mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
blame | history | patch | commit | commitdiff | ignore whitespace
Jean-Noel Rouvignac
10.49.2013 7d0a463c658fe30fef8bfa93856a15e1ac08659b 
 opends/src/server/org/opends/server/protocols/http/CollectClientConnectionsFilter.java


@@ -32,6 +32,7 @@


import static org.opends.server.loggers.debug.DebugLogger.*;


import static org.opends.server.util.StaticUtils.*;




import java.io.IOException;


import java.net.InetAddress;


import java.net.UnknownHostException;


import java.text.ParseException;


@@ -41,6 +42,7 @@


import javax.servlet.FilterChain;


import javax.servlet.FilterConfig;


import javax.servlet.ServletException;


import javax.servlet.ServletOutputStream;


import javax.servlet.ServletRequest;


import javax.servlet.ServletResponse;


import javax.servlet.http.HttpServletRequest;


@@ -289,6 +291,27 @@


      resp.setHeader("WWW-Authenticate",


          "Basic realm=\"org.forgerock.opendj\"");


    }




    try


    {


      // Send error JSON document out


      resp.setHeader("Content-Type", "application/json");




      ServletOutputStream out = resp.getOutputStream();


      out.println("{");


      out.println("    \"code\": 401,");


      out.println("    \"message\": \"Invalid Credentials\",");


      out.println("    \"reason\": \"Unauthorized\"");


      out.println("}");


    }


    catch (IOException ignore)


    {


      // nothing else we can do in this case


      if (debugEnabled())


      {


        TRACER.debugCaught(DebugLogLevel.ERROR, ignore);


      }


    }


  }




  /**




 opends/tests/unit-tests-testng/src/server/org/opends/server/protocols/http/CollectClientConnectionsFilterTest.java


@@ -29,6 +29,9 @@


import static org.assertj.core.api.Assertions.*;


import static org.mockito.Mockito.*;




import java.io.IOException;




import javax.servlet.ServletOutputStream;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;




@@ -81,26 +84,45 @@




  @Test


  public void sendUnauthorizedResponseWithHttpBasicAuthWillChallengeUserAgent()


      throws Exception


  {


    authConfig.setBasicAuthenticationSupported(true);




    ServletOutputStream oStream = mock(ServletOutputStream.class);


    HttpServletResponse response = mock(HttpServletResponse.class);


    when(response.getOutputStream()).thenReturn(oStream);


    filter.sendUnauthorizedResponseWithHTTPBasicAuthChallenge(response);




    verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);


    verify(response).setHeader("WWW-Authenticate",


        "Basic realm=\"org.forgerock.opendj\"");


    verifyUnauthorizedOutputMessage(response, oStream);


  }




  @Test


  public void sendUnauthorizedResponseWithoutHttpBasicAuthWillNotChallengeUserAgent()


      throws Exception


  {


    authConfig.setBasicAuthenticationSupported(true);




    HttpServletResponse response = mock(HttpServletResponse.class);


    ServletOutputStream oStream = mock(ServletOutputStream.class);


    when(response.getOutputStream()).thenReturn(oStream);


    filter.sendUnauthorizedResponseWithHTTPBasicAuthChallenge(response);




    verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);


    verifyUnauthorizedOutputMessage(response, oStream);


  }




  private void verifyUnauthorizedOutputMessage(HttpServletResponse response,


      ServletOutputStream oStream) throws IOException


  {


    verify(response).getOutputStream();


    verify(oStream).println("{");


    verify(oStream).println("    \"code\": 401,");


    verify(oStream).println("    \"message\": \"Invalid Credentials\",");


    verify(oStream).println("    \"reason\": \"Unauthorized\"");


    verify(oStream).println("}");


  }




  @Test