commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rwaldh...@apache.org
Subject cvs commit: jakarta-commons/httpclient/src/test/org/apache/commons/httpclient TestWebappBasicAuth.java
Date Thu, 15 Nov 2001 23:00:38 GMT
rwaldhoff    01/11/15 15:00:37

  Modified:    httpclient/src/java/org/apache/commons/httpclient
                        HttpMethodBase.java
               httpclient/src/test/org/apache/commons/httpclient
                        TestWebappBasicAuth.java
  Log:
  Fixing bug 4902, Http Authentication with invalid credentials causes infinite loop (unless
log.isInfoEnabled is true)
  
  Also adding unit test to TestWebappBasicAuth that demonstrates the bug.
  
  [Paul Bryan's patch]
  
  Revision  Changes    Path
  1.19      +8 -8      jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java
  
  Index: HttpMethodBase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -r1.18 -r1.19
  --- HttpMethodBase.java	2001/10/12 17:55:35	1.18
  +++ HttpMethodBase.java	2001/11/15 23:00:37	1.19
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v
1.18 2001/10/12 17:55:35 rwaldhoff Exp $
  - * $Revision: 1.18 $
  - * $Date: 2001/10/12 17:55:35 $
  + * $Header: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v
1.19 2001/11/15 23:00:37 rwaldhoff Exp $
  + * $Revision: 1.19 $
  + * $Date: 2001/11/15 23:00:37 $
    * ====================================================================
    *
    * The Apache Software License, Version 1.1
  @@ -109,7 +109,7 @@
    *
    * @author <a href="mailto:remm@apache.org">Remy Maucherat</a>
    * @author Rodney Waldhoff
  - * @version $Revision: 1.18 $ $Date: 2001/10/12 17:55:35 $
  + * @version $Revision: 1.19 $ $Date: 2001/11/15 23:00:37 $
    */
   public abstract class HttpMethodBase implements HttpMethod {
   
  @@ -453,14 +453,14 @@
               if(HttpStatus.SC_UNAUTHORIZED == statusCode) {
                   Header wwwauth = getResponseHeader("WWW-Authenticate");
                   if(null != wwwauth) {
  -                    String foo = getPath() + ":" + wwwauth.getValue();
  -                    if(realms.contains(foo)) {
  +                    String pathAndCreds = getPath() + ":" + wwwauth.getValue();
  +                    if(realms.contains(pathAndCreds)) {
                           if(log.isInfoEnabled()) {
                               log.info("Already tried to authenticate to \"" + wwwauth.getValue()
+ "\" but still receiving " + HttpStatus.SC_UNAUTHORIZED + ".");
  -                            break;
                           }
  +                        break;
                       } else {
  -                        realms.add(foo);
  +                        realms.add(pathAndCreds);
                       }
   
                       boolean authenticated = false;
  
  
  
  1.3       +34 -4     jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestWebappBasicAuth.java
  
  Index: TestWebappBasicAuth.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestWebappBasicAuth.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- TestWebappBasicAuth.java	2001/10/04 17:49:13	1.2
  +++ TestWebappBasicAuth.java	2001/11/15 23:00:37	1.3
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestWebappBasicAuth.java,v
1.2 2001/10/04 17:49:13 rwaldhoff Exp $
  - * $Revision: 1.2 $
  - * $Date: 2001/10/04 17:49:13 $
  + * $Header: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestWebappBasicAuth.java,v
1.3 2001/11/15 23:00:37 rwaldhoff Exp $
  + * $Revision: 1.3 $
  + * $Date: 2001/11/15 23:00:37 $
    * ====================================================================
    *
    * The Apache Software License, Version 1.1
  @@ -83,7 +83,7 @@
    * "httpclient.test.webappContext" property.
    *
    * @author Rodney Waldhoff
  - * @version $Id: TestWebappBasicAuth.java,v 1.2 2001/10/04 17:49:13 rwaldhoff Exp $
  + * @version $Id: TestWebappBasicAuth.java,v 1.3 2001/11/15 23:00:37 rwaldhoff Exp $
    */
   public class TestWebappBasicAuth extends TestWebappBase {
   
  @@ -220,6 +220,36 @@
           assertEquals(200,method.getStatusCode());
           assert(method.getResponseBodyAsString().indexOf("<title>BasicAuth Servlet:
GET</title>") >= 0);
           assert(method.getResponseBodyAsString().indexOf("<p>You have authenticated
as \"jakarta:commons\"</p>") >= 0);
  +    }
  +
  +    public void testBadCredFails() throws Exception {
  +        HttpClient client = new HttpClient();
  +        client.startSession(host, port);
  +        GetMethod method = new GetMethod("/" + context + "/auth/basic");
  +        method.setUseDisk(false);
  +        try {
  +            client.executeMethod(method);
  +        } catch (Throwable t) {
  +            t.printStackTrace();
  +            fail("Unable to execute method : " + t.toString());
  +        }
  +        assertEquals(HttpStatus.SC_UNAUTHORIZED,method.getStatusCode());
  +        assert(method.getResponseBodyAsString().indexOf("<title>BasicAuth Servlet:
GET</title>") >= 0);
  +        assert(method.getResponseBodyAsString().indexOf("<p>Not authorized.</p>")
>= 0);
  +
  +        client.getState().setCredentials("BasicAuthServlet",new UsernamePasswordCredentials("bad","creds"));
  +
  +        method.recycle();
  +        method.setPath("/" + context + "/auth/basic");
  +        try {
  +            client.executeMethod(method);
  +        } catch (Throwable t) {
  +            t.printStackTrace();
  +            fail("Unable to execute method : " + t.toString());
  +        }
  +        assertEquals(HttpStatus.SC_UNAUTHORIZED,method.getStatusCode());
  +        assert(method.getResponseBodyAsString().indexOf("<title>BasicAuth Servlet:
GET</title>") >= 0);
  +        assert(method.getResponseBodyAsString().indexOf("<p>Not authorized. \"Basic
YmFkOmNyZWRz\" not recognized.</p>") >= 0);
       }
   }
   
  
  
  

--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>


Mime
View raw message