Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

httpunit sso login 401

 
Brian Zee
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have the following code to do a sso login test for my company portal.
It's apache covalent ssl (mod sso) server and a ibm web portal.

I did the java keystore ok. This did work. Just sharing now.
package com.somewhere.test;

import com.meterware.httpunit.ClientProperties;
import com.meterware.httpunit.GetMethodWebRequest;
import com.meterware.httpunit.PostMethodWebRequest;
import com.meterware.httpunit.HttpUnitOptions;
import com.meterware.httpunit.WebConversation;
import com.meterware.httpunit.WebLink;
import com.meterware.httpunit.WebRequest;
import com.meterware.httpunit.WebForm;
import com.meterware.httpunit.WebResponse;

import junit.framework.TestCase;
import junit.framework.TestSuite;


/*
* SSO Test works, Apache server
*
* */
public class TestSSOLogin extends TestCase {
WebConversationconversation = new WebConversation();
WebRequestrequest = null;
WebFormform = null;
WebResponse response = null;
WebLink link = null;

String myResponseString = null;
String toFindOne = "forms[0].";
String toFindTwo = "passwd";
String mySubString = null;
String myUserText = null;
String myPassText = null;
String usernm = "MYUSERNAME";
String passwd = "MYPASSWORD";

int indexStart = 0;
int indexEnd = 0;

public static void main(String args[]) {
junit.textui.TestRunner.run(suite());
}

public static TestSuite suite() {
return new TestSuite(TestSSOLogin.class);
}

public TestSSOLogin(String name) {
super(name);
}

public void testLast() throws Exception {

System.out.println("--- Doing SSO Login Test --- ");
// yeah, output the headers to make debugging easy :-)
HttpUnitOptions.setLoggingHttpHeaders(true);
HttpUnitOptions.setScriptingEnabled(true);

// setting some client properties, UserAgent is important!
ClientProperties cltprops = conversation.getClientProperties();
cltprops.setUserAgent("Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/HTTPUnit");
cltprops.setAcceptGzip(false); // for debug :-)
cltprops.setAutoRedirect(true); // we have to do a lot of redirects...
cltprops.setAcceptCookies(true); // and cookies also

// cltprops.setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);
// cltprops.setAutoRefresh(true);

request = new GetMethodWebRequest("https://dev1.somewhere.com:9115/authenticate?x=1?url=https://dev1.somewhere.com:9115/sso_proceed_redir.html?http://dev1.somewhere.com:8115");
// go to sso login page
response = conversation.getResponse(request);
myResponseString = response.getText();
assertEquals("check page title", "SSO User Authentication", response.getTitle());
// response = response.getLinkWith("reload").click();
System.out.println("content type is " + response.getContentType());
// parse this to get the correct field names for the dynamic userid and passwd fields
// System.out.println("Login form getResponseBodyAsString: " + myResponseString);
// our username and password text fields have an dynamic id number attached
indexStart = myResponseString.indexOf(toFindOne);
indexEnd = myResponseString.indexOf(toFindTwo);
System.out.println("found start index " + indexStart);
System.out.println("found end index " + indexEnd);
mySubString = myResponseString.substring(indexStart + 9, indexEnd);
myUserText = mySubString + "userid";
myPassText = mySubString + "passwd";

form = response.getForms()[0];
form.setParameter(myUserText, usernm); // INSERT USERNAME HERE
form.setParameter(myPassText, passwd); // INSERT PASSWORD HERE

WebRequest postrequest = new PostMethodWebRequest("https://dev1.somewhere.com:9115/authenticate?x=2?url=https://dev1.somewhere.com:9115/sso_proceed_redir.html?http://dev1.somewhere.com:8115");
postrequest.setParameter(myUserText, usernm);
postrequest.setParameter(myPassText, passwd);
// note some sso logins also use a hidden value, ours does not
response = conversation.getResponse( postrequest );
// note Kookie spelled as such only for posting to forum
assertNotNull("check cookie", conversation.getKookieValue("jwsSession"));
System.out.println("cookie is " + conversation.getKookieValue("jwsSession").toString());

// now goto page of our web application
WebRequest newrequest = new GetMethodWebRequest("http://dev1.somewhere.com:8115/cgi-bin/mywebapp?procfun+my01+myfn01");
// put cookie again before sending - VIP!
conversation.putKookie("jwsSession", conversation.getKookieValue("jwsSession").toString());
response = conversation.getResponse(newrequest);

myResponseString = response.getText();
System.out.println("my html check " + myResponseString);
assertEquals("page title check", "Home ", response.getTitle());
System.out.println("---------------");

}
}
[ June 27, 2008: Message edited by: Brian Zee ]
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"Mr. Developer",
Welcome to JavaRanch!

We're pleased to have you here with us here on the ranch, but there are a few rules that need to be followed. One is that proper names are required. Please take a look at the JavaRanch Naming Policy and adjust your display name to match it.

In particular, your display name must be a first and a last name separated by a space character, and must not be obviously fictitious. Initials are OK for the first and middle names but not the last. You can change it here
 
Brian Zee
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The code above works. Fyi I may do it later using jwebunit since that uses htmlunit and not httpunit, as htmlunit is newer.
Single Sign On Web Test Example
[ June 27, 2008: Message edited by: Brian Zee ]
[ July 11, 2008: Message edited by: Brian Zee ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic