| J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2002 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. |
| 8 | * |
| 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| 13 | * accompanied this code). |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License version |
| 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 18 | * |
| 19 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 20 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 21 | * have any questions. |
| 22 | */ |
| 23 | |
| 24 | /** |
| 25 | * @test |
| 26 | * @bug 4759514 |
| 27 | * @library ../../../sun/net/www/httptest/ |
| 28 | * @build HttpCallback HttpServer ClosedChannelList HttpTransaction |
| 29 | * @run main B4759514 |
| 30 | * @summary Digest Authentication is erroniously quoting the nc value, contrary to RFC 2617 |
| 31 | */ |
| 32 | |
| 33 | import java.io.*; |
| 34 | import java.net.*; |
| 35 | |
| 36 | public class B4759514 implements HttpCallback { |
| 37 | |
| 38 | static int count = 0; |
| 39 | static String authstring; |
| 40 | |
| 41 | void errorReply (HttpTransaction req, String reply) throws IOException { |
| 42 | req.addResponseHeader ("Connection", "close"); |
| 43 | req.addResponseHeader ("WWW-Authenticate", reply); |
| 44 | req.sendResponse (401, "Unauthorized"); |
| 45 | req.orderlyClose(); |
| 46 | } |
| 47 | |
| 48 | void okReply (HttpTransaction req) throws IOException { |
| 49 | req.setResponseEntityBody ("Hello ."); |
| 50 | req.sendResponse (200, "Ok"); |
| 51 | req.orderlyClose(); |
| 52 | } |
| 53 | |
| 54 | public void request (HttpTransaction req) { |
| 55 | try { |
| 56 | authstring = req.getRequestHeader ("Authorization"); |
| 57 | switch (count) { |
| 58 | case 0: |
| 59 | errorReply (req, "Digest realm=\"wallyworld\", nonce=\"1234\", domain=\"/\""); |
| 60 | break; |
| 61 | case 1: |
| 62 | int n = authstring.indexOf ("nc="); |
| 63 | if (n != -1) { |
| 64 | if (authstring.charAt (n+3) == '\"') { |
| 65 | req.sendResponse (400, "Bad Request"); |
| 66 | break; |
| 67 | } |
| 68 | } |
| 69 | okReply (req); |
| 70 | break; |
| 71 | } |
| 72 | count ++; |
| 73 | } catch (IOException e) { |
| 74 | e.printStackTrace(); |
| 75 | } |
| 76 | } |
| 77 | |
| 78 | static void read (InputStream is) throws IOException { |
| 79 | int c; |
| 80 | while ((c=is.read()) != -1) { |
| 81 | System.out.write (c); |
| 82 | } |
| 83 | } |
| 84 | |
| 85 | static void client (String u) throws Exception { |
| 86 | URL url = new URL (u); |
| 87 | System.out.println ("client opening connection to: " + u); |
| 88 | URLConnection urlc = url.openConnection (); |
| 89 | InputStream is = urlc.getInputStream (); |
| 90 | read (is); |
| 91 | is.close(); |
| 92 | } |
| 93 | |
| 94 | static HttpServer server; |
| 95 | |
| 96 | public static void main (String[] args) throws Exception { |
| 97 | MyAuthenticator auth = new MyAuthenticator (); |
| 98 | Authenticator.setDefault (auth); |
| 99 | try { |
| 100 | server = new HttpServer (new B4759514(), 1, 10, 0); |
| 101 | System.out.println ("Server: listening on port: " + server.getLocalPort()); |
| 102 | client ("http://localhost:"+server.getLocalPort()+"/d1/foo.html"); |
| 103 | } catch (Exception e) { |
| 104 | if (server != null) { |
| 105 | server.terminate(); |
| 106 | } |
| 107 | throw e; |
| 108 | } |
| 109 | int f = auth.getCount(); |
| 110 | if (f != 1) { |
| 111 | except ("Authenticator was called "+f+" times. Should be 1"); |
| 112 | } |
| 113 | server.terminate(); |
| 114 | } |
| 115 | |
| 116 | public static void except (String s) { |
| 117 | server.terminate(); |
| 118 | throw new RuntimeException (s); |
| 119 | } |
| 120 | |
| 121 | static class MyAuthenticator extends Authenticator { |
| 122 | MyAuthenticator () { |
| 123 | super (); |
| 124 | } |
| 125 | |
| 126 | int count = 0; |
| 127 | |
| 128 | public PasswordAuthentication getPasswordAuthentication () { |
| 129 | PasswordAuthentication pw; |
| 130 | pw = new PasswordAuthentication ("user", "pass1".toCharArray()); |
| 131 | count ++; |
| 132 | return pw; |
| 133 | } |
| 134 | |
| 135 | public int getCount () { |
| 136 | return (count); |
| 137 | } |
| 138 | } |
| 139 | } |