Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/net/www/protocol/http/B5017051.java
38867 views
/*1* Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 5017051 636077426* @run main/othervm B501705127* @summary Tests CR 5017051 & 636077428*/2930import java.net.*;31import java.util.*;32import java.io.*;33import com.sun.net.httpserver.*;34import java.util.concurrent.Executors;35import java.util.concurrent.ExecutorService;3637/*38* Part 1:39* First request sent to the http server will not have an "Authorization" header set and40* the server will respond with a 401, but not until it has set a cookie in the response41* headers. The subsequent request ( comes from HttpURLConnection's authentication retry )42* will have the appropriate Authorization header and the servers context handler will be43* invoked. The test passes only if the client (HttpURLConnection) has sent the cookie44* in its second request that had been set via the first response from the server.45*46* Part 2:47* Preload the CookieManager with a cookie. Make a http request that requires authentication48* The cookie will be sent in the first request (without the Authorization header), the49* server will respond with a 401 (from MyBasicAuthFilter) and the client will add the50* appropriate Authorization header. This tests ensures that there is only one Cookie header51* in the request that actually makes it to the Http servers context handler.52*/5354public class B501705155{56com.sun.net.httpserver.HttpServer httpServer;57ExecutorService executorService;5859public static void main(String[] args)60{61new B5017051();62}6364public B5017051()65{66try {67startHttpServer();68doClient();69} catch (IOException ioe) {70System.err.println(ioe);71}72}7374void doClient() {75java.net.Authenticator.setDefault(new MyAuthenticator());76CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ALL));7778try {79InetSocketAddress address = httpServer.getAddress();8081// Part 182URL url = new URL("http://" + address.getHostName() + ":" + address.getPort() + "/test/");83HttpURLConnection uc = (HttpURLConnection)url.openConnection();84int resp = uc.getResponseCode();85if (resp != 200)86throw new RuntimeException("Failed: Part 1, Response code is not 200");8788System.out.println("Response code from Part 1 = 200 OK");8990// Part 291URL url2 = new URL("http://" + address.getHostName() + ":" + address.getPort() + "/test2/");9293// can use the global CookieHandler used for the first test as the URL's are different94CookieHandler ch = CookieHandler.getDefault();95Map<String,List<String>> header = new HashMap<String,List<String>>();96List<String> values = new LinkedList<String>();97values.add("Test2Cookie=\"TEST2\"; path=\"/test2/\"");98header.put("Set-Cookie2", values);99100// preload the CookieHandler with a cookie for our URL101// so that it will be sent during the first request102ch.put(url2.toURI(), header);103104uc = (HttpURLConnection)url2.openConnection();105resp = uc.getResponseCode();106if (resp != 200)107throw new RuntimeException("Failed: Part 2, Response code is not 200");108109System.out.println("Response code from Part 2 = 200 OK");110111112} catch (IOException e) {113e.printStackTrace();114} catch (URISyntaxException ue) {115ue.printStackTrace();116} finally {117httpServer.stop(1);118executorService.shutdown();119}120}121122/**123* Http Server124*/125public void startHttpServer() throws IOException {126httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0);127128// create HttpServer context for Part 1.129HttpContext ctx = httpServer.createContext("/test/", new MyHandler());130ctx.setAuthenticator( new MyBasicAuthenticator("foo"));131// CookieFilter needs to be executed before Authenticator.132ctx.getFilters().add(0, new CookieFilter());133134// create HttpServer context for Part 2.135HttpContext ctx2 = httpServer.createContext("/test2/", new MyHandler2());136ctx2.setAuthenticator( new MyBasicAuthenticator("foobar"));137138executorService = Executors.newCachedThreadPool();139httpServer.setExecutor(executorService);140httpServer.start();141}142143class MyHandler implements HttpHandler {144public void handle(HttpExchange t) throws IOException {145InputStream is = t.getRequestBody();146Headers reqHeaders = t.getRequestHeaders();147Headers resHeaders = t.getResponseHeaders();148while (is.read () != -1) ;149is.close();150151if (!reqHeaders.containsKey("Authorization"))152t.sendResponseHeaders(400, -1);153154List<String> cookies = reqHeaders.get("Cookie");155if (cookies != null) {156for (String str : cookies) {157if (str.equals("Customer=WILE_E_COYOTE"))158t.sendResponseHeaders(200, -1);159}160}161t.sendResponseHeaders(400, -1);162}163}164165class MyHandler2 implements HttpHandler {166public void handle(HttpExchange t) throws IOException {167InputStream is = t.getRequestBody();168Headers reqHeaders = t.getRequestHeaders();169Headers resHeaders = t.getResponseHeaders();170while (is.read () != -1) ;171is.close();172173if (!reqHeaders.containsKey("Authorization"))174t.sendResponseHeaders(400, -1);175176List<String> cookies = reqHeaders.get("Cookie");177178// there should only be one Cookie header179if (cookies != null && (cookies.size() == 1)) {180t.sendResponseHeaders(200, -1);181}182t.sendResponseHeaders(400, -1);183}184}185186class MyAuthenticator extends java.net.Authenticator {187public PasswordAuthentication getPasswordAuthentication () {188return new PasswordAuthentication("tester", "passwd".toCharArray());189}190}191192class MyBasicAuthenticator extends BasicAuthenticator193{194public MyBasicAuthenticator(String realm) {195super(realm);196}197198public boolean checkCredentials (String username, String password) {199return username.equals("tester") && password.equals("passwd");200}201}202203class CookieFilter extends Filter204{205public void doFilter(HttpExchange t, Chain chain) throws IOException206{207Headers resHeaders = t.getResponseHeaders();208Headers reqHeaders = t.getRequestHeaders();209210if (!reqHeaders.containsKey("Authorization"))211resHeaders.set("Set-Cookie2", "Customer=\"WILE_E_COYOTE\"; path=\"/test/\"");212213chain.doFilter(t);214}215216public void destroy(HttpContext c) { }217218public void init(HttpContext c) { }219220public String description() {221return new String("Filter for setting a cookie for requests without an \"Authorization\" header.");222}223}224}225226227