litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-1430 When a user logs in, change what is viewed. Consolidate the logic so an external user is more like an internal user.

Browse source
This commit is contained in:
jeb228 2010-11-29 20:08:34 +00:00
parent 0740e57749
commit 5d4625d421
9 changed files with 225 additions and 183 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/VitroHttpServlet.java
View file

@ -21,6 +21,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.LoginRedirector;
public class VitroHttpServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@ -73,7 +74,7 @@ public class VitroHttpServlet extends HttpServlet {
// ----------------------------------------------------------------------
/**
* If not logged in, send them to the login page.
* If not logged in, redirect them to the appropriate page.
*/
public static boolean checkLoginStatus(HttpServletRequest request,
HttpServletResponse response) {
@ -90,8 +91,7 @@ public class VitroHttpServlet extends HttpServlet {
}
/**
* If not logged in at the minimum level or higher, send them to the login
* page.
* If not logged in at the minimum level or higher, redirect them to the appropriate page.
*/
public static boolean checkLoginStatus(HttpServletRequest request,
HttpServletResponse response, int minimumLevel) {
@ -122,17 +122,15 @@ public class VitroHttpServlet extends HttpServlet {
postLoginRequest = request.getRequestURI() + "?" + queryString;
}
request.getSession().setAttribute("postLoginRequest", postLoginRequest);
LoginRedirector.setReturnUrlFromForcedLogin(request, postLoginRequest);
String loginPage = request.getContextPath() + Controllers.LOGIN;
response.sendRedirect(loginPage);
}
/** Don't dump the contents of these headers, even if log.trace is enabled. */
private static final List<String> BORING_HEADERS = new ArrayList<String>(
Arrays.asList(new String[] { "host", "user-agent", "accept",
"accept-language", "accept-encoding", "accept-charset",
"keep-alive", "connection" }));
/**
* If logging is set to the TRACE level, dump the HTTP headers on the request.
*/
@SuppressWarnings("unchecked")
@Override
public void service(ServletRequest req, ServletResponse resp)
@ -152,4 +150,10 @@ public class VitroHttpServlet extends HttpServlet {
super.service(req, resp);
}
/** Don't dump the contents of these headers, even if log.trace is enabled. */
private static final List<String> BORING_HEADERS = new ArrayList<String>(
Arrays.asList(new String[] { "host", "user-agent", "accept",
"accept-language", "accept-encoding", "accept-charset",
"keep-alive", "connection" }));
}

9
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java
View file

@ -66,10 +66,16 @@ public abstract class Authenticator {
*/
public abstract User getUserByUsername(String username);
/**
* Get the URI of the individual associated with this user, or null if no
* such Individual exists.
*/
public abstract String getAssociatedIndividualUri(String username);
/**
* Get a list of URIs of the people that this user is allowed to edit.
*/
public abstract List<String> asWhomMayThisUserEdit(User user);
public abstract List<String> asWhomMayThisUserEdit(String username);
/**
* Record a new password for the user.
@ -108,4 +114,5 @@ public abstract class Authenticator {
* </pre>
*/
public abstract void recordUserIsLoggedOut();
}

20
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
View file

@ -18,8 +18,11 @@ import edu.cornell.mannlib.vedit.beans.LoginFormBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginEvent;
@ -197,8 +200,16 @@ public class BasicAuthenticator extends Authenticator {
}
@Override
public List<String> asWhomMayThisUserEdit(User user) {
if (user == null) {
public String getAssociatedIndividualUri(String username) {
IndividualDao iDao = new VitroRequest(request).getWebappDaoFactory()
.getIndividualDao();
return SelfEditingConfiguration.getBean(request)
.getIndividualUriFromUsername(iDao, username);
}
@Override
public List<String> asWhomMayThisUserEdit(String username) {
if (username == null) {
return Collections.emptyList();
}
@ -207,6 +218,11 @@ public class BasicAuthenticator extends Authenticator {
return Collections.emptyList();
}
User user = userDao.getUserByUsername(username);
if (user == null) {
return Collections.emptyList();
}
String userUri = user.getURI();
if (userUri == null) {
return Collections.emptyList();

5
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/ExternalAuthHelper.java
View file

@ -35,7 +35,7 @@ public class ExternalAuthHelper {
private static final String PROPERTY_EXTERNAL_AUTH_SERVER_URL = "externalAuth.serverUrl";
/** This configuration property says which HTTP header holds the username. */
public static final String PROPERTY_EXTERNAL_AUTH_USERNAME_HEADER = "externalAuth.netIdheaderName";
public static final String PROPERTY_EXTERNAL_AUTH_USERNAME_HEADER = "externalAuth.netIdHeaderName";
// ----------------------------------------------------------------------
// static methods
@ -73,7 +73,8 @@ public class ExternalAuthHelper {
}
/** It would be private, but we want to allow calls for faking. */
protected static void setBean(ServletContext context, ExternalAuthHelper bean) {
protected static void setBean(ServletContext context,
ExternalAuthHelper bean) {
context.setAttribute(BEAN_ATTRIBUTE, bean);
}

25
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java
View file

@ -14,10 +14,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
/**
* Handle the return from the external authorization login server. If we are
@ -27,8 +24,6 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
private static final Log log = LogFactory
.getLog(LoginExternalAuthReturn.class);
private final LoginRedirector loginRedirector = new LoginRedirector();
/**
* <pre>
* Returning from the external authorization server. If we were successful,
@ -47,7 +42,7 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
throws ServletException, IOException {
String username = ExternalAuthHelper.getHelper(req)
.getExternalUsername(req);
String uri = getAssociatedIndividualUri(username, req);
String uri = getAuthenticator(req).getAssociatedIndividualUri(username);
if (username == null) {
log.debug("No username.");
@ -58,31 +53,21 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
getAuthenticator(req).recordLoginAgainstUserAccount(username,
AuthenticationSource.EXTERNAL);
removeLoginProcessArtifacts(req);
loginRedirector.redirectLoggedInUser(req, resp);
new LoginRedirector(req, resp).redirectLoggedInUser();
} else if (uri != null) {
log.debug("Recognize '" + username + "' as self-editor for " + uri);
getAuthenticator(req).recordLoginWithoutUserAccount(username, uri,
AuthenticationSource.EXTERNAL);
removeLoginProcessArtifacts(req);
loginRedirector.redirectSelfEditingUser(req, resp, uri);
new LoginRedirector(req, resp).redirectLoggedInUser();
} else {
log.debug("User is not recognized: " + username);
removeLoginProcessArtifacts(req);
loginRedirector.redirectUnrecognizedUser(req, resp, username);
new LoginRedirector(req, resp)
.redirectUnrecognizedExternalUser(username);
}
}
private String getAssociatedIndividualUri(String username,
HttpServletRequest req) {
if (username == null) {
return null;
}
IndividualDao indDao = new VitroRequest(req).getWebappDaoFactory()
.getIndividualDao();
return SelfEditingConfiguration.getBean(req)
.getIndividualUriFromUsername(indDao, username);
}
private void removeLoginProcessArtifacts(HttpServletRequest req) {
LoginProcessBean.removeBean(req);
req.getSession().removeAttribute(ATTRIBUTE_REFERRER);

206
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java
View file

@ -5,17 +5,16 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
/**
@ -24,114 +23,127 @@ import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
public class LoginRedirector {
private static final Log log = LogFactory.getLog(LoginRedirector.class);
public void redirectSelfEditingUser(HttpServletRequest request,
HttpServletResponse response, String uri) throws IOException {
String userHomePage = assembleUserHomePageUrl(request, uri);
log.debug("Redirecting self-editor to " + userHomePage);
response.sendRedirect(userHomePage);
private static final String ATTRIBUTE_RETURN_FROM_FORCED_LOGIN = "return_from_forced_login";
private final HttpServletRequest request;
private final HttpServletResponse response;
private final HttpSession session;
private final String urlOfRestrictedPage;
private final String uriOfAssociatedIndividual;
public LoginRedirector(HttpServletRequest request,
HttpServletResponse response) {
this.request = request;
this.session = request.getSession();
this.response = response;
urlOfRestrictedPage = getUrlOfRestrictedPage();
uriOfAssociatedIndividual = getAssociatedIndividualUri();
}
public void redirectUnrecognizedUser(HttpServletRequest request,
HttpServletResponse response, String username) throws IOException {
log.debug("Redirecting unrecognized user: " + username);
response.sendRedirect(request.getContextPath()
+ "/unrecognizedUser?username=" + username);
/** Were we forced to log in when trying to access a restricted page? */
private String getUrlOfRestrictedPage() {
String url = (String) session
.getAttribute(ATTRIBUTE_RETURN_FROM_FORCED_LOGIN);
session.removeAttribute(ATTRIBUTE_RETURN_FROM_FORCED_LOGIN);
log.debug("URL of restricted page is " + url);
return url;
}
/**
* <pre>
* The user is logged in. They might go to:
* - A one-time redirect, stored in the session, if they had tried to
* bookmark to a page that requires login.
* - An application-wide redirect, stored in the servlet context.
* - Their home page, if they are a self-editor.
* - The site admin page.
* </pre>
*/
public void redirectLoggedInUser(HttpServletRequest request,
HttpServletResponse response) throws IOException {
// Did they have a one-time redirect stored on the session?
String sessionRedirect = (String) request.getSession().getAttribute(
"postLoginRequest");
if (sessionRedirect != null) {
request.getSession().removeAttribute("postLoginRequest");
log.debug("User is logged in. Redirect by session to "
+ sessionRedirect);
response.sendRedirect(sessionRedirect);
return;
}
// Is there a login-redirect stored in the application as a whole?
// It could lead to another page in this app, or to any random URL.
String contextRedirect = (String) request.getSession()
.getServletContext().getAttribute("postLoginRequest");
if (contextRedirect != null) {
log.debug("User is logged in. Redirect by application to "
+ contextRedirect);
if (contextRedirect.indexOf(":") == -1) {
response.sendRedirect(request.getContextPath()
+ contextRedirect);
} else {
response.sendRedirect(contextRedirect);
}
return;
}
// If the user is a self-editor, send them to their home page.
User user = getLoggedInUser(request);
if (userIsANonEditor(user)) {
List<String> uris = getAuthenticator(request)
.asWhomMayThisUserEdit(user);
if (uris != null && uris.size() > 0) {
String userHomePage = assembleUserHomePageUrl(request,
uris.get(0));
log.debug("User is logged in. Redirect as self-editor to "
+ userHomePage);
response.sendRedirect(userHomePage);
return;
}
}
// If nothing else applies, send them to the Site Admin page.
log.debug("User is logged in. Redirect to site admin page.");
response.sendRedirect(getSiteAdminUrl(request));
}
/** Is the logged in user an AuthRole.USER? */
private boolean userIsANonEditor(User user) {
if (user == null) {
return false;
}
String nonEditorRoleUri = Integer.toString(AuthRole.USER.level());
return nonEditorRoleUri.equals(user.getRoleURI());
}
/**
* What user are we logged in as?
*/
private User getLoggedInUser(HttpServletRequest request) {
LoginStatusBean bean = LoginStatusBean.getBean(request);
if (!bean.isLoggedIn()) {
log.debug("getLoggedInUser: not logged in");
/** Is there an Individual associated with this user? */
private String getAssociatedIndividualUri() {
String username = LoginStatusBean.getBean(request).getUsername();
if (username == null) {
log.warn("Not logged in? How did we get here?");
return null;
}
return getAuthenticator(request).getUserByUsername(bean.getUsername());
String uri = Authenticator.getInstance(request)
.getAssociatedIndividualUri(username);
log.debug("URI of associated individual is " + uri);
return uri;
}
/** What's the URL for the site admin screen? */
private String getSiteAdminUrl(HttpServletRequest request) {
public void redirectLoggedInUser() throws IOException {
if (isForcedFromRestrictedPage()) {
log.debug("Returning to restricted page.");
response.sendRedirect(urlOfRestrictedPage);
} else if (isUserEditorOrBetter()) {
log.debug("Going to site admin page.");
response.sendRedirect(getSiteAdminPageUrl());
} else if (isSelfEditorWithIndividual()) {
log.debug("Going to Individual home page.");
response.sendRedirect(getAssociatedIndividualHomePage());
} else {
log.debug("User not recognized. Going to application home.");
DisplayMessage.setMessage(request, "You have logged in, "
+ "but the system contains no profile for you.");
response.sendRedirect(getApplicationHomePageUrl());
}
}
private boolean isForcedFromRestrictedPage() {
return urlOfRestrictedPage != null;
}
private boolean isUserEditorOrBetter() {
return LoginStatusBean.getBean(session).isLoggedInAtLeast(
LoginStatusBean.EDITOR);
}
private String getSiteAdminPageUrl() {
String contextPath = request.getContextPath();
return contextPath + Controllers.SITE_ADMIN;
}
/** Get a reference to the Authenticator. */
private Authenticator getAuthenticator(HttpServletRequest request) {
return Authenticator.getInstance(request);
private boolean isSelfEditorWithIndividual() {
return uriOfAssociatedIndividual != null;
}
private String assembleUserHomePageUrl(HttpServletRequest request,
String uri) throws UnsupportedEncodingException {
private String getAssociatedIndividualHomePage() {
try {
return request.getContextPath() + "/individual?uri="
+ URLEncoder.encode(uri, "UTF-8");
+ URLEncoder.encode(uriOfAssociatedIndividual, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new IllegalStateException("No UTF-8 encoding? Really?", e);
}
}
public void redirectUnrecognizedExternalUser(String username)
throws IOException {
log.debug("Redirecting unrecognized external user: " + username);
DisplayMessage.setMessage(request,
"VIVO cannot find a profile for your account.");
response.sendRedirect(getApplicationHomePageUrl());
}
/**
* The application home page can be overridden by an attribute in the
* ServletContext. Further, it can either be an absolute URL, or it can be
* relative to the application. Weird.
*/
private String getApplicationHomePageUrl() {
String contextRedirect = (String) session.getServletContext()
.getAttribute("postLoginRequest");
if (contextRedirect != null) {
if (contextRedirect.indexOf(":") == -1) {
return request.getContextPath() + contextRedirect;
} else {
return contextRedirect;
}
}
return request.getContextPath();
}
// ----------------------------------------------------------------------
// static helper methods
// ----------------------------------------------------------------------
public static void setReturnUrlFromForcedLogin(HttpServletRequest request,
String url) {
request.getSession().setAttribute(ATTRIBUTE_RETURN_FROM_FORCED_LOGIN,
url);
}
}

4
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
View file

@ -59,8 +59,6 @@ public class Authenticate extends VitroHttpServlet {
/** Where do we find the User/Session map in the servlet context? */
public static final String USER_SESSION_MAP_ATTR = "userURISessionMap";
private final LoginRedirector loginRedirector = new LoginRedirector();
/**
* Find out where they are in the login process, process any input, record
* the new state, and show the next page.
@ -106,7 +104,7 @@ public class Authenticate extends VitroHttpServlet {
showLoginScreen(vreq, response);
break;
default: // LOGGED_IN:
loginRedirector.redirectLoggedInUser(vreq, response);
new LoginRedirector(vreq, response).redirectLoggedInUser();
break;
}
} catch (Exception e) {

25
webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java
View file

@ -71,6 +71,7 @@ public class AuthenticatorStub extends Authenticator {
private final Map<String, User> usersByName = new HashMap<String, User>();
private final Map<String, List<String>> editingPermissions = new HashMap<String, List<String>>();
private final Map<String, String> associatedUris = new HashMap<String, String>();
private final List<String> recordedLogins = new ArrayList<String>();
private final Map<String, String> newPasswords = new HashMap<String, String>();
@ -84,11 +85,15 @@ public class AuthenticatorStub extends Authenticator {
usersByName.put(user.getUsername(), user);
}
public void addEditingPermission(String userUri, String personUri) {
if (!editingPermissions.containsKey(userUri)) {
editingPermissions.put(userUri, new ArrayList<String>());
public void addEditingPermission(String username, String personUri) {
if (!editingPermissions.containsKey(username)) {
editingPermissions.put(username, new ArrayList<String>());
}
editingPermissions.get(userUri).add(personUri);
editingPermissions.get(username).add(personUri);
}
public void setAssociatedUri(String username, String individualUri) {
associatedUris.put(username, individualUri);
}
public List<String> getRecordedLoginUsernames() {
@ -113,6 +118,11 @@ public class AuthenticatorStub extends Authenticator {
return usersByName.get(username);
}
@Override
public String getAssociatedIndividualUri(String username) {
return associatedUris.get(username);
}
@Override
public boolean isCurrentPassword(String username, String clearTextPassword) {
if (!isExistingUser(username)) {
@ -129,10 +139,9 @@ public class AuthenticatorStub extends Authenticator {
}
@Override
public List<String> asWhomMayThisUserEdit(User user) {
String userUri = user.getURI();
if (editingPermissions.containsKey(userUri)) {
return editingPermissions.get(userUri);
public List<String> asWhomMayThisUserEdit(String username) {
if (editingPermissions.containsKey(username)) {
return editingPermissions.get(username);
} else {
return Collections.emptyList();
}

82
webapp/test/edu/cornell/mannlib/vitro/webapp/controller/edit/AuthenticateTest.java
View file

@ -29,6 +29,7 @@ import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.AuthenticatorStub;
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.LoginRedirector;
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State;
@ -96,26 +97,26 @@ public class AuthenticateTest extends AbstractTestClass {
}
private User createNewDbaUser() {
User dbaUser = new User();
dbaUser.setUsername(USER_DBA_NAME);
dbaUser.setURI(USER_DBA_URI);
dbaUser.setRoleURI("50");
dbaUser.setMd5password(Authenticate.applyMd5Encoding(USER_DBA_PASSWORD));
dbaUser.setFirstTime(null);
dbaUser.setLoginCount(0);
return dbaUser;
User user = new User();
user.setUsername(USER_DBA_NAME);
user.setURI(USER_DBA_URI);
user.setRoleURI("50");
user.setMd5password(Authenticate.applyMd5Encoding(USER_DBA_PASSWORD));
user.setFirstTime(null);
user.setLoginCount(0);
return user;
}
private User createOldHandUser() {
User ohUser = new User();
ohUser.setUsername(USER_OLDHAND_NAME);
ohUser.setURI(USER_OLDHAND_URI);
ohUser.setRoleURI("1");
ohUser.setMd5password(Authenticate
User user = new User();
user.setUsername(USER_OLDHAND_NAME);
user.setURI(USER_OLDHAND_URI);
user.setRoleURI("1");
user.setMd5password(Authenticate
.applyMd5Encoding(USER_OLDHAND_PASSWORD));
ohUser.setLoginCount(USER_OLDHAND_LOGIN_COUNT);
ohUser.setFirstTime(new Date(0));
return ohUser;
user.setLoginCount(USER_OLDHAND_LOGIN_COUNT);
user.setFirstTime(new Date(0));
return user;
}
// ----------------------------------------------------------------------
@ -201,7 +202,7 @@ public class AuthenticateTest extends AbstractTestClass {
auth.doPost(request, response);
assertNoProcessBean();
assertExpectedRedirect(URL_SITE_ADMIN_PAGE);
assertExpectedRedirect(URL_HOME_PAGE);
assertExpectedLoginSessions(USER_OLDHAND_NAME);
}
@ -291,14 +292,35 @@ public class AuthenticateTest extends AbstractTestClass {
// ----------------------------------------------------------------------
@Test
public void redirectOnSession() {
session.setAttribute("postLoginRequest", URL_SESSION_REDIRECT);
public void redirectReturnToRestrictedPage() {
LoginRedirector.setReturnUrlFromForcedLogin(request,
URL_SESSION_REDIRECT);
loginNotFirstTime();
assertExpectedLiteralRedirect(URL_SESSION_REDIRECT);
}
@Test
public void redirectOnServletContext() {
public void redirectDbaToSiteAdmin() {
authenticator.getUserByUsername(USER_OLDHAND_NAME).setRoleURI("50");
loginNotFirstTime();
assertExpectedRedirect(URL_SITE_ADMIN_PAGE);
}
@Test
public void redirectSelfEditor() {
authenticator.setAssociatedUri(USER_OLDHAND_NAME, "selfEditorURI");
loginNotFirstTime();
assertExpectedRedirect(URL_SELF_EDITOR_PAGE);
}
@Test
public void redirectUnrecognizedUserToHome() {
loginNotFirstTime();
assertExpectedRedirect(URL_HOME_PAGE);
}
@Test
public void redirectUnrecognizedUserToApplicationHome() {
servletContext.setAttribute("postLoginRequest",
URL_CONTEXT_REDIRECT_LOCAL);
loginNotFirstTime();
@ -306,26 +328,13 @@ public class AuthenticateTest extends AbstractTestClass {
}
@Test
public void redirectOnServletContextToExternalUrl() {
public void redirectUnrecognizedUserToApplicationExternalHome() {
servletContext.setAttribute("postLoginRequest",
URL_CONTEXT_REDIRECT_REMOTE);
loginNotFirstTime();
assertExpectedLiteralRedirect(URL_CONTEXT_REDIRECT_REMOTE);
}
@Test
public void redirectSelfEditor() {
authenticator.addEditingPermission(USER_OLDHAND_URI, "selfEditorURI");
loginNotFirstTime();
assertExpectedRedirect(URL_SELF_EDITOR_PAGE);
}
@Test
public void redirectNoneOfTheAbove() {
loginNotFirstTime();
assertExpectedRedirect(URL_SITE_ADMIN_PAGE);
}
// ----------------------------------------------------------------------
// helper methods
// ----------------------------------------------------------------------
@ -384,7 +393,8 @@ public class AuthenticateTest extends AbstractTestClass {
LoginProcessBean bean = LoginProcessBean.getBean(request);
assertEquals("state", state, bean.getState());
assertEquals("info message", infoMessage, bean.getInfoMessageAndClear());
assertEquals("error message", errorMessage, bean.getErrorMessageAndClear());
assertEquals("error message", errorMessage,
bean.getErrorMessageAndClear());
assertEquals("username", username, bean.getUsername());
}
@ -412,7 +422,7 @@ public class AuthenticateTest extends AbstractTestClass {
assertEquals("recorded logins", expected, actualRecorded);
}
/** Boilerplate login process for the rediret tests. */
/** Boilerplate login process for the redirect tests. */
private void loginNotFirstTime() {
setProcessBean(LOGGING_IN);
setLoginNameAndPassword(USER_OLDHAND_NAME, USER_OLDHAND_PASSWORD);