Java Credentials類代碼示例

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Retrieves the content under the given URL with username and passwort
 * authentication.
 * 
 * @param url
 *            the URL to read
 * @param username
 * @param password
 * @return the read content.
 * @throws IOException
 *             if an I/O exception occurs.
 */
private static byte[] getUrlContent(URL url, String username,
        String password) throws IOException {
    final HttpClient client = new HttpClient();

    // Set credentials:
    client.getParams().setAuthenticationPreemptive(true);
    final Credentials credentials = new UsernamePasswordCredentials(
            username, password);
    client.getState()
            .setCredentials(
                    new AuthScope(url.getHost(), url.getPort(),
                            AuthScope.ANY_REALM), credentials);

    // Retrieve content:
    final GetMethod method = new GetMethod(url.toString());
    final int status = client.executeMethod(method);
    if (status != HttpStatus.SC_OK) {
        throw new IOException("Error " + status + " while retrieving "
                + url);
    }
    return method.getResponseBody();
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Helper to create a test folder with a single ACE pre-created
 */
private void createAceOrderTestFolderWithOneAce() throws IOException, JsonException {
	testUserId = H.createTestUser();
	
	testFolderUrl = H.createTestFolder();

	addOrUpdateAce(testFolderUrl, testUserId, true, null);

	//fetch the JSON for the acl to verify the settings.
	String getUrl = testFolderUrl + ".acl.json";

	Credentials creds = new UsernamePasswordCredentials("admin", "admin");
	String json = H.getAuthenticatedContent(creds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
	assertNotNull(json);
	
               JsonObject jsonObject = JsonUtil.parseObject(json);
               assertEquals(1, jsonObject.size());

               JsonObject user = jsonObject.getJsonObject(testUserId);
               assertNotNull(user);
               assertEquals(testUserId, user.getString("principal"));
               assertEquals(0, user.getInt("order"));

}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Helper to add or update an ace for testing
 */
private void addOrUpdateAce(String folderUrl, String principalId, boolean readGranted, String order) throws IOException, JsonException {
       String postUrl = folderUrl + ".modifyAce.html";

	//1. create an initial set of privileges
	List<NameValuePair> postParams = new ArrayList<NameValuePair>();
	postParams.add(new NameValuePair("principalId", principalId));
	postParams.add(new NameValuePair("[email protected]:read", readGranted ? "granted" : "denied"));
	postParams.add(new NameValuePair("[email protected]:write", "denied"));
	if (order != null) {
		postParams.add(new NameValuePair("order", order));
	}
	
	Credentials creds = new UsernamePasswordCredentials("admin", "admin");
	H.assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Test for SLING-1677
 */
@Test 
public void testModifyAceResponseAsJSON() throws IOException, JsonException {
	testUserId = H.createTestUser();
	
	testFolderUrl = H.createTestFolder();
	
       String postUrl = testFolderUrl + ".modifyAce.json";

	List<NameValuePair> postParams = new ArrayList<NameValuePair>();
	postParams.add(new NameValuePair("principalId", testUserId));
	postParams.add(new NameValuePair("[email protected]:read", "granted"));
	postParams.add(new NameValuePair("[email protected]:write", "denied"));
	postParams.add(new NameValuePair("[email protected]:modifyAccessControl", "bogus")); //invalid value should be ignored.
	
	Credentials creds = new UsernamePasswordCredentials("admin", "admin");
	String json = H.getAuthenticatedPostContent(creds, postUrl, HttpTest.CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);

       //make sure the json response can be parsed as a JSON object
       JsonObject jsonObject = JsonUtil.parseObject(json);
	assertNotNull(jsonObject);
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
public void testRemoveAce() throws IOException, JsonException {
	String folderUrl = createFolderWithAces(false);
	
	//remove the ace for the testUser principal
	String postUrl = folderUrl + ".deleteAce.html"; 
	List<NameValuePair> postParams = new ArrayList<NameValuePair>();
	postParams.add(new NameValuePair(":applyTo", testUserId));
       Credentials creds = new UsernamePasswordCredentials("admin", "admin");
	assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, null);

