package com.sun.ts.tests.servlet.common.request;

import com.sun.ts.lib.util.TestUtil;
import com.sun.ts.tests.servlet.common.client.BaseUrlClient;
import java.util.Properties;

/* loaded from: input_file:com/sun/ts/tests/servlet/common/request/SecBasicClient.class */
public abstract class SecBasicClient extends BaseUrlClient {
    private static final String USERNAME = "user";
    private static final String PASSWORD = "password";
    private static final String UNAUTH_USERNAME = "authuser";
    private static final String UNAUTH_PASSWORD = "authpassword";
    private static final String CLASS_TRACE_HEADER = "[SecBasicClient]: ";
    private static final String USER_PRINCIPAL_SEARCH = "The user principal is: ";
    private static final String REMOTE_USER_SEARCH = "getRemoteUser(): ";
    protected String pageSec = null;
    protected String pageGuest = null;
    protected String pageUnprotected = null;
    protected String pageRoleReverse = null;
    private String pageJspBase = "/jsp_sec_secbasic_web";
    private String pageJspSec = this.pageJspBase + "/jspSec.jsp";
    private String pageJspGuest = this.pageJspBase + "/guestPage.jsp";
    private String pageJspUnprotected = this.pageJspBase + "/unprotected.jsp";
    private String pageJspRoleReverse = this.pageJspBase + "/rolereverse.jsp";
    private String pageServletBase = "/servlet_sec_secbasic_web";
    private String pageServletSec = this.pageServletBase + "/ServletSecTest";
    private String pageServletGuest = this.pageServletBase + "/GuestPageTest";
    private String pageServletUnprotected = this.pageServletBase + "/UnProtectedTest";
    private String pageServletRoleReverse = this.pageServletBase + "/RoleReverseTest";
    private String username = null;
    private String password = null;
    private String unauthUsername = null;
    private String unauthPassword = null;

    @Override // com.sun.ts.tests.servlet.common.client.BaseUrlClient
    public void setup(String[] strArr, Properties properties) throws Exception {
        super.setup(strArr, properties);
        properties.setProperty(USERNAME, "j2ee");
        properties.setProperty(PASSWORD, "j2ee");
        properties.setProperty(UNAUTH_USERNAME, "javajoe");
        properties.setProperty(UNAUTH_PASSWORD, "javajoe");
        try {
            this.username = properties.getProperty(USERNAME);
            this.password = properties.getProperty(PASSWORD);
            this.unauthUsername = properties.getProperty(UNAUTH_USERNAME);
            this.unauthPassword = properties.getProperty(UNAUTH_PASSWORD);
            this.pageSec = this.pageServletSec;
            this.pageGuest = this.pageServletGuest;
            this.pageUnprotected = this.pageServletUnprotected;
            this.pageRoleReverse = this.pageServletRoleReverse;
        } catch (Exception e) {
            logErr("Error: got exception: ", e);
        }
    }

    public void test1() throws Exception {
        logMessage("Sending request to validate presence of www-authenticate header...");
        TEST_PROPS.setProperty("testname", "SecBasic/Test1");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageSec));
        TEST_PROPS.setProperty("expected_headers", "www-authenticate:<somevalue>");
        TEST_PROPS.setProperty("status-code", "401");
        invoke();
        dumpResponse();
        logMessage("Authentication requested");
    }

    public void test2() throws Exception {
        logMessage("Sending request with Authroization header...");
        StringBuffer stringBuffer = new StringBuffer(100);
        stringBuffer.append(USER_PRINCIPAL_SEARCH).append(this.username).append("|");
        stringBuffer.append(REMOTE_USER_SEARCH).append(this.username).append("|");
        stringBuffer.append("isUserInRole(\"ADM\"): !true!").append("|");
        stringBuffer.append("isUserInRole(\"MGR\"): !false!").append("|");
        stringBuffer.append("isUserInRole(\"VP\"): !false!").append("|");
        stringBuffer.append("isUserInRole(\"EMP\"): !true!").append("|");
        TEST_PROPS.setProperty("testname", "SecBasic/Test2");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageSec));
        TEST_PROPS.setProperty("basic_auth_user", this.username);
        TEST_PROPS.setProperty("basic_auth_passwd", this.password);
        TEST_PROPS.setProperty("search_string", stringBuffer.toString());
        invoke();
        dumpResponse();
        logMessage("isUserInRole() and getRemoteUser() returned expected results");
    }

