package com.ibm.ws.security.javaeesec.fat;

import com.ibm.websphere.simplicity.RemoteFile;
import com.ibm.websphere.simplicity.log.Log;
import com.ibm.ws.security.javaeesec.fat_helper.Constants;
import com.ibm.ws.security.javaeesec.fat_helper.JavaEESecTestBase;
import com.ibm.ws.security.javaeesec.fat_helper.LocalLdapServer;
import com.ibm.ws.security.javaeesec.fat_helper.WCApplicationHelper;
import componenttest.annotation.AllowedFFDC;
import componenttest.annotation.MinimumJavaLevel;
import componenttest.custom.junit.runner.FATRunner;
import componenttest.custom.junit.runner.Mode;
import componenttest.topology.impl.LibertyServer;
import componenttest.topology.impl.LibertyServerFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.BasicHttpParams;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestName;
import org.junit.runner.RunWith;

@MinimumJavaLevel(javaLevel = 8, runSyntheticTest = false)
@RunWith(FATRunner.class)
@Mode(Mode.TestMode.FULL)
/* loaded from: input_file:com/ibm/ws/security/javaeesec/fat/NoJavaEESecFormTest.class */
public class NoJavaEESecFormTest extends JavaEESecTestBase {
    protected static String urlBase;
    protected String queryString;
    protected DefaultHttpClient httpclient;
    protected static LocalLdapServer ldapServer;

    @Rule
    public TestName name;
    protected static LibertyServer myServer = LibertyServerFactory.getLibertyServer("com.ibm.ws.security.javaeesec.fat");
    protected static Class<?> logClass = NoJavaEESecFormTest.class;
    protected static String JAR_NAME = "JavaEESecBase.jar";
    protected static String APP_NAME = "NoJavaEESecForm";
    protected static String WAR_NAME = APP_NAME + ".war";
    protected static String XML_NAME = "nojavaeesec.xml";
    protected static String loginUri = "/" + APP_NAME + "/login.jsp";
    protected static String loginformUri = "/" + APP_NAME + "/j_security_check";
    protected static String TITLE_LOGIN_PAGE = "login page for the form login test";
    protected static String TITLE_ERROR_PAGE = "A Form login authentication failure occurred";
    protected static boolean REDIRECT = true;
    private static String USER1 = LocalLdapServer.USER1;
    private static String GROUP1 = "group1";
    private static String USER2 = LocalLdapServer.USER2;
    private static String INVALIDUSER1 = "invaliduser1";
    private static String PASSWORD = "s3cur1ty";

    public NoJavaEESecFormTest() {
        super(myServer, logClass);
        this.queryString = "/" + APP_NAME + "/NoJavaEESecFormServlet";
        this.name = new TestName();
    }

    @BeforeClass
    public static void setUp() throws Exception {
        WCApplicationHelper.addWarToServerApps(myServer, WAR_NAME, true, JAR_NAME, false, "web.jar.base", "web.war.servlets.nojavaeesec", "web.war.servlets.nojavaeesec.form");
        myServer.setServerConfigurationFile(XML_NAME);
        myServer.startServer(true);
        myServer.addInstalledAppForValidation(APP_NAME);
        urlBase = "http://" + myServer.getHostname() + ":" + myServer.getHttpDefaultPort();
    }

    @AfterClass
    public static void tearDown() throws Exception {
        myServer.stopServer(new String[0]);
    }

    @Before
    public void setupConnection() {
        BasicHttpParams basicHttpParams = new BasicHttpParams();
        basicHttpParams.setParameter("http.protocol.handle-redirects", Boolean.FALSE);
        this.httpclient = new DefaultHttpClient(basicHttpParams);
    }

    @After
    public void cleanupConnection() {
        this.httpclient.getConnectionManager().shutdown();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.ws.security.javaeesec.fat_helper.JavaEESecTestBase
    public String getCurrentTestName() {
        return this.name.getMethodName();
    }

    @Test
    @Mode(Mode.TestMode.FULL)
    public void testNoJavaEESec_AllowedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        getFormLoginPage(this.httpclient, urlBase + this.queryString, REDIRECT, urlBase + loginUri, TITLE_LOGIN_PAGE);
        String accessPageNoChallenge = accessPageNoChallenge(this.httpclient, executeFormLogin(this.httpclient, urlBase + loginformUri, LocalLdapServer.USER1, "s3cur1ty", true), 200, urlBase + this.queryString);
        verifyUserResponse(accessPageNoChallenge, Constants.getUserPrincipalFound + USER1, Constants.getRemoteUserFound + USER1);
        verifyRealm(accessPageNoChallenge, "NoJavaEESecRealm");
        verifyGroups(accessPageNoChallenge, "group:NoJavaEESecRealm/group1");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.FULL)
    public void testNoJavaEESecAuthorizationFailure_DeniedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        myServer.setMarkToEndOfLog(new RemoteFile[0]);
        getFormLoginPage(this.httpclient, urlBase + this.queryString, REDIRECT, urlBase + loginUri, TITLE_LOGIN_PAGE);
        accessPageNoChallenge(this.httpclient, executeFormLogin(this.httpclient, urlBase + loginformUri, USER2, PASSWORD, true), 403, urlBase + this.queryString);
        verifyMessageReceivedInMessageLog("CWWKS9104A:.*" + USER2 + ".*" + GROUP1);
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.FULL)
    @AllowedFFDC({"javax.naming.AuthenticationException"})
    public void testNoJavaEESecAuthenticationFailure_DeniedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        myServer.setMarkToEndOfLog(new RemoteFile[0]);
        getFormLoginPage(this.httpclient, urlBase + this.queryString, REDIRECT, urlBase + loginUri, TITLE_LOGIN_PAGE);
        accessPageNoChallenge(this.httpclient, executeFormLogin(this.httpclient, urlBase + loginformUri, INVALIDUSER1, PASSWORD, true), 200, TITLE_ERROR_PAGE);
        verifyMessageReceivedInMessageLog("CWWKS1100A:.*" + INVALIDUSER1 + ".*");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }
}
