :-
cactus.contextURL = http://localhost:8080   only

and the testcase sets the redirector by calling :-
theRequest.setRedirectorName("ServletRedirectorSecure");


As long as I set the redirector in the test case it will override the
default redirector.
Then the question is why the default redirector is being used after the
override.
[org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir
ector] 

I think I found the problem in cactus code.
 I am setting redirector in the class WebRequest.redirectorName whereas the 
FormAuthentication is getting the redirector name from the WebConfiguration
interface 
implemented by the ServletConfiguration class which reads the redirector
name from
cactus.properties and used the default "ServletRedirector" if not specified.
  The WebRequest wrapper should rather modify the stored configuration
object to
the new Redirector or the Servlet Configuration should check the request
object to get
the modified redirector. 
   /**
 * @param theConfiguration the Cactus configuration
*/
public WebRequest(WebConfiguration theConfiguration)
{
this.configuration = theConfiguration;
}
   /**
 * Override the redirector Name defined in
cactus.properties.
 * This is useful to define a per test case Name (for example, if some
 * test case need to have authentication turned on and not other tests,
 * etc).
 *
 * @param theRedirectorName the new redirector Name to use
 */
public void setRedirectorName(String theRedirectorName)
{
this.redirectorName = theRedirectorName;
}

Tell me what you think.

Pranab

-Original Message-
From: Robertson, Jason [mailto:Jason.Robertson@;acs-inc.com]
Sent: Friday, October 25, 2002 12:44 PM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


One thing I notice is that cactus connects to
http://localhost:8080/ServletRedirector but you have the Tomcat config url
pattern as /ServletRedirectorSecure. Try removing the "Secure" from the end.
Make the ServletRedirector servlet a secure resource. (Alternatively, you
could add "Secure" to you cactus.properties file, but I'd say it would be
better to remove it.)

Let me know if that changes anything.

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 11:47 AM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Hi Jason,
 Yes Authentication works. I am using JBoss app server.
with user defined security realm/domain where all the users and roles are
mapped
using users.properties and roles.properties.I can run the servlet
straightaway and 
I am asked to authenticate using a FormLogin.I have been able to set
security role-mapping 
JSP/Servlets-to-EJB.I was trying to write test cases to test Servlet's &
EJB's with their
roles for which I need the JBoss App Server to authenticate and set up
Identity/Principal
and their roles.
  Let me know how can I help.

Pranab
--
JBoss Security Realm login-config.xml:-

   
   
  
 guest
  
   

--
Tomcat Security:-


SecurityRestriction
Protect the Cactus redirector
servlet.
/ServletRedirectorSecure
GET
POST


Authorized Users Group
idsconf_admin
idsconf_user


NONE



   FORM
   IDSCONF-REALM
   
  /LoginForm.jsp
  /LoginError.jsp
   


  
The Secure ROLE
idsconf_admin


  
The Non Secure ROLE
idsconf_user

--
J2EE application roles:-

 .. app jars.
   
  
Administrator Role
idsconf_admin
   
   
  
User Role
idsconf_user
  
   
  
Internal Role
idsconf_internal
 

JBoss EJB Security mapping jboss.xml

   java:jaas/IDSCONF-REALM
.

RE: FormAuthentication

2002-10-25 Thread Robertson, Jason

One thing I notice is that cactus connects to
http://localhost:8080/ServletRedirector but you have the Tomcat config url
pattern as /ServletRedirectorSecure. Try removing the "Secure" from the end.
Make the ServletRedirector servlet a secure resource. (Alternatively, you
could add "Secure" to you cactus.properties file, but I'd say it would be
better to remove it.)

Let me know if that changes anything.

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 11:47 AM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Hi Jason,
 Yes Authentication works. I am using JBoss app server.
with user defined security realm/domain where all the users and roles are
mapped
using users.properties and roles.properties.I can run the servlet
straightaway and 
I am asked to authenticate using a FormLogin.I have been able to set
security role-mapping 
JSP/Servlets-to-EJB.I was trying to write test cases to test Servlet's &
EJB's with their
roles for which I need the JBoss App Server to authenticate and set up
Identity/Principal
and their roles.
  Let me know how can I help.

