@Deployment(testable = false)
public static WebArchive createDeployment() {
return defaultArchive();
}
git clone git://github.com/javaee-samples/javaee7-samples.git
cd javaee7-samples/jaspic/lifecycle/
Now we are ready to start testing. You can run all the tests in this sample by executing:mvn test
Or you can run individual tests by executing one of the following:mvn test -Dtest=AuthModuleMethodInvocationTest
This tests that the two main methods of a SAM, {@link ServerAuthModule#validateRequest} and {@link ServerAuthModule#secureResponse} are called at the right time, which is resp. before and after the resource (e.g. a Servlet) is invoked.
@Deployment(testable = false)
public static WebArchive createDeployment() {
return defaultArchive();
}
Test that the main SAM methods are called and are called in the correct order.
The rule seems simple: <ul> <li>First call validateRequest() in the SAM. <li>Then invoke the requested resource (e.g. a Servlet or JSP page) <li>Finally call secureResponse() in the SAM </ul>
@Test
public void testBasicSAMMethodsCalled() throws IOException, SAXException {
String response = getFromServerPath("protected/servlet");
// First test if individual methods are called
assertTrue("SAM method validateRequest not called, but should have been.",
response.contains("validateRequest invoked"));
assertTrue("Resource (Servlet) not invoked, but should have been.", response.contains("Resource invoked"));
// The previous two methods are rare to not be called, but secureResponse is more likely to fail. Seemingly it's hard
// to understand what this method should do exactly.
assertTrue("SAM method secureResponse not called, but should have been.",
response.contains("secureResponse invoked"));
// Finally the order should be correct. More than a few implementations call secureResponse before the resource is
// invoked.
assertTrue("SAM methods called in wrong order",
response.contains("validateRequest invoked\nResource invoked\nsecureResponse invoked\n"));
}
Test that the SAM’s cleanSubject method is called following a call to {@link HttpServletRequest#logout()}. <p> Although occasionally a JASPIC 1.0 implementation indeed does this, it’s only mandated that this happens in JASPIC 1.1
@Test
public void testLogout() throws IOException, SAXException {
// Note that we don't explicitly log-in; the test SAM uses for this test does that automatically before the resource
// (servlet)
// is invoked. Once we reach the Servlet we should be logged-in and can proceed to logout.
String response = getFromServerPath("protected/servlet?doLogout");
assertTrue("SAM method cleanSubject not called, but should have been.",
response.contains("cleanSubject invoked"));
}
There's a lot more about JavaEE to cover. If you're ready to learn more, check out the other available samples.
git clone git://github.com/javaee-samples/javaee7-samples.git
cd javaee7-samples/jaspic/lifecycle/
Do the changes as you see fit and send a pull request!
Good Luck!