ASF Bugzilla – Attachment 28628 Details for
Bug 53096
New test cases for TestDigestAuthenticator
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
patch file for test org.apache.catalina.authenticator.TestDigestAuthenticator
patch.txt (text/plain), 12.93 KB, created by
Brian Burch
on 2012-04-17 17:19:00 UTC
(
hide
)
Description:
patch file for test org.apache.catalina.authenticator.TestDigestAuthenticator
Filename:
MIME Type:
Creator:
Brian Burch
Created:
2012-04-17 17:19:00 UTC
Size:
12.93 KB
patch
obsolete
>Index: test/org/apache/catalina/authenticator/TestDigestAuthenticator.java >=================================================================== >--- test/org/apache/catalina/authenticator/TestDigestAuthenticator.java (revision 1327176) >+++ test/org/apache/catalina/authenticator/TestDigestAuthenticator.java (working copy) >@@ -41,8 +41,10 @@ > > public class TestDigestAuthenticator extends TomcatBaseTest { > >- private static String USER = "user"; >- private static String PWD = "pwd"; >+ private static String USER1 = "user"; >+ private static String USER2 = "USER"; >+ private static String PWD1 = "pwd"; >+ private static String PWD2 = "PWD"; > private static String ROLE = "role"; > private static String URI = "/protected"; > private static String QUERY = "?foo=bar"; >@@ -56,109 +58,144 @@ > > @Test > public void testAllValid() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- NC1, NC2, CNONCE, QOP, true, true); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, NC1, NC2, CNONCE, QOP, true, true); > } > > @Test > public void testValidNoQop() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- null, null, null, null, true, true); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, null, null, null, null, true, true); > } > > @Test >+ public void testValidUppercaseDigest() throws Exception { >+ // verify fix for bug 52954 - accomodate broken android HTTP DIGEST >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, true, >+ true, true, null, null, null, null, true, true); >+ } >+ >+ @Test >+ public void testValidUppercaseUser() throws Exception { >+ doTest(USER2, PWD2, CONTEXT_PATH + URI, false, true, >+ REALM, false, true, true, null, null, null, null, true, true); >+ } >+ >+ @Test > public void testValidQuery() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI + QUERY, false, true, REALM, true, >- true, NC1, NC2, CNONCE, QOP, true, true); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI + QUERY, false, true, REALM, >+ false, true, true, NC1, NC2, CNONCE, QOP, true, true); > } > > @Test >+ public void testInvalidBadUser() throws Exception { >+ doTest("badUser", PWD1, CONTEXT_PATH + URI, false, true, >+ REALM, false, true, true, null, null, null, null, false, false); >+ } >+ >+ @Test >+ public void testInvalidBadPassword() throws Exception { >+ doTest(USER1, "pWd", CONTEXT_PATH + URI, false, true, >+ REALM, false, true, true, null, null, null, null, false, false); >+ } >+ >+ @Test > public void testInvalidUriFail() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, true, true, REALM, true, true, >- NC1, NC2, CNONCE, QOP, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, true, true, REALM, >+ false, true, true, NC1, NC2, CNONCE, QOP, false, false); > } > > @Test > public void testInvalidUriPass() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, true, false, REALM, true, true, >- NC1, NC2, CNONCE, QOP, true, true); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, true, false, REALM, false, >+ true, true, NC1, NC2, CNONCE, QOP, true, true); > } > > @Test > public void testInvalidRealm() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, "null", true, true, >- NC1, NC2, CNONCE, QOP, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, "null", false, >+ true, true, NC1, NC2, CNONCE, QOP, false, false); > } > > @Test > public void testInvalidNonce() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, false, true, >- NC1, NC2, CNONCE, QOP, false, true); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ false, true, NC1, NC2, CNONCE, QOP, false, true); > } > > @Test > public void testInvalidOpaque() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, false, >- NC1, NC2, CNONCE, QOP, false, true); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, false, NC1, NC2, CNONCE, QOP, false, true); > } > > @Test > public void testInvalidNc1() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- "null", null, CNONCE, QOP, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, "null", null, CNONCE, QOP, false, false); > } > > @Test > public void testInvalidQop() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- NC1, NC2, CNONCE, "null", false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, NC1, NC2, CNONCE, "null", false, false); > } > > @Test > public void testInvalidQopCombo1() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- NC1, NC2, CNONCE, null, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, NC1, NC2, CNONCE, null, false, false); > } > > @Test > public void testInvalidQopCombo2() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- NC1, NC2, null, QOP, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, NC1, NC2, null, QOP, false, false); > } > > @Test > public void testInvalidQopCombo3() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- NC1, NC2, null, null, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, NC1, NC2, null, null, false, false); > } > > @Test > public void