Pranab
--
JBoss Security Realm login-config.xml:-

   
   
  
 guest
  
   

--
Tomcat Security:-


SecurityRestriction
Protect the Cactus redirector
servlet.
/ServletRedirectorSecure
GET
POST


Authorized Users Group
idsconf_admin
idsconf_user


NONE



   FORM
   IDSCONF-REALM
   
  /LoginForm.jsp
  /LoginError.jsp
   


  
The Secure ROLE
idsconf_admin


  
The Non Secure ROLE
idsconf_user

--
J2EE application roles:-

 .. app jars.
   
  
Administrator Role
idsconf_admin
   
   
  
User Role
idsconf_user
  
   
  
Internal Role
idsconf_internal
 

JBoss EJB Security mapping jboss.xml

   java:jaas/IDSCONF-REALM
. entity/session beans jndi mapping

  


Standard Stateless
SessionBean

java:/jaas/IDSCONF-REALM



Standard BMP EntityBean

java:/jaas/IDSCONF-REALM



Unsecure Stateless
SessionBean




--

# A sample users.properties file for use with the UsersRolesLoginModule
# user=password
admin=admin
pkdhar=pkdhar
bob=bob
--
# A sample roles.properties file for use with the UsersRolesLoginModule
# user=role1,role2...
admin=idsconf_admin,idsconf_user
pkdhar=idsconf_user
bob=idsconf_user

-Original Message-
From: Robertson, Jason [mailto:Jason.Robertson@;acs-inc.com]
Sent: Friday, October 25, 2002 11:21 AM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Buried in the stack trace is "Failed to authenticate the principal". If you
try to log into the website normally using admin/admin does it work? 

What server are you using? We have test cases that work with Tomcat and
WebLogic.

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 10:10 AM
To: '[EMAIL PROTECTED]'
Subject: FormAuthentication


Hi,
   I am in a situation where I have EJB's and servlets created with security
roles defined.I need to test the Servlets and EJB's doing the authentication
in the process.I am using FormAuthentication for the secured
jsp/servlets/struts forms and actions.
  I installed cactus 1.4.1 and found out that it does'nt implement form
authentication so I am now using the nightly build 20021022 after checking
the mailing list that some gentlemen have been adding this new feature.
  My testcase is as follows:-
public void beginBasicAuthentication(WebRequest theRequest) {
theRequest.setURL("localhost:8080", "/", "/secure/idsconf",
null, null);
theRequest.addCookie( "test", "test" );
theRequest.setRedirectorName("ServletRedirectorSecure");
theRequest.setAuthentication(new FormAuthentication("admin",
"admin"));
}
public void testBasicAuthentication() {
assertEquals("admin",
request.getUserPrincipal().getName());
assertEquals("admin", request.getRemoteUser());
assertTrue("User not in 'admin' role",
request.isUserInRole("admin"));
}
I am getting

