FAT test for request authenticate for issue OpenLiberty#938

dev/com.ibm.ws.security.javaeesec_fat/fat/src/com/ibm/ws/security/javaeesec/fat/ProgrammaticTest.java

@@ -0,0 +1,110 @@
+/*******************************************************************************
+ * Copyright (c) 2017 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *     IBM Corporation - initial API and implementation
+ *******************************************************************************/
+package com.ibm.ws.security.javaeesec.fat;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.http.impl.client.DefaultHttpClient;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TestName;
+import org.junit.rules.TestRule;
+import org.junit.runner.RunWith;
+
+import com.ibm.ws.security.javaeesec.fat_helper.Constants;
+import com.ibm.ws.security.javaeesec.fat_helper.JavaEESecTestBase;
+import com.ibm.ws.security.javaeesec.fat_helper.WCApplicationHelper;
+import com.ibm.ws.webcontainer.security.test.servlets.SSLHelper;
+
+import componenttest.annotation.MinimumJavaLevel;
+import componenttest.custom.junit.runner.FATRunner;
+import componenttest.custom.junit.runner.Mode;
+import componenttest.custom.junit.runner.Mode.TestMode;
+import componenttest.custom.junit.runner.OnlyRunInJava7Rule;
+import componenttest.topology.impl.LibertyServer;
+import componenttest.topology.impl.LibertyServerFactory;
+
+/**
+ * Test Description:
+ */
+@MinimumJavaLevel(javaLevel = 1.8)
+@RunWith(FATRunner.class)
+@Mode(TestMode.LITE)
+public class ProgrammaticTest extends JavaEESecTestBase {
+
+    protected static Class<?> logClass = ProgrammaticTest.class;
+    protected static LibertyServer myServer = LibertyServerFactory.getLibertyServer("com.ibm.ws.security.javaeesec.fat");
+    protected String queryString = "/JavaEESec/UnprotectedServlet";
+    protected static String urlBase;
+    protected static String urlHttps;
+    protected static String JAR_NAME = "JavaEESecBase.jar";
+
+    protected DefaultHttpClient httpclient;
+
+    public ProgrammaticTest() {
+        super(myServer, logClass);
+    }
+
+    @ClassRule
+    public static final TestRule java7Rule = new OnlyRunInJava7Rule();
+
+    @Rule
+    public TestName name = new TestName();
+
+    @BeforeClass
+    public static void setUpBeforeClass() throws Exception {
+        WCApplicationHelper.addWarToServerApps(myServer, "JavaEESec.war", true, JAR_NAME, false, "web.jar.base", "web.war.servlets",
+                                               "web.war.identitystores");
+        myServer.setServerConfigurationFile("commonServer.xml");
+        myServer.startServer(true);
+        myServer.addInstalledAppForValidation("JavaEESec");
+
+        urlBase = "http://" + myServer.getHostname() + ":" + myServer.getHttpDefaultPort();
+        urlHttps = "https://" + myServer.getHostname() + ":" + myServer.getHttpDefaultSecurePort();
+    }
+
+    @AfterClass
+    public static void tearDownAfterClass() throws Exception {
+        myServer.stopServer();
+        myServer.setServerConfigurationFile("server.xml");
+    }
+
+    @SuppressWarnings("restriction")
+    @Before
+    public void setupConnection() {
+        httpclient = new DefaultHttpClient();
+        SSLHelper.establishSSLContext(httpclient, 0, myServer, null, null, null, null, null);
+    }
+
+    @After
+    public void cleanupConnection() {
+        httpclient.getConnectionManager().shutdown();
+    }
+
+    @Override
+    protected String getCurrentTestName() {
+        return name.getMethodName();
+    }
+
+    @Test
+    public void testRequestAuthenticate() throws Exception {
+        String response = executeGetRequestBasicAuthCreds(httpclient, urlHttps + queryString + "?method=authenticate", Constants.javaeesec_basicRoleUser,
+                                                          Constants.javaeesec_basicRolePwd,
+                                                          HttpServletResponse.SC_OK);
+//        verifyUserResponse(response, Constants.getUserPrincipalFound + Constants.javaeesec_basicRoleUser, Constants.getRemoteUserFound + Constants.javaeesec_basicRoleUser);
+    }
+
+}

dev/com.ibm.ws.security.javaeesec_fat/test-applications/JavaEESec.war/resources/WEB-INF/beans.xml

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/beans_1_1.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+xmlns="http://xmlns.jcp.org/xml/ns/javaee" bean-discovery-mode="all">
+</beans>

dev/com.ibm.ws.security.javaeesec_fat/test-applications/JavaEESec.war/resources/WEB-INF/web.xml

@@ -17,6 +17,16 @@
 		<url-pattern>/CommonServlet</url-pattern>
 	</servlet-mapping>
 
+	<servlet>
+		<display-name>UnprotectedServlet</display-name>
+		<servlet-name>UnprotectedServlet</servlet-name>
+		<servlet-class>web.war.servlets.UnprotectedServlet</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>UnprotectedServlet</servlet-name>
+		<url-pattern>/UnprotectedServlet</url-pattern>
+		<url-pattern>/UnprotectedServlet</url-pattern>
+	</servlet-mapping>
 
 	<!-- SECURITY CONSTRAINTS -->
 	<security-constraint>

dev/com.ibm.ws.security.javaeesec_fat/test-applications/JavaEESec.war/src/web/war/servlets/UnprotectedServlet.java

@@ -0,0 +1,34 @@
+/*******************************************************************************
+ * Copyright (c) 2017 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *     IBM Corporation - initial API and implementation
+ *******************************************************************************/
+package web.war.servlets;
+
+import web.jar.base.FlexibleBaseServlet;
+import javax.inject.Inject;
+import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
+
+@BasicAuthenticationMechanismDefinition
+public class UnprotectedServlet extends FlexibleBaseServlet {
+    private static final long serialVersionUID = 1L;
+
+    public UnprotectedServlet() {
+        super("UnprotectedServlet");
+
+        mySteps.add(new ProcessServlet30MethodStep());
+
+//        mySteps.add(new WriteRequestBasicsStep());
+//        mySteps.add(new WritePrincipalStep());
+//        mySteps.add(new WriteRolesStep());
+//        mySteps.add(new WriteSubjectStep());
+//        mySteps.add(new WritePublicCredentialsStep());
+//        mySteps.add(new WriteRunAsSubjectStep());
+//        mySteps.add(new WriteCookiesStep());
+    }
+}

dev/com.ibm.ws.security.javaeesec_fat/test-applications/JavaEESecBase.jar/src/web/jar/base/FlexibleBaseServlet.java

@@ -713,7 +713,7 @@ private void error(StringBuffer sb) {
         }
     }
 
-    class ProcessServlet30MethodStep implements BaseServletStep {
+    public class ProcessServlet30MethodStep implements BaseServletStep {
 
         Map<String, String> parseQuery(String query, StringBuffer sb) {
             Scanner commands = new Scanner(query).useDelimiter("[,;\\|&]");