1 package org.cacert.gigi;
3 import static org.junit.Assert.*;
5 import java.io.IOException;
6 import java.net.HttpURLConnection;
8 import java.security.GeneralSecurityException;
9 import java.security.PrivateKey;
10 import java.security.cert.X509Certificate;
11 import java.sql.SQLException;
13 import org.cacert.gigi.Certificate.CSRType;
14 import org.cacert.gigi.testUtils.ManagedTest;
15 import org.cacert.gigi.testUtils.PemKey;
16 import org.junit.Test;
18 public class TestSeparateSessionScope extends ManagedTest {
20 private static final String TEST_PASSWORD = "xvXV12°§";
23 public void testSeparateScope() throws IOException, GeneralSecurityException, SQLException, InterruptedException {
24 String mail = "thisgo" + createUniqueName() + "@example.com";
25 int user = createAssuranceUser("test", "tugo", mail, TEST_PASSWORD);
26 String cookie = login(mail, TEST_PASSWORD);
27 String[] csr = generateCSR("/CN=felix@dogcraft.de");
28 Certificate c = new Certificate(user, "/CN=testmail@example.com", "sha256", csr[1], CSRType.CSR);
29 final PrivateKey pk = PemKey.parsePEMPrivateKey(csr[0]);
30 c.issue().waitFor(60000);
31 final X509Certificate ce = c.cert();
32 String scookie = login(pk, ce);
34 assertTrue(isLoggedin(cookie));
35 assertFalse(isLoggedin(scookie));
37 URL u = new URL("https://" + getServerName().replaceAll("^www", "secure") + SECURE_REFERENCE);
38 HttpURLConnection huc = (HttpURLConnection) u.openConnection();
39 authenticateClientCert(pk, ce, huc);
40 huc.setRequestProperty("Cookie", scookie);
41 assertEquals(200, huc.getResponseCode());
43 HttpURLConnection huc2 = (HttpURLConnection) u.openConnection();
44 authenticateClientCert(pk, ce, huc2);
45 huc2.setRequestProperty("Cookie", cookie);
46 assertEquals(302, huc2.getResponseCode());