testInvalidQopCombo4() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- null, null, CNONCE, QOP, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, null, null, CNONCE, QOP, false, false); > } > > @Test > public void testInvalidQopCombo5() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- null, null, CNONCE, null, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, null, null, CNONCE, null, false, false); > } > > @Test > public void testInvalidQopCombo6() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- null, null, null, QOP, false, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, null, null, null, QOP, false, false); > } > > @Test > public void testReplay() throws Exception { >- doTest(USER, PWD, CONTEXT_PATH + URI, false, true, REALM, true, true, >- NC1, NC1, CNONCE, QOP, true, false); >+ doTest(USER1, PWD1, CONTEXT_PATH + URI, false, true, REALM, false, >+ true, true, NC1, NC1, CNONCE, QOP, true, false); > } > >+ /* >+ * Simulate a browser, perform the test and verify the server reply >+ * >+ * In order to inject illegal oe unusual browser replies, several >+ * flags are available: >+ * >+ * @param breakUri use the wrong uri in the digest response >+ * @param makeUppercaseHashes hashes normally contain lowercase hex digits >+ */ > public void doTest(String user, String pwd, String uri, boolean breakUri, >- boolean validateUri, String realm, boolean useServerNonce, >- boolean useServerOpaque, String nc1, String nc2, String cnonce, >+ boolean validateUri, String realm, boolean makeUppercaseHashes, >+ boolean useServerNonce, boolean useServerOpaque, >+ String nc1, String nc2, String cnonce, > String qop, boolean req2expect200, boolean req3expect200) > throws Exception { > >@@ -177,8 +214,8 @@ > digestUri = uri; > } > List<String> auth = new ArrayList<String>(); >- auth.add(buildDigestResponse(user, pwd, digestUri, realm, "null", >- "null", nc1, cnonce, qop)); >+ auth.add(buildDigestResponse(user, pwd, digestUri, realm, >+ makeUppercaseHashes, "null", "null", nc1, cnonce, qop)); > Map<String,List<String>> reqHeaders = new HashMap<String,List<String>>(); > reqHeaders.put(CLIENT_AUTH_HEADER, auth); > >@@ -198,15 +235,17 @@ > if (useServerNonce) { > if (useServerOpaque) { > auth.add(buildDigestResponse(user, pwd, digestUri, realm, >- getNonce(respHeaders), getOpaque(respHeaders), nc1, >- cnonce, qop)); >+ makeUppercaseHashes, getNonce(respHeaders), >+ getOpaque(respHeaders), nc1, cnonce, qop)); > } else { > auth.add(buildDigestResponse(user, pwd, digestUri, realm, >- getNonce(respHeaders), "null", nc1, cnonce, qop)); >+ makeUppercaseHashes, getNonce(respHeaders), >+ "null", nc1, cnonce, qop)); > } > } else { > auth.add(buildDigestResponse(user, pwd, digestUri, realm, >- "null", getOpaque(respHeaders), nc1, cnonce, QOP)); >+ makeUppercaseHashes, "null", >+ getOpaque(respHeaders), nc1, cnonce, QOP)); > } > rc = getUrl("http://localhost:" + getPort() + uri, bc, reqHeaders, > null); >@@ -217,6 +256,8 @@ > } else { > assertEquals(401, rc); > assertTrue(bc.getLength() > 0); >+ // test was intended to fail, so don't try 3rd request >+ return; > } > > // Third request should succeed if we increment nc >@@ -224,8 +265,8 @@ > bc.recycle(); > bc.reset(); > auth.add(buildDigestResponse(user, pwd, digestUri, realm, >- getNonce(respHeaders), getOpaque(respHeaders), nc2, cnonce, >- qop)); >+ makeUppercaseHashes, getNonce(respHeaders), >+ getOpaque(respHeaders), nc2, cnonce, qop)); > rc = getUrl("http://localhost:" + getPort() + uri, bc, reqHeaders, > null); > >@@ -261,8 +302,10 @@ > > // Configure the Realm > MapRealm realm = new MapRealm(); >- realm.addUser(USER, PWD); >- realm.addUserRole(USER, ROLE); >+ realm.addUser(USER1, PWD1); >+ realm.addUserRole(USER1, ROLE); >+ realm.addUser(USER2, PWD2); >+ realm.addUserRole(USER2, ROLE); > ctxt.setRealm(realm); > > // Configure the authenticator >@@ -309,14 +352,15 @@ > ) <"> > */ > private static String buildDigestResponse(String user, String pwd, >- String uri, String realm, String nonce, String opaque, String nc, >+ String uri, String realm, boolean makeUppercaseHashes, >+ String nonce, String opaque, String nc, > String cnonce, String qop) throws NoSuchAlgorithmException { > > String a1 = user + ":" + realm + ":" + pwd; > String a2 = "GET:" + uri; > >- String md5a1 = digest(a1); >- String md5a2 = digest(a2); >+ String md5a1 = digest(a1, makeUppercaseHashes); >+ String md5a2 = digest(a2, makeUppercaseHashes); > > String response; > if (qop == null) { >@@ -326,7 +370,7 @@ > qop + ":" + md5a2; > } > >- String md5response = digest(response); >+ String md5response = digest(response, makeUppercaseHashes); > > StringBuilder auth = new StringBuilder(); > auth.append("Digest username=\""); >@@ -361,12 +405,15 @@ > return auth.toString(); > } > >- private static String digest(String input) throws NoSuchAlgorithmException { >+ private static String digest(String input, boolean makeUppercaseHashes) >+ throws NoSuchAlgorithmException { > // This is slow but should be OK as this is only a test > MessageDigest md5 = MessageDigest.getInstance("MD5"); > MD5Encoder encoder = new MD5Encoder(); > > md5.update(input.getBytes()); >- return encoder.encode(md5.digest()); >+ String hashString = encoder.encode(md5.digest()); >+ // MD5Encoder always returns hex digits as lowercase characters >+ return (makeUppercaseHashes ? hashString.toUpperCase() : hashString ); > } > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=28628">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 53096
: 28628