jakarta-cactus-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vmas...@apache.org
Subject cvs commit: jakarta-cactus/integration/ant/src/test/org/apache/cactus/integration/ant TestCactifyWarTask.java
Date Fri, 02 Apr 2004 11:53:54 GMT
vmassol     2004/04/02 03:53:54

  Modified:    integration/ant/src/java/org/apache/cactus/integration/ant
                        CactifyWarTask.java
               documentation/docs/xdocs/writing howto_security.xml
               documentation/docs/xdocs changes.xml
               integration/ant/src/test/org/apache/cactus/integration/ant
                        TestCactifyWarTask.java
  Log:
  Ensure that the <cactus> task correctly checks if the container is up and
running, even when the user has defined custom secured redirectors. This is achieved by always
registering some default not-secured Cactus redirectors.
  
  Revision  Changes    Path
  1.30      +29 -32    jakarta-cactus/integration/ant/src/java/org/apache/cactus/integration/ant/CactifyWarTask.java
  
  Index: CactifyWarTask.java
  ===================================================================
  RCS file: /home/cvs/jakarta-cactus/integration/ant/src/java/org/apache/cactus/integration/ant/CactifyWarTask.java,v
  retrieving revision 1.29
  retrieving revision 1.30
  diff -u -r1.29 -r1.30
  --- CactifyWarTask.java	21 Mar 2004 17:43:53 -0000	1.29
  +++ CactifyWarTask.java	2 Apr 2004 11:53:53 -0000	1.30
  @@ -199,6 +199,10 @@
        */
       public static final class FilterRedirector extends Redirector
       {
  +        /**
  +         * Default not-secured Filter redirector name.
  +         */
  +        private static final String DEFAULT_NAME = "DefaultFilterRedirector";
   
           /**
            * Default constructor.
  @@ -232,6 +236,10 @@
        */
       public static final class JspRedirector extends Redirector
       {
  +        /**
  +         * Default not-secured JSP redirector name.
  +         */
  +        private static final String DEFAULT_NAME = "DefaultJspRedirector";
   
           /**
            * Default constructor.
  @@ -262,7 +270,11 @@
        */
       public static final class ServletRedirector extends Redirector
       {
  -
  +        /**
  +         * Default not-secured servlet redirector name.
  +         */
  +        private static final String DEFAULT_NAME = "DefaultServletRedirector";
  +        
           /**
            * Default constructor.
            */
  @@ -572,42 +584,27 @@
        */
       private void addRedirectorDefinitions(WebXml theWebXml)
       {
  -        boolean filterRedirectorDefined = false;
  -        boolean jspRedirectorDefined = false;
  -        boolean servletRedirectorDefined = false;
  +        // Always add the default redirectors first. The reason is that
  +        // these redirectors need to be not secured as they will be used
  +        // to verify if the container is up and running or not.
  +
  +        FilterRedirector defaultFilterRedirector = new FilterRedirector();
  +        defaultFilterRedirector.setName(FilterRedirector.DEFAULT_NAME);
  +        defaultFilterRedirector.mergeInto(theWebXml);
           
  +        ServletRedirector defaultServletRedirector = new ServletRedirector();
  +        defaultServletRedirector.setName(ServletRedirector.DEFAULT_NAME);
  +        defaultServletRedirector.mergeInto(theWebXml);
  +
  +        JspRedirector defaultJspRedirector = new JspRedirector();
  +        defaultJspRedirector.setName(JspRedirector.DEFAULT_NAME);
  +        defaultJspRedirector.mergeInto(theWebXml);
  +       
           // add the user defined redirectors
           for (Iterator i = this.redirectors.iterator(); i.hasNext();)
           {
               Redirector redirector = (Redirector) i.next();
  -            if (redirector instanceof FilterRedirector)
  -            {
  -                filterRedirectorDefined = true;
  -            }
  -            else if (redirector instanceof JspRedirector)
  -            {
  -                jspRedirectorDefined = true;
  -            }
  -            else if (redirector instanceof ServletRedirector)
  -            {
  -                servletRedirectorDefined = true;
  -            }
               redirector.mergeInto(theWebXml);
  -        }
  -
  -        // now add the default redirectors if they haven't been provided by
  -        // the user
  -        if (!filterRedirectorDefined)
  -        {
  -            new FilterRedirector().mergeInto(theWebXml);
  -        }
  -        if (!servletRedirectorDefined)
  -        {
  -            new ServletRedirector().mergeInto(theWebXml);
  -        }
  -        if (!jspRedirectorDefined)
  -        {
  -            new JspRedirector().mergeInto(theWebXml);
           }
       }
   
