tests/org/cacert/gigi/TestSeparateSessionScope.java

   1 package org.cacert.gigi;
   2
   3 import static org.junit.Assert.*;
   4
   5 import java.io.IOException;
   6 import java.net.HttpURLConnection;
   7 import java.net.URL;
   8 import java.security.GeneralSecurityException;
   9 import java.security.KeyPair;
  10 import java.security.PrivateKey;
  11 import java.security.cert.X509Certificate;
  12 import java.sql.SQLException;
  13
  14 import org.cacert.gigi.dbObjects.Certificate;
  15 import org.cacert.gigi.dbObjects.Certificate.CSRType;
  16 import org.cacert.gigi.dbObjects.CertificateProfile;
  17 import org.cacert.gigi.dbObjects.User;
  18 import org.cacert.gigi.testUtils.ManagedTest;
  19 import org.junit.Test;
  20
  21 public class TestSeparateSessionScope extends ManagedTest {
  22
  23     @Test
  24     public void testSeparateScope() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException {
  25         String mail = "thisgo" + createUniqueName() + "@example.com";
  26         int user = createAssuranceUser("test", "tugo", mail, TEST_PASSWORD);
  27         String cookie = login(mail, TEST_PASSWORD);
  28         KeyPair kp = generateKeypair();
  29         String csr = generatePEMCSR(kp, "CN=felix@dogcraft.de");
  30         Certificate c = new Certificate(User.getById(user), Certificate.buildDN("CN", "testmail@example.com"), "sha256", csr, CSRType.CSR, CertificateProfile.getById(1));
  31         final PrivateKey pk = kp.getPrivate();
  32         c.issue(null, "2y").waitFor(60000);
  33         final X509Certificate ce = c.cert();
  34         String scookie = login(pk, ce);
  35
  36         assertTrue(isLoggedin(cookie));
  37         assertFalse(isLoggedin(scookie));
  38
  39         URL u = new URL("https://" + getServerName().replaceAll("^www", "secure") + SECURE_REFERENCE);
  40         HttpURLConnection huc = (HttpURLConnection) u.openConnection();
  41         authenticateClientCert(pk, ce, huc);
  42         huc.setRequestProperty("Cookie", scookie);
  43         assertEquals(200, huc.getResponseCode());
  44
  45         HttpURLConnection huc2 = (HttpURLConnection) u.openConnection();
  46         authenticateClientCert(pk, ce, huc2);
  47         huc2.setRequestProperty("Cookie", cookie);
  48         assertEquals(302, huc2.getResponseCode());
  49
  50     }
  51 }