RE: FormAuthentication

2002-10-25 Thread Dhar, Pranab

Hi,
   To add further the server side exception log says:-

11:56:31,899 ERROR [Engine] StandardWrapperValve[ServletRedirector]:
Servlet.service() for servlet ServletRedirector threw exception
javax.servlet.ServletException: Missing service name parameter
[Cactus_Service] in HTTP request. Received query string is [].
at
org.apache.cactus.server.AbstractWebTestController.getServiceName(AbstractWe
bTestController.java;org/apache/cactus/util/log/LogAspect.aj(1k):205)
at
org.apache.cactus.server.AbstractWebTestController.handleRequest$ajcPostArou
nd7(AbstractWebTestController.java;org/apache/cactus/util/log/LogAspect.aj(1
k):117)
at
org.apache.cactus.server.AbstractWebTestController.handleRequest$ajcPostArou
nd7$ajcVoidWrapper(AbstractWebTestController.java;org/apache/cactus/util/log
/LogAspect.aj(1k)
)
at
org.apache.cactus.server.AbstractWebTestController.handleRequest(AbstractWeb
TestController.java;org/apache/cactus/util/log/LogAspect.aj(1k):1151)
at
org.apache.cactus.server.ServletTestRedirector.doPost$ajcPostAround10(Servle
tTestRedirector.java;org/apache/cactus/util/log/LogAspect.aj(1k):125)
at
org.apache.cactus.server.ServletTestRedirector.doPost$ajcPostAround10$ajcVoi
dWrapper(ServletTestRedirector.java;org/apache/cactus/util/log/LogAspect.aj(
1k))
at
org.apache.cactus.server.ServletTestRedirector.doPost(ServletTestRedirector.
java;org/apache/cactus/util/log/LogAspect.aj(1k):1151)
at
org.apache.cactus.server.ServletTestRedirector.doGet$ajcPostAround6(ServletT
estRedirector.java;org/apache/cactus/util/log/LogAspect.aj(1k):96)
at
org.apache.cactus.server.ServletTestRedirector.doGet$ajcPostAround6$ajcVoidW
rapper(ServletTestRedirector.java;org/apache/cactus/util/log/LogAspect.aj(1k
))
at
org.apache.cactus.server.ServletTestRedirector.doGet(ServletTestRedirector.j
ava;org/apache/cactus/util/log/LogAspect.aj(1k):1151)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:193)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja
va:243)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
66)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja
va:190)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
66)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase
.java:475)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
64)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:2
46)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
64)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2347)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180
)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
66)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.
java:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
64)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170
)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
64)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:468)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
64)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
:174)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:5
66)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:
1027)
at
org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1125
)
at java.lang.Thread.run(Thread.java:536)

Pranab 

-Original Message-
From: Dhar, Pranab

RE: FormAuthentication

2002-10-25 Thread Dhar, Pranab

Hi Jason,
 Yes Authentication works. I am using JBoss app server.
with user defined security realm/domain where all the users and roles are
mapped
using users.properties and roles.properties.I can run the servlet
straightaway and 
I am asked to authenticate using a FormLogin.I have been able to set
security role-mapping 
JSP/Servlets-to-EJB.I was trying to write test cases to test Servlet's &
EJB's with their
roles for which I need the JBoss App Server to authenticate and set up
Identity/Principal
and their roles.
  Let me know how can I help.

Pranab
--
JBoss Security Realm login-config.xml:-

   
   
  
 guest
  
   

--
Tomcat Security:-


SecurityRestriction
Protect the Cactus redirector
servlet.
/ServletRedirectorSecure
GET
POST


Authorized Users Group
idsconf_admin
idsconf_user


NONE



   FORM
   IDSCONF-REALM
   
  /LoginForm.jsp
  /LoginError.jsp
   


  
The Secure ROLE
idsconf_admin


  
The Non Secure ROLE
idsconf_user

--
J2EE application roles:-

 .. app jars.
   
  
Administrator Role
idsconf_admin
   
   
  
User Role
idsconf_user
  
   
  
Internal Role
idsconf_internal
 

JBoss EJB Security mapping jboss.xml

   java:jaas/IDSCONF-REALM
. entity/session beans jndi mapping

  


Standard Stateless
SessionBean

java:/jaas/IDSCONF-REALM



Standard BMP EntityBean

java:/jaas/IDSCONF-REALM



Unsecure Stateless
SessionBean




--

# A sample users.properties file for use with the UsersRolesLoginModule
# user=password
admin=admin
pkdhar=pkdhar
bob=bob
--
# A sample roles.properties file for use with the UsersRolesLoginModule
# user=role1,role2...
admin=idsconf_admin,idsconf_user
pkdhar=idsconf_user
bob=idsconf_user

-Original Message-
From: Robertson, Jason [mailto:Jason.Robertson@;acs-inc.com]
Sent: Friday, October 25, 2002 11:21 AM
To: 'Cactus Users List'
Subject: RE: FormAuthentication


Buried in the stack trace is "Failed to authenticate the principal". If you
try to log into the website normally using admin/admin does it work? 