  
  
  
  1.6       +64 -56    jakarta-cactus/documentation/docs/xdocs/writing/howto_security.xml
  
  Index: howto_security.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-cactus/documentation/docs/xdocs/writing/howto_security.xml,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- howto_security.xml	13 Mar 2004 14:40:48 -0000	1.5
  +++ howto_security.xml	2 Apr 2004 11:53:53 -0000	1.6
  @@ -105,70 +105,78 @@
   
       <section title="Step 2: Securing the Cactus Redirector">
   
  +      <note>
  +        If you're using the Cactus Ant tasks to execute your Cactus
  +        tests, please check the <a href="site:task_cactifywar">Cactifywar
  +        task</a> page as the configuration below is only required 
  +        for manual configuration and is handled automatically by the
  +        Cactifywar task.
  +      </note> 
         <p>
  -       All calls to the server side go through the Cactus Servlet Redirector
  -       and thus it is that servlet that needs to be secured in
  -       <code>web.xml</code>. It is performed as follows (example):
  -      </p>
  +        All calls to the server side go through the Cactus Servlet Redirector
  +        and thus it is that servlet that needs to be secured in
  +        <code>web.xml</code>. The required modifications to <code>web.xml</code>
  +        are as follows (example):
  +       </p>
   
   <source><![CDATA[
   [...]
   
   <web-app>
   
  -    <servlet>
  -        <servlet-name>ServletRedirector</servlet-name>
  -        <servlet-class>org.apache.cactus.server.ServletTestRedirector</servlet-class>
  -    </servlet>
  -
  -    <servlet>
  -        <servlet-name>ServletRedirectorSecure</servlet-name>
  -        <servlet-class>org.apache.cactus.server.ServletTestRedirector</servlet-class>
  -    </servlet>
  -
  -    [...]
  -
  -    <servlet-mapping>
  -        <servlet-name>ServletRedirector</servlet-name>
  -        <url-pattern>/ServletRedirector</url-pattern>
  -    </servlet-mapping>
  -
  -    <servlet-mapping>
  -        <servlet-name>ServletRedirectorSecure</servlet-name>
  -        <url-pattern>/ServletRedirectorSecure</url-pattern>
  -    </servlet-mapping>
  -
  -    [...]
  -
  -  	<!-- Start Authentication -->
  -
  -  	<security-constraint>
  -     	<web-resource-collection>
  -        	<web-resource-name>SecurityRestriction</web-resource-name>
  -         	<description>Protect the Cactus redirector servlet.</description>
  -         	<url-pattern>/ServletRedirectorSecure</url-pattern>
  -         	<http-method>GET</http-method>
  -         	<http-method>POST</http-method>
  -     	</web-resource-collection>
  -     	<auth-constraint>
  -         	<description>Authorized Users Group</description>
  -         	<role-name>test</role-name>
  -     	</auth-constraint>
  -     	<user-data-constraint>
  -        	<transport-guarantee>NONE</transport-guarantee>
  -    	</user-data-constraint>
  -   	</security-constraint>
  -
  -    <login-config>
  -    	<auth-method>BASIC</auth-method>
  -   	</login-config>
  -
  -	<security-role>
  -		<description>Test role</description>
  -		<role-name>test</role-name>
  -	</security-role>
  +  <servlet>
  +    <servlet-name>ServletRedirector</servlet-name>
  +    <servlet-class>org.apache.cactus.server.ServletTestRedirector</servlet-class>
  +  </servlet>
  +
  +  <servlet>
  +    <servlet-name>ServletRedirectorSecure</servlet-name>
  +    <servlet-class>org.apache.cactus.server.ServletTestRedirector</servlet-class>
  +  </servlet>
  +
  +  [...]
  +
  +  <servlet-mapping>
  +    <servlet-name>ServletRedirector</servlet-name>
  +    <url-pattern>/ServletRedirector</url-pattern>
  +  </servlet-mapping>
  +
  +  <servlet-mapping>
  +    <servlet-name>ServletRedirectorSecure</servlet-name>
  +    <url-pattern>/ServletRedirectorSecure</url-pattern>
  +  </servlet-mapping>
  +
  +  [...]
  +
  +  <!-- Start Authentication -->
  +
  +  <security-constraint>
  +    <web-resource-collection>
  +      <web-resource-name>SecurityRestriction</web-resource-name>
  +      <description>Protect the Cactus redirector servlet.</description>
  +      <url-pattern>/ServletRedirectorSecure</url-pattern>
  +      <http-method>GET</http-method>
  +      <http-method>POST</http-method>
  +    </web-resource-collection>
  +    <auth-constraint>
  +      <description>Authorized Users Group</description>
  +      <role-name>test</role-name>
  +    </auth-constraint>
  +    <user-data-constraint>
  +      <transport-guarantee>NONE</transport-guarantee>
  +    </user-data-constraint>
  +  </security-constraint>
  +
  +  <login-config>
  +    <auth-method>BASIC</auth-method>
  +  </login-config>
  +
  +  <security-role>
  +    <description>Test role</description>
  +    <role-name>test</role-name>
  +  </security-role>
   
