cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jgenen...@apache.org
Subject svn commit: r1507149 - in /cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src: main/java/org/apache/cxf/jaxrs/security/ test/java/org/apache/cxf/jaxrs/security/
Date Thu, 25 Jul 2013 23:02:08 GMT
Author: jgenender
Date: Thu Jul 25 23:02:08 2013
New Revision: 1507149

URL: http://svn.apache.org/r1507149
Log:
CXF-5157 - Made the JAAS realm string rfc2617 compliant

Added:
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
Modified:
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java

Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java?rev=1507149&r1=1507148&r2=1507149&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java
Thu Jul 25 23:02:08 2013
@@ -135,7 +135,7 @@ public class JAASAuthenticationFilter im
                 sb.append("Basic");
             }
             if (realmName != null) {
-                sb.append(' ').append(realmName);
+                sb.append(" realm=\"").append(realmName).append('"');
             }
             builder.header(HttpHeaders.WWW_AUTHENTICATE, sb.toString());
             

Added: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java?rev=1507149&view=auto
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
(added)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
Thu Jul 25 23:02:08 2013
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.jaxrs.security;
+
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageImpl;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class JAASAuthenticationFilterTest extends Assert {
+
+    @Test
+    public void testRFC2617() throws Exception {
+
+        JAASAuthenticationFilter filter = new JAASAuthenticationFilter();
+        filter.setRealmName("foo");
+
+        Message m = new MessageImpl();
+        Response r = filter.handleAuthenticationException(new SecurityException("Bad Auth"),
m);
+        assertNotNull(r);
+
+        String result = r.getHeaderString(HttpHeaders.WWW_AUTHENTICATE);
+        assertNotNull(result);
+
+        //Test that the header conforms to RFC2617
+        assertEquals("Basic realm=\"foo\"", result);
+    }
+}



Mime
View raw message