What server are you using? We have test cases that work with Tomcat and
WebLogic.

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 10:10 AM
To: '[EMAIL PROTECTED]'
Subject: FormAuthentication


Hi,
   I am in a situation where I have EJB's and servlets created with security
roles defined.I need to test the Servlets and EJB's doing the authentication
in the process.I am using FormAuthentication for the secured
jsp/servlets/struts forms and actions.
  I installed cactus 1.4.1 and found out that it does'nt implement form
authentication so I am now using the nightly build 20021022 after checking
the mailing list that some gentlemen have been adding this new feature.
  My testcase is as follows:-
public void beginBasicAuthentication(WebRequest theRequest) {
theRequest.setURL("localhost:8080", "/", "/secure/idsconf",
null, null);
theRequest.addCookie( "test", "test" );
theRequest.setRedirectorName("ServletRedirectorSecure");
theRequest.setAuthentication(new FormAuthentication("admin",
"admin"));
}
public void testBasicAuthentication() {
assertEquals("admin",
request.getUserPrincipal().getName());
assertEquals("admin", request.getRemoteUser());
assertTrue("User not in 'admin' role",
request.isUserInRole("admin"));
}
I am getting this error when I run the test in Log4J DEBUG mode

-
18:00:12,899 [main] DEBUG ent.HttpClientConnectionHelper  -
http://localhost:8080/ServletRedirector]) 
18:00:12,899 [main] DEBUG ent.HttpClientConnectionHelper  - >getCookieString
= [null] 
18:00:13,891 [main] DEBUG ent.HttpClientConnectionHelper  - >connect =
[org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir
ector] 
18:00:13,901 [main] DEBUG util.HttpURLConnection  -
getHeaderFieldKey = [Connection] 
18:00:

RE: FormAuthentication

2002-10-25 Thread Robertson, Jason

Buried in the stack trace is "Failed to authenticate the principal". If you
try to log into the website normally using admin/admin does it work? 

What server are you using? We have test cases that work with Tomcat and
WebLogic.

Jason

-Original Message-
From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US]
Sent: Friday, October 25, 2002 10:10 AM
To: '[EMAIL PROTECTED]'
Subject: FormAuthentication


Hi,
   I am in a situation where I have EJB's and servlets created with security
roles defined.I need to test the Servlets and EJB's doing the authentication
in the process.I am using FormAuthentication for the secured
jsp/servlets/struts forms and actions.
  I installed cactus 1.4.1 and found out that it does'nt implement form
authentication so I am now using the nightly build 20021022 after checking
the mailing list that some gentlemen have been adding this new feature.
  My testcase is as follows:-
public void beginBasicAuthentication(WebRequest theRequest) {
theRequest.setURL("localhost:8080", "/", "/secure/idsconf",
null, null);
theRequest.addCookie( "test", "test" );
theRequest.setRedirectorName("ServletRedirectorSecure");
theRequest.setAuthentication(new FormAuthentication("admin",
"admin"));
}
public void testBasicAuthentication() {
assertEquals("admin",
request.getUserPrincipal().getName());
assertEquals("admin", request.getRemoteUser());
assertTrue("User not in 'admin' role",
request.isUserInRole("admin"));
}
I am getting this error when I run the test in Log4J DEBUG mode