  -  	<!-- End Authentication -->
  +  <!-- End Authentication -->
   
   </web-app>
   ]]></source>
  
  
  
  1.179     +6 -0      jakarta-cactus/documentation/docs/xdocs/changes.xml
  
  Index: changes.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-cactus/documentation/docs/xdocs/changes.xml,v
  retrieving revision 1.178
  retrieving revision 1.179
  diff -u -r1.178 -r1.179
  --- changes.xml	25 Mar 2004 09:34:43 -0000	1.178
  +++ changes.xml	2 Apr 2004 11:53:53 -0000	1.179
  @@ -90,6 +90,12 @@
         </devs>
   
         <release version="1.6dev" date="in CVS">
  +        <action dev="VMA" type="fix" due-to="Gertjan van Oosten">
  +          Ensure that the &lt;cactus&gt; task correctly checks if the 
  +          container is up and running, even when the user has defined
  +          custom secured redirectors. This is achieved by always registering
  +          some default not-secured Cactus redirectors.
  +        </action>
           <action dev="VMA" type="add">
             Added new optional nested <code>&lt;containerclasspath&gt;</code>

             element for the <code>&lt;cactus&gt;</code> task. It allows

  
  
  
  1.19      +100 -31   jakarta-cactus/integration/ant/src/test/org/apache/cactus/integration/ant/TestCactifyWarTask.java
  
  Index: TestCactifyWarTask.java
  ===================================================================
  RCS file: /home/cvs/jakarta-cactus/integration/ant/src/test/org/apache/cactus/integration/ant/TestCactifyWarTask.java,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -r1.18 -r1.19
  --- TestCactifyWarTask.java	21 Mar 2004 17:43:53 -0000	1.18
  +++ TestCactifyWarTask.java	2 Apr 2004 11:53:54 -0000	1.19
  @@ -147,8 +147,10 @@
               webXml.getVersion());
           assertServletMapping(webXml,
               "org.apache.cactus.server.ServletTestRedirector",
  +            "DefaultServletRedirector",
               "/ServletRedirector");
  -        assertJspMapping(webXml, "/jspRedirector.jsp", "/JspRedirector");
  +        assertJspMapping(webXml, "/jspRedirector.jsp", "DefaultJspRedirector", 
  +            "/JspRedirector");
           // As the deployment descriptor in the source WAR doesn't contain a 
           // DOCTYPE, it is assumed to be a version 2.2 descriptor. Thus it 
           // should not contain a definition of the filter test redirector.
  @@ -171,10 +173,12 @@
           WarArchive destWar = new DefaultWarArchive(destFile);
           WebXml webXml = destWar.getWebXml();
           assertEquals(WebXmlVersion.V2_2, webXml.getVersion());
  -        assertServletMapping(webXml,
  +        assertServletMapping(webXml, 
               "org.apache.cactus.server.ServletTestRedirector",
  +            "DefaultServletRedirector",
               "/ServletRedirector");
  -        assertJspMapping(webXml, "/jspRedirector.jsp", "/JspRedirector");
  +        assertJspMapping(webXml, "/jspRedirector.jsp", "DefaultJspRedirector",
  +            "/JspRedirector");
           assertTrue("Filter test redirector should not have been defined",
               !webXml.getFilterNames().hasNext());
       }
  @@ -193,12 +197,15 @@
           WarArchive destWar = new DefaultWarArchive(destFile);
           WebXml webXml = destWar.getWebXml();
           assertEquals(WebXmlVersion.V2_3, webXml.getVersion());
  -        assertServletMapping(webXml,
  +        assertServletMapping(webXml, 
               "org.apache.cactus.server.ServletTestRedirector",
  +            "DefaultServletRedirector",
               "/ServletRedirector");
  -        assertJspMapping(webXml, "/jspRedirector.jsp", "/JspRedirector");
  +        assertJspMapping(webXml, "/jspRedirector.jsp", "DefaultJspRedirector",
  +            "/JspRedirector");
           assertFilterMapping(webXml,
               "org.apache.cactus.server.FilterTestRedirector",
  +            "DefaultFilterRedirector",
               "/FilterRedirector");
       }
   
