Commit 3b84a2f6 authored by ale's avatar ale

update test suite for apache 2.4

parent eda0d422
public.key
*_unittest
*.log
*.trs
......@@ -17,6 +17,9 @@ for exe in (APACHE_BIN, APXS_BIN):
if not os.path.exists(exe):
raise Exception('%s not found, this test cannot run' % exe)
# Use 2.4 ocnfiguration.
APACHE_CONFIG = 'test-httpd-2.4.conf'
devnull = open(os.devnull)
......@@ -27,10 +30,12 @@ def _start_httpd(public_key):
env['TESTROOT'] = os.getcwd()
env['MODULEDIR'] = subprocess.check_output(
[APXS_BIN, '-q', 'LIBEXECDIR'], stderr=devnull).strip()
cmd = [APACHE_BIN, "-f", os.path.join(os.getcwd(), "test-httpd.conf"), "-X"]
cmd = [APACHE_BIN, "-f", os.path.join(os.getcwd(), APACHE_CONFIG), "-X"]
if os.getenv('STRACE'):
cmd = ['strace', '-s', '256', '-f'] + cmd
if os.getenv('VALGRIND'):
cmd = ['valgrind'] + cmd
httpd = subprocess.Popen(cmd, env=env)
print 'httpd pid:', httpd.pid
......@@ -136,12 +141,16 @@ class HttpdIntegrationTest(unittest.TestCase):
def mkcookie(tkt):
return "SSO_test=%s" % tkt
# For Apache 2.2, set this to the empty string (we do not use the
# SSOGroup directive, so only the requested groups are generated).
extra_groups = "&g=group1,group2,group3"
# Tests have a name so that we can recognize failures.
checks = [
("index -> redirect",
{"url": "/index.html",
"status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html"}),
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html" + extra_groups}),
("index with cookie -> ok",
{"url": "/index.html",
"cookie": mkcookie(self._ticket()),
......@@ -151,12 +160,12 @@ class HttpdIntegrationTest(unittest.TestCase):
{"url": "/index.html",
"cookie": mkcookie('blahblah' * 8),
"status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html"}),
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html" + extra_groups}),
("protected-user -> redirect",
{"url": "/protected-user/index.html",
"status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-user%2Findex.html"}),
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-user%2Findex.html" + extra_groups}),
("protected-user with cookie -> ok",
{"url": "/protected-user/index.html",
"cookie": mkcookie(self._ticket()),
......@@ -170,7 +179,7 @@ class HttpdIntegrationTest(unittest.TestCase):
("protected-group -> redirect",
{"url": "/protected-group/index.html",
"status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html&g=group1"}),
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html" + (extra_groups if extra_groups else "&g=group1")}),
("protected-group with cookie -> ok",
{"url": "/protected-group/index.html",
"cookie": mkcookie(self._ticket()),
......@@ -180,18 +189,18 @@ class HttpdIntegrationTest(unittest.TestCase):
{"url": "/protected-group/index.html",
"cookie": mkcookie(self._ticket(group="group2")),
"status": 302,
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html&g=group1"}),
"location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html" + (extra_groups if extra_groups else "&g=group1")}),
("other-service -> redirect",
{"url": "/other-service/index.html",
"status": 302,
"http_host": "testhost.example.com",
"location": "https://login.example.com/?s=testhost.example.com%2Fother-service%2F&d=https%3A%2F%2Ftesthost.example.com%2Fother-service%2Findex.html"}),
"location": "https://login.example.com/?s=testhost.example.com%2Fother-service%2F&d=https%3A%2F%2Ftesthost.example.com%2Fother-service%2Findex.html" + extra_groups}),
("protected-htaccess -> redirect",
{"url": "/protected-htaccess/index.html",
"status": 302,
"location": "https://login.example.com/?s=service.example.com%2Fprotected-htaccess%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-htaccess%2Findex.html"}),
"location": "https://login.example.com/?s=service.example.com%2Fprotected-htaccess%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-htaccess%2Findex.html" + extra_groups}),
("protected-htaccess with cookie -> ok",
{"url": "/protected-htaccess/index.html",
"cookie": mkcookie(self._ticket(service="service.example.com/protected-htaccess/")),
......@@ -204,6 +213,7 @@ class HttpdIntegrationTest(unittest.TestCase):
]
for name, check in checks:
for i in xrange(10):
print 'CHECKING', check
status, body, location = _query(check["url"],
host=check.get("http_host"),
cookie=check.get("cookie"))
......
LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
LoadModule auth_basic_module ${MODULEDIR}/mod_auth_basic.so
LoadModule authn_core_module ${MODULEDIR}/mod_authn_core.so
LoadModule authz_core_module ${MODULEDIR}/mod_authz_core.so
LoadModule authz_user_module ${MODULEDIR}/mod_authz_user.so
LoadModule sso_module ${TESTROOT}/../.libs/mod_sso.so
LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
Listen 127.0.0.1:33000
ServerName test
PidFile ${TESTROOT}/test-httpd.pid
ErrorLog /dev/fd/2
LogLevel debug
SSOLoginServer login.example.com
SSODomain example.com
SSOPublicKeyFile ${TESTROOT}/public.key
SSOGroups group1,group2,group3
DocumentRoot ${TESTROOT}/htdocs
<Directory "${TESTROOT}/htdocs">
AuthType SSO
AuthName test
SSOService service.example.com/
require valid-user
</Directory>
<Location "/other-service">
SSOService /other-service/
</Location>
<Directory "${TESTROOT}/htdocs/protected-group">
require group group1
</Directory>
<Directory "${TESTROOT}/htdocs/protected-user">
require user testuser
</Directory>
<Directory "${TESTROOT}/htdocs/cgi">
Options ExecCGI
SetHandler cgi-script
</Directory>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment