Commit 3b84a2f6 authored by ale's avatar ale

update test suite for apache 2.4

parent eda0d422
public.key public.key
*_unittest *_unittest
*.log
*.trs
...@@ -17,6 +17,9 @@ for exe in (APACHE_BIN, APXS_BIN): ...@@ -17,6 +17,9 @@ for exe in (APACHE_BIN, APXS_BIN):
if not os.path.exists(exe): if not os.path.exists(exe):
raise Exception('%s not found, this test cannot run' % exe) raise Exception('%s not found, this test cannot run' % exe)
# Use 2.4 ocnfiguration.
APACHE_CONFIG = 'test-httpd-2.4.conf'
devnull = open(os.devnull) devnull = open(os.devnull)
...@@ -27,10 +30,12 @@ def _start_httpd(public_key): ...@@ -27,10 +30,12 @@ def _start_httpd(public_key):
env['TESTROOT'] = os.getcwd() env['TESTROOT'] = os.getcwd()
env['MODULEDIR'] = subprocess.check_output( env['MODULEDIR'] = subprocess.check_output(
[APXS_BIN, '-q', 'LIBEXECDIR'], stderr=devnull).strip() [APXS_BIN, '-q', 'LIBEXECDIR'], stderr=devnull).strip()
cmd = [APACHE_BIN, "-f", os.path.join(os.getcwd(), "test-httpd.conf"), "-X"] cmd = [APACHE_BIN, "-f", os.path.join(os.getcwd(), APACHE_CONFIG), "-X"]
if os.getenv('STRACE'): if os.getenv('STRACE'):
cmd = ['strace', '-s', '256', '-f'] + cmd cmd = ['strace', '-s', '256', '-f'] + cmd
if os.getenv('VALGRIND'):
cmd = ['valgrind'] + cmd
httpd = subprocess.Popen(cmd, env=env) httpd = subprocess.Popen(cmd, env=env)
print 'httpd pid:', httpd.pid print 'httpd pid:', httpd.pid
...@@ -136,12 +141,16 @@ class HttpdIntegrationTest(unittest.TestCase): ...@@ -136,12 +141,16 @@ class HttpdIntegrationTest(unittest.TestCase):
def mkcookie(tkt): def mkcookie(tkt):
return "SSO_test=%s" % tkt return "SSO_test=%s" % tkt
# For Apache 2.2, set this to the empty string (we do not use the
# SSOGroup directive, so only the requested groups are generated).
extra_groups = "&g=group1,group2,group3"
# Tests have a name so that we can recognize failures. # Tests have a name so that we can recognize failures.
checks = [ checks = [
("index -> redirect", ("index -> redirect",
{"url": "/index.html", {"url": "/index.html",
"status": 302, "status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html"}), "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html" + extra_groups}),
("index with cookie -> ok", ("index with cookie -> ok",
{"url": "/index.html", {"url": "/index.html",
"cookie": mkcookie(self._ticket()), "cookie": mkcookie(self._ticket()),
...@@ -151,12 +160,12 @@ class HttpdIntegrationTest(unittest.TestCase): ...@@ -151,12 +160,12 @@ class HttpdIntegrationTest(unittest.TestCase):
{"url": "/index.html", {"url": "/index.html",
"cookie": mkcookie('blahblah' * 8), "cookie": mkcookie('blahblah' * 8),
"status": 302, "status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html"}), "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html" + extra_groups}),
("protected-user -> redirect", ("protected-user -> redirect",
{"url": "/protected-user/index.html", {"url": "/protected-user/index.html",
"status": 302, "status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-user%2Findex.html"}), "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-user%2Findex.html" + extra_groups}),
("protected-user with cookie -> ok", ("protected-user with cookie -> ok",
{"url": "/protected-user/index.html", {"url": "/protected-user/index.html",
"cookie": mkcookie(self._ticket()), "cookie": mkcookie(self._ticket()),
...@@ -170,7 +179,7 @@ class HttpdIntegrationTest(unittest.TestCase): ...@@ -170,7 +179,7 @@ class HttpdIntegrationTest(unittest.TestCase):
("protected-group -> redirect", ("protected-group -> redirect",
{"url": "/protected-group/index.html", {"url": "/protected-group/index.html",
"status": 302, "status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html&g=group1"}), "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html" + (extra_groups if extra_groups else "&g=group1")}),