  @@ -219,8 +226,10 @@
           assertEquals(WebXmlVersion.V2_2, webXml.getVersion());
           assertServletMapping(webXml,
               "org.apache.cactus.server.ServletTestRedirector",
  +            "DefaultServletRedirector",
               "/ServletRedirector");
  -        assertJspMapping(webXml, "/jspRedirector.jsp", "/JspRedirector");
  +        assertJspMapping(webXml, "/jspRedirector.jsp", "DefaultJspRedirector",
  +            "/JspRedirector");
           assertTrue("Filter test redirector should not have been defined",
               !webXml.getFilterNames().hasNext());
       }
  @@ -241,11 +250,14 @@
           WebXml webXml = destWar.getWebXml();
           assertEquals(WebXmlVersion.V2_3, webXml.getVersion());
           assertServletMapping(webXml,
  -            "org.apache.cactus.server.ServletTestRedirector",
  +            "org.apache.cactus.server.ServletTestRedirector",                
  +            "DefaultServletRedirector",
               "/ServletRedirector");
  -        assertJspMapping(webXml, "/jspRedirector.jsp", "/JspRedirector");
  +        assertJspMapping(webXml, "/jspRedirector.jsp", "DefaultJspRedirector",
  +            "/JspRedirector");
           assertFilterMapping(webXml,
               "org.apache.cactus.server.FilterTestRedirector",
  +            "DefaultFilterRedirector",
               "/FilterRedirector");
       }
   
  @@ -263,7 +275,8 @@
           WarArchive destWar = new DefaultWarArchive(destFile);
           WebXml webXml = destWar.getWebXml();
           assertServletMapping(webXml,
  -            "org.apache.cactus.server.ServletTestRedirector",
  +            "org.apache.cactus.server.ServletTestRedirector",                
  +            "ServletRedirector", 
               "/test/servletRedirector");
       }
   
  @@ -280,7 +293,8 @@
           File destFile = getProject().resolveFile("work/destfile.war");
           WarArchive destWar = new DefaultWarArchive(destFile);
           WebXml webXml = destWar.getWebXml();
  -        assertJspMapping(webXml, "/jspRedirector.jsp", "/test/jspRedirector");
  +        assertJspMapping(webXml, "/jspRedirector.jsp", "JspRedirector",
  +            "/test/jspRedirector");
       }
   
       /**
  @@ -298,6 +312,7 @@
           WebXml webXml = destWar.getWebXml();
           assertFilterMapping(webXml,
               "org.apache.cactus.server.FilterTestRedirector",
  +            "FilterRedirector",
               "/test/filterRedirector");
       }
   
