jakarta-cactus-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kazuhito SUGURI <suguri.kazuh...@lab.ntt.co.jp>
Subject Re: negative testing with FormAuthentication
Date Tue, 06 Jun 2006 03:05:17 GMT
Hi Gabriel,

In article <ecddc75b0605161404j6ec617ecx8d1b143566af8a0d@mail.gmail.com>,
Tue, 16 May 2006 17:04:14 -0400,
Gabe <bastien.gabriel@gmail.com> wrote: 
gabriel> I've been setting up a cactus test to test a web application
gabriel> containers login.  My test succeeds until I try a bad login.  The
gabriel> FormAuthentication throws a
gabriel> "org.apache.cactus.util.ChainedRuntimeException: Failed to
gabriel> authenticate the principal" exception.  This is expected behavior.
gabriel> The problem I can't wrap my head around is how is my test case
gabriel> supposed to catch the exception?  I put try catch blocks in the
gabriel> beginXXX() and in the testXXX() methods and neither catch the
gabriel> exception.

I can understand what you want to do.
However, you can not do it that way.

The WebRequest instance is a container that maintains instructions
to set the pre-test condition that should be tuned befor
the testXXX() method is executed.
After your begin() and beginXXX() methods provide the WebRequest instance,
the client-side of the Cactus framework uses it to set the server-side
pre-test condition for testXXX(). This means that the authentication
would be performed AFTER the beginXXX() method.
This is why you cannot catch the exception.


gabriel> Right now the exception causes an error and makes the test fail.  But
gabriel> the login was supposed to fail.
gabriel> 
gabriel> How should one test and assert a failed login using Cactus?

HttpUnit or other functional testing frameworks would be appropriated.

To test a failed login situation in Cactus world, you should consider
how the behavior of the container is different between
a request not authenticated and a request that failed to authenticate.
# For unit testing, both may be considered as same, but I'm not sure.
## It may be depending on the container implementation.


Regards,
----
Kazuhito SUGURI

Mime
View raw message