user3464679
Reputation: 309
HTTPUnit Tests for Authorization
I am using HTTP Unit for testing my authorization framework.
I have problems when I try to test the cases after the Log-in, because the tests always check the first returned status codes. When someone who is not authenticated tries to access a protected resource, the first status code is 401, he has the chance to provide his credentials and after log-in the status code is 200.
How can I program the test to perform the authentication and wait for the last status code?
This is how I did it until now. It failes, because the first status code is 401 and not 200. Is there a keep alive option?
@Test
public void testReqRestrictedResourceWithValidRole() throws Exception
{
// Request a protected page with valid credentials and valid role
// protectedUrl requires role ADMIN
// user has role ADMIN
String username = "user";
String password = "password";
String decUserPass = username + ":" + password;
String base64encUserPass =
DatatypeConverter.printBase64Binary(decUserPass.getBytes());
webClient.addRequestHeader("Authorization", "Basic " + base64encUserPass);
Page page = webClient.getPage(protectedUrl);
int statuscode = page.getWebResponse().getStatusCode();
assertEquals(statuscode, 200, "Wrong statuscode.");
}
Thanks!
Upvotes: 1
Views: 89
Answers (0)
Related Questions
- How to set a security context for java HttpUrlConnection?
- Java: fetch URL with HTTPBasic Authentication
- Spring boot Http Security config unit test
- Passing basic auth credentials with every request with HtmlUnit WebClient
- Unit testing basic auth
- How do I add username / password authentication information in a HtmlUnit test case?
- HttpURLConnection authentication mode
- How do I programmatically test authorization for URLs in Spring Security?
- Unit testing "authorize" Spring Security JSP taglib
- Unit Testing Authentication