001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.wicket.markup.html.form.login;
018:
019: import javax.servlet.http.HttpServletResponse;
020:
021: import junit.framework.TestCase;
022:
023: import org.apache.wicket.Component;
024: import org.apache.wicket.Request;
025: import org.apache.wicket.Response;
026: import org.apache.wicket.RestartResponseAtInterceptPageException;
027: import org.apache.wicket.Session;
028: import org.apache.wicket.authorization.Action;
029: import org.apache.wicket.authorization.IAuthorizationStrategy;
030: import org.apache.wicket.protocol.http.HttpSessionStore;
031: import org.apache.wicket.protocol.http.WebApplication;
032: import org.apache.wicket.protocol.http.WebRequestCycle;
033: import org.apache.wicket.protocol.http.WebResponse;
034: import org.apache.wicket.protocol.http.WebSession;
035: import org.apache.wicket.session.ISessionStore;
036: import org.apache.wicket.util.string.Strings;
037: import org.apache.wicket.util.tester.WicketTester;
038:
039: /**
040: * @author marrink
041: *
042: */
043: public class InterceptTest extends TestCase {
044: private WicketTester application;
045:
046: /**
047: * Constructor for InterceptTest.
048: *
049: * @param arg0
050: */
051: public InterceptTest(String arg0) {
052: super (arg0);
053: }
054:
055: /**
056: * @see TestCase#setUp()
057: */
058: protected void setUp() throws Exception {
059: application = new WicketTester(new MyMockWebApplication());
060: }
061:
062: /**
063: * @see TestCase#tearDown()
064: */
065: protected void tearDown() throws Exception {
066: application.destroy();
067: }
068:
069: /**
070: *
071: */
072: public void testClickLink() {
073: application.setupRequestAndResponse();
074: application.processRequestCycle();
075: MockLoginPage loginPage = (MockLoginPage) application
076: .getLastRenderedPage();
077: assertEquals(((MyMockWebApplication) application
078: .getApplication()).getLoginPage(), loginPage.getClass());
079:
080: application.setupRequestAndResponse();
081: application.getServletRequest().setRequestToComponent(
082: loginPage.getForm());
083: application.getServletRequest().setParameter(
084: loginPage.getTextField().getInputName(), "admin");
085: application.processRequestCycle();
086:
087: // continueToInterceptPage seems to return the same call, causing it to
088: // login twice as a result the lastrendered page is null
089: assertEquals(application.getApplication().getHomePage(),
090: application.getLastRenderedPage().getClass());
091:
092: application.setupRequestAndResponse();
093: application.getServletRequest().setRequestToComponent(
094: application.getLastRenderedPage().get("link"));
095: application.processRequestCycle();
096: assertEquals(PageA.class, application.getLastRenderedPage()
097: .getClass());
098: }
099:
100: /**
101: *
102: */
103: public void testClickLink2() {
104: // same as above but uses different technique to login
105: application.setupRequestAndResponse();
106: application.processRequestCycle();
107: MockLoginPage loginPage = (MockLoginPage) application
108: .getLastRenderedPage();
109: assertEquals(((MyMockWebApplication) application
110: .getApplication()).getLoginPage(), loginPage.getClass());
111:
112: // bypass form completely to login but continue to intercept page
113: application.setupRequestAndResponse();
114: WebRequestCycle requestCycle = application.createRequestCycle();
115: assertTrue(((MockLoginPage) application.getLastRenderedPage())
116: .login("admin"));
117: application.processRequestCycle(requestCycle);
118: assertEquals(application.getApplication().getHomePage(),
119: application.getLastRenderedPage().getClass());
120:
121: application.setupRequestAndResponse();
122: application.getServletRequest().setRequestToComponent(
123: application.getLastRenderedPage().get("link"));
124: application.processRequestCycle();
125: assertEquals(PageA.class, application.getLastRenderedPage()
126: .getClass());
127: }
128:
129: /**
130: *
131: * @author
132: */
133: private static class MyMockWebApplication extends WebApplication {
134: private static final long serialVersionUID = 1L;
135:
136: public Class getHomePage() {
137: return MockHomePage.class;
138: }
139:
140: protected void init() {
141: getSecuritySettings().setAuthorizationStrategy(
142: new MyAuthorizationStrategy());
143: }
144:
145: /**
146: *
147: * @return Class
148: */
149: public Class getLoginPage() {
150: return MockLoginPage.class;
151: }
152:
153: /**
154: *
155: * @see org.apache.wicket.ISessionFactory#newSession(Request, Response)
156: */
157: public Session newSession(Request request, Response response) {
158: return new MySession(this , request);
159: }
160:
161: protected WebResponse newWebResponse(
162: HttpServletResponse servletResponse) {
163: return new WebResponse(servletResponse);
164: }
165:
166: protected void outputDevelopmentModeWarning() {
167: // Do nothing.
168: }
169:
170: protected ISessionStore newSessionStore() {
171: // Don't use a filestore, or we spawn lots of threads, which makes things slow.
172: return new HttpSessionStore(this );
173: }
174: }
175:
176: /**
177: *
178: */
179: public static class MySession extends WebSession {
180: private static final long serialVersionUID = 1L;
181:
182: private String username;
183:
184: /**
185: * @param application
186: * @param request
187: */
188: protected MySession(WebApplication application, Request request) {
189: super (application, request);
190: }
191:
192: protected final String getUsername() {
193: return username;
194: }
195:
196: protected final void setUsername(String username) {
197: this .username = username;
198: }
199:
200: /**
201: *
202: * @return boolean
203: */
204: public boolean isLoggedIn() {
205: return !Strings.isEmpty(username);
206: }
207: }
208:
209: /**
210: *
211: */
212: private static class MyAuthorizationStrategy implements
213: IAuthorizationStrategy {
214: /**
215: * @see org.apache.wicket.authorization.IAuthorizationStrategy#isInstantiationAuthorized(java.lang.Class)
216: */
217: public boolean isInstantiationAuthorized(Class componentClass) {
218: if (MockHomePage.class.equals(componentClass)
219: && !((MySession) Session.get()).isLoggedIn()) {
220: throw new RestartResponseAtInterceptPageException(
221: MockLoginPage.class);
222: }
223: return true;
224: }
225:
226: /**
227: * @see org.apache.wicket.authorization.IAuthorizationStrategy#isActionAuthorized(org.apache.wicket.Component,
228: * org.apache.wicket.authorization.Action)
229: */
230: public boolean isActionAuthorized(Component component,
231: Action action) {
232: return true;
233: }
234: }
235: }
|