    public void test3() throws Exception {
        logMessage("Sending an request for a protected resource with invalid username/password...");
        TEST_PROPS.setProperty("testname", "SecBasic/Test3");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageSec));
        TEST_PROPS.setProperty("basic_auth_user", "invalid");
        TEST_PROPS.setProperty("basic_auth_passwd", this.password);
        TEST_PROPS.setProperty("status-code", "401");
        invoke();
        dumpResponse();
        logMessage("Access Denied");
    }

    public void test4() throws Exception {
        StringBuffer stringBuffer = new StringBuffer(100);
        stringBuffer.append(USER_PRINCIPAL_SEARCH).append(this.unauthUsername);
        logMessage("Sending request to resource the user has access to...");
        TEST_PROPS.setProperty("testname", "SecBasic/Test4");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageGuest));
        TEST_PROPS.setProperty("basic_auth_user", this.unauthUsername);
        TEST_PROPS.setProperty("basic_auth_passwd", this.unauthPassword);
        TEST_PROPS.setProperty("search_string", stringBuffer.toString());
        invoke();
        dumpResponse();
        logMessage("User successfully accessed the resource");
        logMessage("Sending request to resource with valid username/password, but not the right roles...");
        TEST_PROPS.setProperty("testname", "SecBasic/Test4");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageSec));
        TEST_PROPS.setProperty("basic_auth_user", this.unauthUsername);
        TEST_PROPS.setProperty("basic_auth_passwd", this.unauthPassword);
        TEST_PROPS.setProperty("status-code", "403");
        invoke();
        dumpResponse();
        logMessage("Access Forbidden");
    }

    public void test5() throws Exception {
        StringBuffer stringBuffer = new StringBuffer(100);
        stringBuffer.append(USER_PRINCIPAL_SEARCH).append("|");
        stringBuffer.append(REMOTE_USER_SEARCH).append("null");
        logMessage("Sending request to unprotected resource....");
        TEST_PROPS.setProperty("testname", "BasicSec/Test5");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageUnprotected));
        TEST_PROPS.setProperty("search_string", stringBuffer.toString());
        TEST_PROPS.setProperty("unexpected_response_match", "!true!");
        invoke();
        dumpResponse();
        logMessage("isUserInRole() and getRemoteUser() returned expected results");
    }

    public void test6() throws Exception {
        StringBuffer stringBuffer = new StringBuffer(100);
        stringBuffer.append(USER_PRINCIPAL_SEARCH).append(this.username).append("|");
        stringBuffer.append("isUserInRole(\"ADM\"): !false!").append("|");
        stringBuffer.append("isUserInRole(\"MGR\"): !true!").append("|");
        stringBuffer.append("isUserInRole(\"VP\"): !false!").append("|");
        stringBuffer.append("isUserInRole(\"EMP\"): !true!").append("|");
        logMessage("Sending request to validate isUserInRole with roles reversed...");
        TEST_PROPS.setProperty("testname", "SecBasic/Test6");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageRoleReverse));
        TEST_PROPS.setProperty("basic_auth_user", this.username);
        TEST_PROPS.setProperty("basic_auth_passwd", this.password);
        TEST_PROPS.setProperty("search_string", stringBuffer.toString());
        invoke();
        dumpResponse();
        logMessage("isUserInRole() and getRemoteUser() returned expected results");
    }

    public void test7() throws Exception {
        logMessage("Sending an request for a protected resource with invalid username/password...");
        TEST_PROPS.setProperty("testname", "SecBasic/Test7");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageSec + "/j_security_check"));
        TEST_PROPS.setProperty("basic_auth_user", "invalid");
        TEST_PROPS.setProperty("basic_auth_passwd", this.password);
        TEST_PROPS.setProperty("status-code", "401,404");
        invoke();
        dumpResponse();
        if (this._testCase != null && this._testCase.getResponse() != null) {
            try {
                if (this._testCase.getResponse().getResponseBodyAsString().indexOf("Inside  ServletSecTestServlet") != -1) {
                    TestUtil.logErr("(Should say: \"" + "Inside  ServletSecTestServlet" + "\")");
                    throw new Exception("test7 failed.");
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        logMessage("Access properly Denied");
    }

    private static String getRequestLine(String str, String str2) {
        return str + " " + str2 + " HTTP/1.1";
    }

    private static void logMessage(String str) {
        TestUtil.logMsg("[SecBasicClient]: " + str);
    }

    private static void trace(String str) {
        TestUtil.logTrace("[SecBasicClient]: " + str);
    }

    private void dumpResponse() {
        try {
            if (this._testCase != null && this._testCase.getResponse() != null) {
                trace(this._testCase.getResponse().getResponseBodyAsString());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