-
18:00:12,899 [main] DEBUG ent.HttpClientConnectionHelper  -
http://localhost:8080/ServletRedirector]) 
18:00:12,899 [main] DEBUG ent.HttpClientConnectionHelper  - >getCookieString
= [null] 
18:00:13,891 [main] DEBUG ent.HttpClientConnectionHelper  - >connect =
[org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir
ector] 
18:00:13,901 [main] DEBUG util.HttpURLConnection  -
getHeaderFieldKey = [Connection] 
18:00:13,901 [main] DEBUG util.HttpURLConnection  -
getHeaderFieldKey = [null] 
18:00:13,901 [main] DEBUG hentication.FormAuthentication  - Using security
check URL [http://localhost:8080/j_security_check] 
18:00:13,901 [main] DEBUG client.ConnectionHelperFactory  -
http://localhost:8080/j_security_check],
[org.apache.cactus.util.ServletConfiguration@1dff3a2]) 
18:00:13,901 [main] DEBUG client.ConnectionHelperFactory  -
>getConnectionHelper =
[org.apache.cactus.client.HttpClientConnectionHelper@1d9fd51] 
18:00:13,901 [main] DEBUG cactus.WebRequest   -
printStackTrace

org.apache.cactus.util.ChainedRuntimeException: Failed to authenticate the
principal
at
org.apache.cactus.client.authentication.FormAuthentication.authenticate(Form
Authentication.java;org/apache/cactus/util/log/LogAspect.aj(1k):288)
at
org.apache.cactus.client.authentication.FormAuthentication.configure$ajcPost
Around13(FormAuthentication.java;org/apache/cactus/util/log/LogAspect.aj(1k)
:147)
at
org.apache.cactus.client.authentication.FormAuthentication.configure$ajcPost
Around13$ajcVoidWrapper(FormAuthentication.java;org/apache/cactus/util/log/L
ogAspect.aj(1k))
at
org.apache.cactus.client.authentication.FormAuthentication.configure(FormAut
hentication.java;org/apache/cactus/util/log/LogAspect.aj(1k):1151)
at
org.apache.cactus.client.HttpClientConnectionHelper.connect$ajcPostAround9(H
ttpClientConnectionHelper.java;org/apache/cactus/util/log/LogAspect.aj(1k):1
16)
at
org.apache.cactus.client.HttpClientConnectionHelper.connect(HttpClientConnec
tionHelper.java;org/apache/cactus/util/log/LogAspect.aj(1k):1222)
at
org.apache.cactus.client.AbstractHttpClient.callRunTest(AbstractHttpClient.j
ava;org/apache/cactus/util/log/LogAspect.aj(1k):200)
at
org.apache.cactus.client.AbstractHttpClient.doTest$ajcPostAround8(AbstractHt
tpClient.java;org/apache/cactus/util/log/LogAspect.aj(1k):124)
at
org.apache.cactus.client.AbstractHttpClient.doTest(AbstractHttpClient.java;o
rg/apache/cactus/util/log/LogAspect.aj(1k):1222)
at
org.apache.cactus.AbstractWebTestCase.runWebTest(AbstractWebTestCase.java:31
0)
at
org.apache.cactus.AbstractWebTestCase.runGenericTest(AbstractWebTestCase.jav
a:260)
at
org.apache.cactus.ServletTestCase.runTest(ServletTestCase.java:136)
at
org.apache.cactus.AbstractTestCase.runBare(AbstractTestCase.java:255)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:118)
at junit.framework.TestSuite.runTest(TestSuite.java:208)

FormAuthentication

2002-10-25 Thread Dhar, Pranab

Hi,
   I am in a situation where I have EJB's and servlets created with security
roles defined.I need to test the Servlets and EJB's doing the authentication
in the process.I am using FormAuthentication for the secured
jsp/servlets/struts forms and actions.
  I installed cactus 1.4.1 and found out that it does'nt implement form
authentication so I am now using the nightly build 20021022 after checking
the mailing list that some gentlemen have been adding this new feature.
  My testcase is as follows:-
public void beginBasicAuthentication(WebRequest theRequest) {
theRequest.setURL("localhost:8080", "/", "/secure/idsconf",
null, null);
theRequest.addCookie( "test", "test" );
theRequest.setRedirectorName("ServletRedirectorSecure");
theRequest.setAuthentication(new FormAuthentication("admin",
"admin"));
}
public void testBasicAuthentication() {
assertEquals("admin",
request.getUserPrincipal().getName());
assertEquals("admin", request.getRemoteUser());
assertTrue("User not in 'admin' role",
request.isUserInRole("admin"));
}
I am getting this error when I run the test in Log4J DEBUG mode

