UserAuth.java revision 14606:bc3775e25b52
1/* 2 * Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24/* 25 * @test 26 * @bug 6421122 27 * @modules jdk.httpserver 28 * @run main/othervm UserAuth 29 * @summary Authorization header removed for preemptive authentication by user code 30 */ 31 32import java.net.*; 33import com.sun.net.httpserver.*; 34import java.util.*; 35import java.io.*; 36import java.util.concurrent.Executors; 37import java.util.concurrent.ExecutorService; 38 39 40public class UserAuth 41{ 42 com.sun.net.httpserver.HttpServer httpServer; 43 ExecutorService executorService; 44 45 public static void main(String[] args) { 46 new UserAuth(); 47 } 48 49 public UserAuth() { 50 try { 51 startHttpServer(); 52 doClient(); 53 } catch (IOException ioe) { 54 ioe.printStackTrace(); 55 } 56 } 57 58 void doClient() { 59 try { 60 InetSocketAddress address = httpServer.getAddress(); 61 62 // GET Request 63 URL url = new URL("http://" + address.getHostName() + ":" + address.getPort() + "/redirect/"); 64 HttpURLConnection uc = (HttpURLConnection)url.openConnection(); 65 uc.setRequestProperty("Authorization", "testString:ValueDoesNotMatter"); 66 int resp = uc.getResponseCode(); 67 68 System.out.println("Response Code is " + resp); 69 if (resp != 200) 70 throw new RuntimeException("Failed: Authorization header was not retained after redirect"); 71 72 } catch (IOException e) { 73 e.printStackTrace(); 74 } finally { 75 httpServer.stop(1); 76 executorService.shutdown(); 77 } 78 } 79 80 /** 81 * Http Server 82 */ 83 void startHttpServer() throws IOException { 84 httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0); 85 86 // create HttpServer context 87 HttpContext ctx = httpServer.createContext("/redirect/", new RedirectHandler()); 88 HttpContext ctx1 = httpServer.createContext("/doStuff/", new HasAuthHandler()); 89 90 executorService = Executors.newCachedThreadPool(); 91 httpServer.setExecutor(executorService); 92 httpServer.start(); 93 } 94 95 class RedirectHandler implements HttpHandler { 96 public void handle(HttpExchange t) throws IOException { 97 InetSocketAddress address = httpServer.getAddress(); 98 String redirectUrl = "http://" + address.getHostName() + ":" + address.getPort() + "/doStuff/"; 99 100 Headers resHeaders = t.getResponseHeaders(); 101 resHeaders.add("Location", redirectUrl); 102 103 t.sendResponseHeaders(307, -1); 104 t.close(); 105 } 106 } 107 108 class HasAuthHandler implements HttpHandler { 109 public void handle(HttpExchange t) throws IOException { 110 Headers reqHeaders = t.getRequestHeaders(); 111 112 List<String> auth = reqHeaders.get("Authorization"); 113 114 if (auth == null || !auth.get(0).equals("testString:ValueDoesNotMatter")) 115 t.sendResponseHeaders(400, -1); 116 117 t.sendResponseHeaders(200, -1); 118 t.close(); 119 } 120 } 121 122 123 124} 125