httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s.@apache.org
Subject svn commit: r960128 - in /httpd/test/framework/trunk/t: conf/extra.conf.in modules/aaa.t
Date Fri, 02 Jul 2010 22:25:41 GMT
Author: sf
Date: Fri Jul  2 22:25:41 2010
New Revision: 960128

URL: http://svn.apache.org/viewvc?rev=960128&view=rev
Log:
Add test for open issues with authorization by user OR env/IP/...

Added:
    httpd/test/framework/trunk/t/modules/aaa.t
Modified:
    httpd/test/framework/trunk/t/conf/extra.conf.in

Modified: httpd/test/framework/trunk/t/conf/extra.conf.in
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/conf/extra.conf.in?rev=960128&r1=960127&r2=960128&view=diff
==============================================================================
--- httpd/test/framework/trunk/t/conf/extra.conf.in (original)
+++ httpd/test/framework/trunk/t/conf/extra.conf.in Fri Jul  2 22:25:41 2010
@@ -534,6 +534,42 @@ LimitRequestFields    32
 </IfDefine>
 
 ##
+## authz_core test config: authz by user or by env
+##
+<IfDefine APACHE2>
+    <IfModule mod_authz_core.c>
+    <IfModule mod_authn_file.c>
+        <IfModule mod_auth_digest.c>
+            Alias /authz/digest @DocumentRoot@
+            <Location /authz>
+                <RequireAny>
+                    Require valid-user
+                    Require env allowed
+                </RequireAny>
+                AuthType Digest
+                AuthName realm2
+                AuthUserFile realm2
+           </Location>
+        </IfModule>
+        <IfModule mod_auth_basic.c>
+            Alias /authz/basic @DocumentRoot@
+            <Location /authz/basic>
+                <RequireAny>
+                    Require valid-user
+                    Require env allowed
+                </RequireAny>
+                AuthType Basic
+                AuthName basic1
+                AuthUserFile basic1
+           </Location>
+        </IfModule>
+       SetEnvIf X-Allowed "yes" allowed
+    </IfModule>
+    </IfModule>
+</IfDefine>
+
+
+##
 ## ErrorDocument handling
 ## create it's own virtual host so it doesn't interfere
 ## with other tests for 404 messages

Added: httpd/test/framework/trunk/t/modules/aaa.t
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/modules/aaa.t?rev=960128&view=auto
==============================================================================
--- httpd/test/framework/trunk/t/modules/aaa.t (added)
+++ httpd/test/framework/trunk/t/modules/aaa.t Fri Jul  2 22:25:41 2010
@@ -0,0 +1,113 @@
+use strict;
+use warnings FATAL => 'all';
+
+use Apache::Test;
+use Apache::TestRequest;
+use Apache::TestUtil qw(t_write_file);
+use File::Spec;
+
+Apache::TestRequest::user_agent(keep_alive => 1);
+
+my %headers = (
+                basic  => [ 'WWW-Authenticate' ],
+                digest => [ 'WWW-Authenticate', 'Authentication-Info' ],
+              );
+
+my @types;
+
+my $tests = 0;
+foreach my $t (qw/basic digest/) {
+    push @types, $t if have_module("mod_auth_$t");
+    $tests += 5 + 2*(@{$headers{$t}});
+}
+
+plan tests => $tests,
+                  need need_lwp,
+                  need_module('mod_authn_core'),
+                  need_module('mod_authz_core'),
+                  need_module('mod_authn_file'),
+                  need_module('mod_authz_host'),
+                  need_min_apache_version('2.3.7');
+
+
+# write out the authentication files
+my $digest_file = File::Spec->catfile(Apache::Test::vars('serverroot'), 'realm2');
+t_write_file($digest_file, << 'EOF' );
+# udigest/pdigest
+udigest:realm2:bccffb0d42943019acfbebf2039b8a3a
+EOF
+
+my $basic_file = File::Spec->catfile(Apache::Test::vars('serverroot'), 'basic1');
+t_write_file($basic_file, << 'EOF' );
+# ubasic:pbasic
+ubasic:$apr1$opONH1Fj$dX0sZdZ0rRWEk0Wj8y.Qv1
+EOF
+
+sub check_headers
+{
+    my $type = shift;
+    my $response = shift;
+    my $code = shift;
+
+    foreach my $h (@{$headers{$type}}) {
+        ok($response->header($h),
+           undef,
+           "$type: $code response should have no $h header");
+    }
+}
+
+
+
+foreach my $type (@types) {
+    my $url   = "/authz/$type/index.html";
+
+    {
+      my $response = GET $url;
+
+      ok($response->code,
+         401,
+         "$type: no user to authenticate and no env to authorize");
+    }
+
+    {
+      # bad pass
+      my $response = GET $url,
+                       username => "u$type", password => 'foo';
+
+      ok($response->code,
+         401,
+         "$type: u$type:foo not found");
+    }
+
+    {
+      # authenticated
+      my $response = GET $url,
+                       username => "u$type", password => "p$type";
+
+      ok($response->code,
+         200,
+         "$type: u$type:p$type found");
+    }
+
+    {
+      # authorized by env
+      my $response = GET $url, 'X-Allowed' => 'yes';
+
+      ok($response->code,
+         200,
+         "$type: authz by envvar");
+
+      check_headers($type, $response, 200);
+    }
+
+    {
+      # authorized by env / with error
+      my $response = GET "$url.foo", 'X-Allowed' => 'yes';
+
+      ok($response->code,
+         404,
+         "$type: not found");
+
+      check_headers($type, $response, 404);
+    }
+}



Mime
View raw message