-
18:00:12,899 [main] DEBUG ent.HttpClientConnectionHelper  -
http://localhost:8080/ServletRedirector]) 
18:00:12,899 [main] DEBUG ent.HttpClientConnectionHelper  - >getCookieString
= [null] 
18:00:13,891 [main] DEBUG ent.HttpClientConnectionHelper  - >connect =
[org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir
ector] 
18:00:13,901 [main] DEBUG util.HttpURLConnection  -
getHeaderFieldKey = [Connection] 
18:00:13,901 [main] DEBUG util.HttpURLConnection  -
getHeaderFieldKey = [null] 
18:00:13,901 [main] DEBUG hentication.FormAuthentication  - Using security
check URL [http://localhost:8080/j_security_check] 
18:00:13,901 [main] DEBUG client.ConnectionHelperFactory  -
http://localhost:8080/j_security_check],
[org.apache.cactus.util.ServletConfiguration@1dff3a2]) 
18:00:13,901 [main] DEBUG client.ConnectionHelperFactory  -
>getConnectionHelper =
[org.apache.cactus.client.HttpClientConnectionHelper@1d9fd51] 
18:00:13,901 [main] DEBUG cactus.WebRequest   -
121f1d]) 
18:00:13,971 [main] DEBUG util.ChainedRuntimeException- >printStackTrace

org.apache.cactus.util.ChainedRuntimeException: Failed to authenticate the
principal
at
org.apache.cactus.client.authentication.FormAuthentication.authenticate(Form
Authentication.java;org/apache/cactus/util/log/LogAspect.aj(1k):288)
at
org.apache.cactus.client.authentication.FormAuthentication.configure$ajcPost
Around13(FormAuthentication.java;org/apache/cactus/util/log/LogAspect.aj(1k)
:147)
at
org.apache.cactus.client.authentication.FormAuthentication.configure$ajcPost
Around13$ajcVoidWrapper(FormAuthentication.java;org/apache/cactus/util/log/L
ogAspect.aj(1k))
at
org.apache.cactus.client.authentication.FormAuthentication.configure(FormAut
hentication.java;org/apache/cactus/util/log/LogAspect.aj(1k):1151)
at
org.apache.cactus.client.HttpClientConnectionHelper.connect$ajcPostAround9(H
ttpClientConnectionHelper.java;org/apache/cactus/util/log/LogAspect.aj(1k):1
16)
at
org.apache.cactus.client.HttpClientConnectionHelper.connect(HttpClientConnec
tionHelper.java;org/apache/cactus/util/log/LogAspect.aj(1k):1222)
at
org.apache.cactus.client.AbstractHttpClient.callRunTest(AbstractHttpClient.j
ava;org/apache/cactus/util/log/LogAspect.aj(1k):200)
at
org.apache.cactus.client.AbstractHttpClient.doTest$ajcPostAround8(AbstractHt
tpClient.java;org/apache/cactus/util/log/LogAspect.aj(1k):124)
at
org.apache.cactus.client.AbstractHttpClient.doTest(AbstractHttpClient.java;o
rg/apache/cactus/util/log/LogAspect.aj(1k):1222)
at
org.apache.cactus.AbstractWebTestCase.runWebTest(AbstractWebTestCase.java:31
0)
at
org.apache.cactus.AbstractWebTestCase.runGenericTest(AbstractWebTestCase.jav
a:260)
at
org.apache.cactus.ServletTestCase.runTest(ServletTestCase.java:136)
at
org.apache.cactus.AbstractTestCase.runBare(AbstractTestCase.java:255)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:118)
at junit.framework.TestSuite.runTest(TestSuite.java:208)
at junit.framework.TestSuite.run(TestSuite.java:203)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRu
nner.java:329)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.
java:218)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner
.

using body content in conditional custom tags (if then else)

2002-10-25 Thread Glania, Damian

Hi all,
I'm trying to test my own "if", "then" and "else" custom tags using Cactus
(1.4.1). 
I previously tested the tags using simple JSPs, so I assume, they work
properly.

All my cactus tests work properly with Tomcat4.0. If I use Tomcat 4.1 then
one test fails.
The failing test case is very simple: after setting the if-condition to
"false" I expect (in endXXX)
to find in the output only the content of the "else" tag but not the content
of "then" tag.
The assertion fails, because it both contents (from "then" and "else") are
found.
(The test with condition set to "true" works on both Tomcat versions)

I assume, I'm using the pageContext.pushBody() and/or pageContext.popBody()
somewhere wrong.
Could you please suggest a proper way to test such "conditional body tags"?

Here, how I'm setting the "then" and "else" tags:
..
// create a 'then' tag
IfThenTag thenTag = new IfThenTag();
thenTag.setPageContext(pageContext);
thenTag.setParent(tag);  // 'if' is parent of 'then'
assertEquals("Eval body expexted", BodyTag.EVAL_BODY_TAG,
thenTag.doStartTag());

//obtain the bodyContent object for 'then' tag
BodyContent bodyContent = pageContext.pushBody();
thenTag.setBodyContent(bodyContent);
thenTag.doInitBody();

//write some "output" into the bodyContent so that endIfTrueThenElse
can test for it.
bodyContent.println("This is the content of 'then' (if condition was
true)");

// doAfterBody() actually handles the processing of the body
assertEquals("Skip body expexted", BodyTag.SKIP_BODY,
thenTag.doAfterBody());

//after the body processing completes
thenTag.doEndTag();

//finally call popBody for thenTag
//necessary for tag to output anything on most servlet engines.
pageContext.popBody();


// create a 'else' tag
IfElseTag elseTag = new IfElseTag();
elseTag.setPageContext(pageContext);
elseTag.setParent(tag);  // 'if' parent of 'else'
assertEquals("Eval body expexted", BodyTag.EVAL_BODY_TAG,
elseTag.doStartTag());

//obtain the bodyContent object for 'else' tag
bodyContent = pageContext.pushBody();
elseTag.setBodyContent(bodyContent);
elseTag.doInitBody();

//write some "output" into the bodyContent so that endIfTrueThenElse
can test for it.
bodyContent.println("This is the content of 'else' (if condition was
false )");

// doAfterBody() actually handles the processing of the body
assertEquals("Skip body expexted", BodyTag.SKIP_BODY,
elseTag.doAfterBody());

//after the body processing completes
elseTag.doEndTag();

//finally call popBody for elseTag
//necessary for tag to output anything on most servlet engines.
pageContext.popBody();

assertEquals("Skip body expexted", Tag.SKIP_BODY,
tag.doAfterBody());


As I said, the "setting" code above works perfectly well on both Tomcat
versions. 
The endIfFalseXXX() however fails on Tomcat 4.1 because the following
assertion:

assertTrue("Unexpected content of 'then' found",
content.indexOf("This is the content of 'then' (if condition was
true)") == -1);

fails.

Thanks in advance,
  Damian

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: FormAuthentication

Problem with cactus, ant and weblogic 6.1: runservertests hangs if weblogic dooesn't start

RE: FormAuthentication

RE: About Cactus and Quality Assurance

configuring struts1.0 with lateste version of cactus

RE: FormAuthentication

RE: FormAuthentication

RE: FormAuthentication

RE: FormAuthentication

RE: FormAuthentication

RE: FormAuthentication

RE: FormAuthentication

RE: FormAuthentication

FormAuthentication

using body content in conditional custom tags (if then else)

15 matches

Site Navigation

Mail list logo

Footer information