Implement a testcase that tests this session context separation.

author Felix Dörre <felix@dogcraft.de>

Fri, 18 Jul 2014 22:24:10 +0000 (00:24 +0200)

committer Felix Dörre <felix@dogcraft.de>

Fri, 18 Jul 2014 22:26:48 +0000 (00:26 +0200)
author Felix Dörre <felix@dogcraft.de>
Fri, 18 Jul 2014 22:24:10 +0000 (00:24 +0200)
committer Felix Dörre <felix@dogcraft.de>
Fri, 18 Jul 2014 22:26:48 +0000 (00:26 +0200)
diff --git a/tests/org/cacert/gigi/TestSeparateSessionScope.java b/tests/org/cacert/gigi/TestSeparateSessionScope.java

new file mode 100644 (file)

index 0000000..29632be
--- /dev/null
+++ b/tests/org/cacert/gigi/TestSeparateSessionScope.java
@@ -0,0 +1,48 @@
+package org.cacert.gigi;
+
+import static org.junit.Assert.*;
+
+import java.io.IOException;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.security.GeneralSecurityException;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import java.sql.SQLException;
+
+import org.cacert.gigi.testUtils.ManagedTest;
+import org.cacert.gigi.testUtils.PemKey;
+import org.junit.Test;
+
+public class TestSeparateSessionScope extends ManagedTest {
+
+       private static final String TEST_PASSWORD = "xvXV12°§";
+
+       @Test
+       public void testSeparateScope() throws IOException, GeneralSecurityException, SQLException, InterruptedException {
+               String mail = "thisgo" + createUniqueName() + "@example.com";
+               int user = createAssuranceUser("test", "tugo", mail, TEST_PASSWORD);
+               String cookie = login(mail, TEST_PASSWORD);
+               String[] csr = generateCSR("/CN=felix@dogcraft.de");
+               Certificate c = new Certificate(user, "/CN=testmail@example.com", "sha256", csr[1]);
+               final PrivateKey pk = PemKey.parsePEMPrivateKey(csr[0]);
+               c.issue().waitFor(60000);
+               final X509Certificate ce = c.cert();
+               String scookie = login(pk, ce);
+
+               assertTrue(isLoggedin(cookie));
+               assertFalse(isLoggedin(scookie));
+
+               URL u = new URL("https://" + getServerName().replaceAll("^www", "secure") + SECURE_REFERENCE);
+               HttpURLConnection huc = (HttpURLConnection) u.openConnection();
+               authenticateClientCert(pk, ce, huc);
+               huc.setRequestProperty("Cookie", scookie);
+               assertEquals(200, huc.getResponseCode());
+
+               HttpURLConnection huc2 = (HttpURLConnection) u.openConnection();
+               authenticateClientCert(pk, ce, huc2);
+               huc2.setRequestProperty("Cookie", cookie);
+               assertEquals(302, huc2.getResponseCode());
+
+       }
+}
author	Felix Dörre <felix@dogcraft.de>
	Fri, 18 Jul 2014 22:24:10 +0000 (00:24 +0200)
committer	Felix Dörre <felix@dogcraft.de>
	Fri, 18 Jul 2014 22:26:48 +0000 (00:26 +0200)