("protected-group with cookie -> ok", ("protected-group with cookie -> ok",
{"url": "/protected-group/index.html", {"url": "/protected-group/index.html",
"cookie": mkcookie(self._ticket()), "cookie": mkcookie(self._ticket()),
...@@ -180,18 +189,18 @@ class HttpdIntegrationTest(unittest.TestCase): ...@@ -180,18 +189,18 @@ class HttpdIntegrationTest(unittest.TestCase):
{"url": "/protected-group/index.html", {"url": "/protected-group/index.html",
"cookie": mkcookie(self._ticket(group="group2")), "cookie": mkcookie(self._ticket(group="group2")),
"status": 302, "status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html&g=group1"}), "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html" + (extra_groups if extra_groups else "&g=group1")}),
("other-service -> redirect", ("other-service -> redirect",
{"url": "/other-service/index.html", {"url": "/other-service/index.html",
"status": 302, "status": 302,
"http_host": "testhost.example.com", "http_host": "testhost.example.com",
"location": "https://login.example.com/?s=testhost.example.com%2Fother-service%2F&d=https%3A%2F%2Ftesthost.example.com%2Fother-service%2Findex.html"}), "location": "https://login.example.com/?s=testhost.example.com%2Fother-service%2F&d=https%3A%2F%2Ftesthost.example.com%2Fother-service%2Findex.html" + extra_groups}),
("protected-htaccess -> redirect", ("protected-htaccess -> redirect",
{"url": "/protected-htaccess/index.html", {"url": "/protected-htaccess/index.html",
"status": 302, "status": 302,
"location": "https://login.example.com/?s=service.example.com%2Fprotected-htaccess%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-htaccess%2Findex.html"}), "location": "https://login.example.com/?s=service.example.com%2Fprotected-htaccess%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-htaccess%2Findex.html" + extra_groups}),
("protected-htaccess with cookie -> ok", ("protected-htaccess with cookie -> ok",
{"url": "/protected-htaccess/index.html", {"url": "/protected-htaccess/index.html",
"cookie": mkcookie(self._ticket(service="service.example.com/protected-htaccess/")), "cookie": mkcookie(self._ticket(service="service.example.com/protected-htaccess/")),
...@@ -204,6 +213,7 @@ class HttpdIntegrationTest(unittest.TestCase): ...@@ -204,6 +213,7 @@ class HttpdIntegrationTest(unittest.TestCase):
] ]
for name, check in checks: for name, check in checks:
for i in xrange(10): for i in xrange(10):
print 'CHECKING', check
status, body, location = _query(check["url"], status, body, location = _query(check["url"],
host=check.get("http_host"), host=check.get("http_host"),
cookie=check.get("cookie")) cookie=check.get("cookie"))
......
LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
LoadModule auth_basic_module ${MODULEDIR}/mod_auth_basic.so
LoadModule authn_core_module ${MODULEDIR}/mod_authn_core.so
LoadModule authz_core_module ${MODULEDIR}/mod_authz_core.so
LoadModule authz_user_module ${MODULEDIR}/mod_authz_user.so
LoadModule sso_module ${TESTROOT}/../.libs/mod_sso.so
LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
Listen 127.0.0.1:33000
ServerName test
PidFile ${TESTROOT}/test-httpd.pid
ErrorLog /dev/fd/2
LogLevel debug
SSOLoginServer login.example.com
SSODomain example.com
SSOPublicKeyFile ${TESTROOT}/public.key
SSOGroups group1,group2,group3
DocumentRoot ${TESTROOT}/htdocs
<Directory "${TESTROOT}/htdocs">
AuthType SSO
AuthName test
SSOService service.example.com/
require valid-user
</Directory>
<Location "/other-service">
SSOService /other-service/
</Location>
<Directory "${TESTROOT}/htdocs/protected-group">
require group group1
</Directory>
<Directory "${TESTROOT}/htdocs/protected-user">
require user testuser
</Directory>
<Directory "${TESTROOT}/htdocs/cgi">
Options ExecCGI
SetHandler cgi-script
</Directory>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment