Cleaned up tests, added POST with correct/incorrect credentials

Author: arun-gupta

servlet/security-basicauth/src/main/java/org/javaee7/servlet/security/basicauth/SecureServlet.java

@@ -52,68 +52,15 @@
  */
 @WebServlet(urlPatterns = {"/SecureServlet"})
 public class SecureServlet extends HttpServlet {
-
-    /**
-     * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
-     * methods.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    protected void processRequest(HttpServletRequest request, HttpServletResponse response, String method)
-            throws ServletException, IOException {
-        response.setContentType("text/html;charset=UTF-8");
-        PrintWriter out = response.getWriter();
-        out.println("<!DOCTYPE html>");
-        out.println("<html>");
-        out.println("<head>");
-        out.println("<title>Servlet Security - Basic Auth with File-base Realm</title>");
-        out.println("</head>");
-        out.println("<body>");
-        out.println("<h1>Basic Auth with File-base Realm (" + method + ")</h1>");
-        out.println("<h2>Were you prompted for username/password ?</h2>");
-        out.println("</body>");
-        out.println("</html>");
-    }
-
-    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
-    /**
-     * Handles the HTTP <code>GET</code> method.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
     @Override
     protected void doGet(HttpServletRequest request, HttpServletResponse response)
             throws ServletException, IOException {
-        processRequest(request, response, "GET");
+        response.getWriter().print("my GET");
     }
 
-    /**
-     * Handles the HTTP <code>POST</code> method.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
     @Override
     protected void doPost(HttpServletRequest request, HttpServletResponse response)
             throws ServletException, IOException {
-        processRequest(request, response, "POST");
+        response.getWriter().print("my POST");
     }
-
-    /**
-     * Returns a short description of the servlet.
-     *
-     * @return a String containing servlet description
-     */
-    @Override
-    public String getServletInfo() {
-        return "Short description";
-    }// </editor-fold>
 }

servlet/security-basicauth/src/main/webapp/WEB-INF/web.xml

@@ -50,6 +50,7 @@
             <web-resource-name>SecureServlet</web-resource-name>
             <url-pattern>/SecureServlet</url-pattern>
             <http-method>GET</http-method>
+            <http-method>POST</http-method>
         </web-resource-collection>
         <auth-constraint>
             <role-name>g1</role-name>

servlet/security-basicauth/src/test/java/org/javaee7/servlet/security/basicauth/SecureServletTest.java

@@ -2,7 +2,10 @@
 
 import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
 import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.TextPage;
 import com.gargoylesoftware.htmlunit.WebClient;
+import com.gargoylesoftware.htmlunit.WebRequest;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import java.io.File;
 import java.net.URL;
@@ -27,6 +30,7 @@ public class SecureServletTest {
     @ArquillianResource
     private URL base;
 
+    WebClient webClient;
     DefaultCredentialsProvider correctCreds = new DefaultCredentialsProvider();
     DefaultCredentialsProvider incorrectCreds = new DefaultCredentialsProvider();
 
@@ -40,21 +44,20 @@ public static WebArchive createDeployment() {
 
     @Before
     public void setup() {
+        webClient = new WebClient();
         correctCreds.addCredentials("u1", "p1");
         incorrectCreds.addCredentials("random", "random");
     }
 
     @Test
     public void testGetWithCorrectCredentials() throws Exception {
-        WebClient webClient = new WebClient();
         webClient.setCredentialsProvider(correctCreds);
-        HtmlPage page = webClient.getPage(base + "/SecureServlet");
-        assertEquals("Servlet Security - Basic Auth with File-base Realm", page.getTitleText());
+        TextPage page = webClient.getPage(base + "/SecureServlet");
+        assertEquals("my GET", page.getContent());
     }
 
     @Test
     public void testGetWithIncorrectCredentials() throws Exception {
-        WebClient webClient = new WebClient();
         webClient.setCredentialsProvider(incorrectCreds);
         try {
             webClient.getPage(base + "/SecureServlet");
@@ -65,4 +68,26 @@ public void testGetWithIncorrectCredentials() throws Exception {
         }
         fail("/SecureServlet could be accessed without proper security credentials");
     }
+        
+    @Test
+    public void testPostWithCorrectCredentials() throws Exception {
+        webClient.setCredentialsProvider(correctCreds);
+        WebRequest request = new WebRequest(new URL(base + "/SecureServlet"), HttpMethod.POST);
+        TextPage page = webClient.getPage(request);
+        assertEquals("my POST", page.getContent());
+    }
+
+    @Test
+    public void testPostWithIncorrectCredentials() throws Exception {
+        webClient.setCredentialsProvider(incorrectCreds);
+        WebRequest request = new WebRequest(new URL(base + "/SecureServlet"), HttpMethod.POST);
+        try {
+            webClient.getPage(request);
+        } catch(FailingHttpStatusCodeException e) {
+            assertNotNull(e);
+            assertEquals(401, e.getStatusCode());
+            return;
+        }
+        fail("/SecureServlet could be accessed without proper security credentials");
+    }
 }