	//fetch the JSON for the acl to verify the settings.
	String getUrl = folderUrl + ".acl.json";

	String json = getAuthenticatedContent(creds, getUrl, CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
	assertNotNull(json);

	JsonObject jsonObject = JsonUtil.parseObject(json);
	assertNotNull(jsonObject);
	assertEquals(0, jsonObject.size());
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Test for SLING-1677
 */
public void testRemoveAcesResponseAsJSON() throws IOException, JsonException {
	String folderUrl = createFolderWithAces(true);
	
	//remove the ace for the testUser principal
	String postUrl = folderUrl + ".deleteAce.json"; 
	List<NameValuePair> postParams = new ArrayList<NameValuePair>();
	postParams.add(new NameValuePair(":applyTo", testUserId));
	postParams.add(new NameValuePair(":applyTo", testGroupId));
       Credentials creds = new UsernamePasswordCredentials("admin", "admin");
       String json = getAuthenticatedPostContent(creds, postUrl, CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);

       //make sure the json response can be parsed as a JSON object
       JsonObject jsonObject = JsonUtil.parseObject(json);
	assertNotNull(jsonObject);
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
public void testAnonymousContent() throws Exception {
    // disable credentials -> anonymous session
    final URL url = new URL(HTTP_BASE_URL);
    final AuthScope scope = new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM);
    httpClient.getParams().setAuthenticationPreemptive(false);
    httpClient.getState().setCredentials(scope, null);
    
    try {
        assertContent();
    } finally {
        // re-enable credentials -> admin session
        httpClient.getParams().setAuthenticationPreemptive(true);
        Credentials defaultcreds = new UsernamePasswordCredentials("admin", "admin");
        httpClient.getState().setCredentials(scope, defaultcreds);
    }
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
@Test
public void testValidatingIncorrectHttpBasicCredentials() throws Exception {

    // assume http and webdav are on the same host + port
    URL url = new URL(HttpTest.HTTP_BASE_URL);
    Credentials defaultcreds = new UsernamePasswordCredentials("garbage", "garbage");
    H.getHttpClient().getState()
            .setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds);

    List<NameValuePair> params = new ArrayList<NameValuePair>();
    params.add(new NameValuePair("j_validate", "true"));
    HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL + "/j_security_check",
            HttpServletResponse.SC_FORBIDDEN, params, null);
    assertXReason(post);

    HttpMethod get = H.assertHttpStatus(HttpTest.HTTP_BASE_URL + "/?j_validate=true",
            HttpServletResponse.SC_FORBIDDEN);
    assertXReason(get);
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
@Test
public void testPreventLoopIncorrectHttpBasicCredentials() throws Exception {

    // assume http and webdav are on the same host + port
    URL url = new URL(HttpTest.HTTP_BASE_URL);
    Credentials defaultcreds = new UsernamePasswordCredentials("garbage", "garbage");
    H.getHttpClient().getState()
            .setCredentials(new AuthScope(url.getHost(), url.getPort(), AuthScope.ANY_REALM), defaultcreds);

    final String requestUrl = HttpTest.HTTP_BASE_URL + "/junk?param1=1";
    HttpMethod get = new GetMethod(requestUrl);
    get.setRequestHeader("Referer", requestUrl);
    get.setRequestHeader("User-Agent", "Mozilla/5.0 Sling Integration Test");
    int status = H.getHttpClient().executeMethod(get);
    assertEquals(HttpServletResponse.SC_UNAUTHORIZED, status);
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/** Verify that given URL returns expectedStatusCode
 * @throws IOException */
public void assertAuthenticatedHttpStatus(Credentials creds, String urlString, int expectedStatusCode, String assertMessage) throws IOException {
    URL baseUrl = new URL(HTTP_BASE_URL);
    AuthScope authScope = new AuthScope(baseUrl.getHost(), baseUrl.getPort(), AuthScope.ANY_REALM);
    GetMethod getMethod = new GetMethod(urlString);
    getMethod.setDoAuthentication(true);
    Credentials oldCredentials = httpClient.getState().getCredentials(authScope);
    try {
        httpClient.getState().setCredentials(authScope, creds);

        final int status = httpClient.executeMethod(getMethod);
        if(assertMessage == null) {
            assertEquals(urlString,expectedStatusCode, status);
        } else {
            assertEquals(assertMessage, expectedStatusCode, status);
        }
    } finally {
        httpClient.getState().setCredentials(authScope, oldCredentials);
    }
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
public String createTestUser() throws IOException {
      String postUrl = HTTP_BASE_URL + "/system/userManager/user.create.html";