  @@ -472,19 +487,37 @@
        * 
        * @param theWebXml The deployment descriptor
        * @param theFilterClass The name of the filter class
  +     * @param theFilterName The name of the filter
        * @param theMapping The URL-pattern that the filter is expected to be
        *        mapped to
        */
       private void assertFilterMapping(WebXml theWebXml, String theFilterClass,
  -        String theMapping)
  +        String theFilterName, String theMapping)
       {
           Iterator names = theWebXml.getFilterNamesForClass(theFilterClass);
  -        assertTrue("Definition of " + theFilterClass + " not found",
  -            names.hasNext());
  -        String name = (String) names.next();
  +
  +        // Look for the definition that matches the JSP servlet name
  +        boolean found = false; 
  +        String name = null;
  +        while (names.hasNext())
  +        {
  +            name = (String) names.next();
  +            if (name.equals(theFilterName))
  +            {
  +                found = true;
  +                break;
  +            }
  +        }
  +        
  +        if (!found)
  +        {
  +            fail("Definition of [" + theFilterClass + "(" + theFilterName
  +                + ")] not found");
  +        }
  +
           Iterator mappings = theWebXml.getFilterMappings(name);
  -        assertTrue("Mapping for " + theFilterClass + " not found",
  -            mappings.hasNext());
  +        assertTrue("Mapping for [" + theFilterClass + "(" + theFilterName
  +            + ")] not found", mappings.hasNext());
           assertEquals(theMapping, mappings.next());
       }
   
  @@ -494,41 +527,77 @@
        * 
        * @param theWebXml The deployment descriptor
        * @param theJspFile The JSP file name
  +     * @param theJspName The JSP servlet name
        * @param theMapping The URL-pattern that the JSP file is expected to be
        *        mapped to
        */
       private void assertJspMapping(WebXml theWebXml, String theJspFile,
  -        String theMapping)
  +        String theJspName, String theMapping)
       {
           Iterator names = theWebXml.getServletNamesForJspFile(theJspFile);
  -        assertTrue("Definition of " + theJspFile + " not found",
  -            names.hasNext());
  -        String name = (String) names.next();
  +
  +        // Look for the definition that matches the JSP servlet name
  +        boolean found = false; 
  +        String name = null;
  +        while (names.hasNext())
  +        {
  +            name = (String) names.next();
  +            if (name.equals(theJspName))
  +            {
  +                found = true;
  +                break;
  +            }
  +        }
  +        
  +        if (!found)
  +        {
  +            fail("Definition of [" + theJspFile + "(" + theJspName
  +                + ")] not found");
  +        }
  +        
           Iterator mappings = theWebXml.getServletMappings(name);
  -        assertTrue("Mapping for " + theJspFile + " not found",
  -            mappings.hasNext());
  +        assertTrue("Mapping for [" + theJspFile + "(" + theJspName
  +            + ")] not found", mappings.hasNext());
           assertEquals(theMapping, mappings.next());
       }
   
       /**
  -     * Asserts that a servlet of the specified class is defined in the given
  +     * Asserts that a servlet of the specified name is defined in the given
        * deployment descriptor and mapped to a specific URL-pattern.
        * 
        * @param theWebXml The deployment descriptor
        * @param theServletClass The name of servlet class
  +     * @param theServletName The name of the servlet
        * @param theMapping The URL-pattern that the servlet is expected to be
        *        mapped to
        */
  -    private void assertServletMapping(WebXml theWebXml, String theServletClass,
  -        String theMapping)
  +    private void assertServletMapping(WebXml theWebXml, String theServletClass, 
  +        String theServletName, String theMapping)
       {
           Iterator names = theWebXml.getServletNamesForClass(theServletClass);
  -        assertTrue("Definition of " + theServletClass + " not found",
  -            names.hasNext());
  -        String name = (String) names.next();
  +        
  +        // Look for the definition that matches the servlet name
  +        boolean found = false; 
  +        String name = null;
  +        while (names.hasNext())
  +        {
  +            name = (String) names.next();
  +            if (name.equals(theServletName))
  +            {
  +                found = true;
  +                break;
  +            }
  +        }
  +
  +        if (!found)
  +        {
  +            fail("Definition of [" + theServletClass + "(" + theServletName
  +                + ")] not found");
  +        }
  +        
           Iterator mappings = theWebXml.getServletMappings(name);
  -        assertTrue("Mapping for " + theServletClass + " not found",
  -            mappings.hasNext());
  +        assertTrue("Mapping for [" + theServletClass + "(" + theServletName
  +            + ")] not found", mappings.hasNext());
           assertEquals(theMapping, mappings.next());
       }
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: cactus-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: cactus-dev-help@jakarta.apache.org


Mime
View raw message