cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1510704 - in /cxf/trunk/rt/frontend/jaxrs/src: main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java test/java/org/apache/cxf/jaxrs/security/ test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
Date Mon, 05 Aug 2013 20:14:53 GMT
Author: dkulp
Date: Mon Aug  5 20:14:53 2013
New Revision: 1510704

URL: http://svn.apache.org/r1510704
Log:
CXF-5157 - Made the JAAS realm string rfc2617 compliant

Added:
    cxf/trunk/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/
    cxf/trunk/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
Modified:
    cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java

Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java?rev=1510704&r1=1510703&r2=1510704&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java
(original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java
Mon Aug  5 20:14:53 2013
@@ -137,7 +137,7 @@ public class JAASAuthenticationFilter im
                 sb.append("Basic");
             }
             if (realmName != null) {
-                sb.append(' ').append(realmName);
+                sb.append(" realm=\"").append(realmName).append('"');
             }
             builder.header(HttpHeaders.WWW_AUTHENTICATE, sb.toString());
             

Added: cxf/trunk/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java?rev=1510704&view=auto
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
(added)
+++ cxf/trunk/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilterTest.java
Mon Aug  5 20:14:53 2013
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.jaxrs.security;
+
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageImpl;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class JAASAuthenticationFilterTest extends Assert {
+
+    @Test
+    public void testRFC2617() throws Exception {
+
+        JAASAuthenticationFilter filter = new JAASAuthenticationFilter();
+        filter.setRealmName("foo");
+
+        Message m = new MessageImpl();
+        Response r = filter.handleAuthenticationException(new SecurityException("Bad Auth"),
m);
+        assertNotNull(r);
+
+        String result = r.getHeaderString(HttpHeaders.WWW_AUTHENTICATE);
+        assertNotNull(result);
+
+        //Test that the header conforms to RFC2617
+        assertEquals("Basic realm=\"foo\"", result);
+    }
+}



Mime
View raw message