      String testUserId = "testUser" + getNextInt();
      List<NameValuePair> postParams = new ArrayList<NameValuePair>();
      postParams.add(new NameValuePair(":name", testUserId));
      postParams.add(new NameValuePair("pwd", "testPwd"));
      postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
Credentials creds = new UsernamePasswordCredentials("admin", "admin");
final String msg = "Unexpected status while attempting to create test user at " + postUrl; 
      assertAuthenticatedPostStatus(creds, postUrl, HttpServletResponse.SC_OK, postParams, msg);
      
      final String sessionInfoUrl = HTTP_BASE_URL + "/system/sling/info.sessionInfo.json";
      assertAuthenticatedHttpStatus(creds, sessionInfoUrl, HttpServletResponse.SC_OK, 
              "session info failed for user " + testUserId);

      return testUserId;
  }
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Test for SLING-1677
 */
@Test 
public void testCreateUserResponseAsJSON() throws IOException, JsonException {
       String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user.create.json";

	testUserId = "testUser" + random.nextInt();
	List<NameValuePair> postParams = new ArrayList<NameValuePair>();
	postParams.add(new NameValuePair(":name", testUserId));
	postParams.add(new NameValuePair("marker", testUserId));
	postParams.add(new NameValuePair("pwd", "testPwd"));
	postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
	Credentials creds = new UsernamePasswordCredentials("admin", "admin");
	String json = H.getAuthenticatedPostContent(creds, postUrl, HttpTest.CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);

	//make sure the json response can be parsed as a JSON object
	JsonObject jsonObj = JsonUtil.parseObject(json);
	assertNotNull(jsonObj);
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Test for SLING-1677
 */
@Test 
public void testUpdateUserResponseAsJSON() throws IOException, JsonException {
	testUserId = H.createTestUser();
	
       String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + testUserId + ".update.json";

	List<NameValuePair> postParams = new ArrayList<NameValuePair>();
	postParams.add(new NameValuePair("displayName", "My Updated Test User"));
	postParams.add(new NameValuePair("url", "http://www.apache.org/updated"));
	Credentials creds = new UsernamePasswordCredentials(testUserId, "testPwd");
	String json = H.getAuthenticatedPostContent(creds, postUrl, HttpTest.CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);

	//make sure the json response can be parsed as a JSON object
	JsonObject jsonObj = JsonUtil.parseObject(json);
	assertNotNull(jsonObj);
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Checks whether the current user has been granted privileges
 * to add a new user.
 */
@Test 
public void testCanAddUser() throws JsonException, IOException {
	testUserId = H.createTestUser();

	String getUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + testUserId + ".privileges-info.json";

	//fetch the JSON for the test page to verify the settings.
	Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd");

	String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
	assertNotNull(json);
	JsonObject jsonObj = JsonUtil.parseObject(json);
	
	assertEquals(false, jsonObj.getBoolean("canAddUser"));
}
 

import org.apache.commons.httpclient.Credentials; //導入依賴的package包/類
/**
 * Checks whether the current user has been granted privileges
 * to add a new group.
 */
@Test 
public void testCanAddGroup() throws IOException, JsonException {
	testUserId = H.createTestUser();

	String getUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/" + testUserId + ".privileges-info.json";

	//fetch the JSON for the test page to verify the settings.
	Credentials testUserCreds = new UsernamePasswordCredentials(testUserId, "testPwd");

	String json = H.getAuthenticatedContent(testUserCreds, getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
	assertNotNull(json);
	JsonObject jsonObj = JsonUtil.parseObject(json);
	
	assertEquals(false, jsonObj.getBoolean("canAddGroup"));
}