Arquillian Glassfish Embedded Servlet Authtentication Test
lucianoborges Sep 19, 2013 5:21 PMHi all,
I'm trying to create a servlet to test Basic Authentication. I'm using Arquillian with Glassfish Embedded.
I have some questions:
1. I created a user in a separate Glassfish, I saw that it put my user in a file named keyfile. Where should I put this file in my project?
2. I put this in my web.xml (the file is in src/test/resources/security), is it correct?
<security-constraint> <web-resource-collection> <web-resource-name>Exemplo</web-resource-name> <url-pattern>/AuthenticationServlet</url-pattern> </web-resource-collection> <auth-constraint> <role-name>user</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>file</realm-name> </login-config>
3. I create a file name sun-web.xml (the file is in src/test/resources/security) with the code below, is it correct?
<sun-web-app error-url=""> <security-role-mapping> <role-name>user</role-name> <group-name>users</group-name> </security-role-mapping> </sun-web-app>
4. I copy the file domain.xml from the separeted Glassfish and put it in the directory src/test/resources/security, is it correct?
Below, the code from my AuthenticationServlet.
public class AuthenticationServlet extends HttpServlet { private static final long serialVersionUID = 1L; @Inject private SecurityContext securityContext; @Inject private Credentials credentials; protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { credentials.setUsername("asdrubal"); credentials.setPassword("asdrubal"); securityContext.login(); response.setStatus(HttpStatus.SC_OK); } }
Below, my keyfile content.
asdrubal;{SSHA256}xYbabe0zKCOUrsH4SNQ+MK75W7FxJujcDcAJ9iXruHm1uT5mn+yktw==;users
Below, my test class:
@RunWith(Arquillian.class) public class SecurityTest { private static final String PATH = "src/test/resources/security"; @ArquillianResource private URL deploymentUrl; @Deployment(testable = false) public static WebArchive createDeployment() { return Tests.createDeployment().addClass(AuthenticationServlet.class) .add(Tests.createFileAsset(PATH + "/keyfile"), "keyfile") .addAsWebInfResource(Tests.createFileAsset(PATH + "/domain.xml"), "domain.xml") .addAsWebInfResource(Tests.createFileAsset(PATH + "/sun-web.xml"), "sun-web.xml") .addAsWebInfResource(Tests.createFileAsset(PATH + "/web.xml"), "web.xml"); } @Test public void authentication() throws Exception { HttpClient client = new HttpClient(); GetMethod method = new GetMethod(deploymentUrl + "/AuthenticationServlet"); try { int status = client.executeMethod(method); assertEquals(HttpStatus.SC_OK, status); } catch (Exception e) { fail(); } } }
Where I'm going wrong?