package com.ibm.ws.security.javaeesec.fat;

import com.ibm.websphere.simplicity.RemoteFile;
import com.ibm.websphere.simplicity.log.Log;
import com.ibm.ws.security.javaeesec.fat_helper.JavaEESecTestBase;
import com.ibm.ws.security.javaeesec.fat_helper.LocalLdapServer;
import com.ibm.ws.security.javaeesec.fat_helper.WCApplicationHelper;
import componenttest.annotation.AllowedFFDC;
import componenttest.annotation.MinimumJavaLevel;
import componenttest.custom.junit.runner.FATRunner;
import componenttest.custom.junit.runner.Mode;
import componenttest.topology.impl.LibertyServer;
import componenttest.topology.impl.LibertyServerFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestName;
import org.junit.runner.RunWith;

@MinimumJavaLevel(javaLevel = 8, runSyntheticTest = false)
@RunWith(FATRunner.class)
@Mode(Mode.TestMode.FULL)
/* loaded from: input_file:com/ibm/ws/security/javaeesec/fat/MultipleIdentityStoreBasicTest.class */
public class MultipleIdentityStoreBasicTest extends JavaEESecTestBase {
    protected static String urlBase;
    protected String queryString;
    protected DefaultHttpClient httpclient;
    protected static LocalLdapServer ldapServer;

    @Rule
    public TestName name;
    protected static LibertyServer myServer = LibertyServerFactory.getLibertyServer("com.ibm.ws.security.javaeesec.fat");
    protected static Class<?> logClass = MultipleIdentityStoreBasicTest.class;
    protected static String JAR_NAME = "JavaEESecBase.jar";
    protected static String APP_NAME = "JavaEESecMultipleIS";
    protected static String WAR_NAME = APP_NAME + ".war";
    protected static String XML_NAME = "multipleIS.xml";
    protected static String portNumber = "";

    public MultipleIdentityStoreBasicTest() {
        super(myServer, logClass);
        this.queryString = "/" + APP_NAME + "/MultipleISBasicAuthServlet";
        this.name = new TestName();
    }

    @BeforeClass
    public static void setUp() throws Exception {
        portNumber = System.getProperty("ldap.1.port");
        ldapServer = new LocalLdapServer();
        ldapServer.start();
        WCApplicationHelper.addWarToServerApps(myServer, WAR_NAME, true, JAR_NAME, false, "web.jar.base", "web.war.servlets.basic", "web.war.identitystores.ldap.ldap1", "web.war.identitystores.ldap.ldap2", "web.war.identitystores.custom.grouponly", "web.war.identitystores.ldap");
        myServer.setServerConfigurationFile(XML_NAME);
        myServer.startServer(true);
        myServer.addInstalledAppForValidation(APP_NAME);
        urlBase = "http://" + myServer.getHostname() + ":" + myServer.getHttpDefaultPort();
    }

    @AfterClass
    public static void tearDown() throws Exception {
        try {
            myServer.stopServer(new String[0]);
            if (ldapServer != null) {
                ldapServer.stop();
            }
        } catch (Throwable th) {
            if (ldapServer != null) {
                ldapServer.stop();
            }
            throw th;
        }
    }

    @Before
    public void setupConnection() {
        this.httpclient = new DefaultHttpClient();
    }

    @After
    public void cleanupConnection() {
        this.httpclient.getConnectionManager().shutdown();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.ws.security.javaeesec.fat_helper.JavaEESecTestBase
    public String getCurrentTestName() {
        return this.name.getMethodName();
    }

    @Test
    public void testMultipleISBasicAuthWith1stIS_AllowedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        String executeGetRequestBasicAuthCreds = executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, LocalLdapServer.USER1, "s3cur1ty", 200);
        verifyUserResponse(executeGetRequestBasicAuthCreds, "getUserPrincipal().getName(): user1", "getRemoteUser: user1");
        verifyRealm(executeGetRequestBasicAuthCreds, "127.0.0.1:" + portNumber);
        verifyNotInGroups(executeGetRequestBasicAuthCreds, "group:localhost:" + portNumber + "/");
        verifyGroups(executeGetRequestBasicAuthCreds, "group:127.0.0.1:" + portNumber + "/grantedgroup2, group:127.0.0.1:" + portNumber + "/grantedgroup, group:127.0.0.1:" + portNumber + "/group1");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void testMultipleISBasicAuthWith2ndISonly_AllowedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        String executeGetRequestBasicAuthCreds = executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, LocalLdapServer.ANOTHERUSER1, LocalLdapServer.ANOTHERPASSWORD, 200);
        verifyUserResponse(executeGetRequestBasicAuthCreds, "getUserPrincipal().getName(): anotheruser1", "getRemoteUser: anotheruser1");
        verifyRealm(executeGetRequestBasicAuthCreds, "localhost:" + portNumber);
        verifyNotInGroups(executeGetRequestBasicAuthCreds, "group:127.0.0.1:" + portNumber + "/");
        verifyGroups(executeGetRequestBasicAuthCreds, "group:localhost:" + portNumber + "/grantedgroup2, group:localhost:" + portNumber + "/anothergroup1, group:localhost:" + portNumber + "/grantedgroup");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @AllowedFFDC({"javax.naming.AuthenticationException"})
    public void testMultipleISBasicAuthWith1stISfail2ndISsuccess_AllowedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        String executeGetRequestBasicAuthCreds = executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, LocalLdapServer.USER1, LocalLdapServer.ANOTHERPASSWORD, 200);
        verifyUserResponse(executeGetRequestBasicAuthCreds, "getUserPrincipal().getName(): user1", "getRemoteUser: user1");
        verifyRealm(executeGetRequestBasicAuthCreds, "localhost:" + portNumber);
        verifyNotInGroups(executeGetRequestBasicAuthCreds, "group:127.0.0.1:" + portNumber + "/");
        verifyGroups(executeGetRequestBasicAuthCreds, "group:localhost:" + portNumber + "/grantedgroup2, group:localhost:" + portNumber + "/anothergroup1, group:localhost:" + portNumber + "/grantedgroup");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void testMultipleISBasicAuthNoCred_DeniedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        executeGetRequestNoAuthCreds(this.httpclient, urlBase + this.queryString, 401);
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void testMultipleISBasicAuthWith1stISuccess_DeniedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        myServer.setMarkToEndOfLog(new RemoteFile[0]);
        executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, LocalLdapServer.INVALIDUSER, "s3cur1ty", 403);
        verifyMessageReceivedInMessageLog("CWWKS9104A:.*invalidUSER.*grantedgroup");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @AllowedFFDC({"javax.naming.AuthenticationException"})
    public void testMultipleISBasicAuthWith1st2ndFail_DeniedAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        myServer.setMarkToEndOfLog(new RemoteFile[0]);
        executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, LocalLdapServer.USER1, LocalLdapServer.INVALIDPASSWORD, 401);
        verifyMessageReceivedInMessageLog("CWWKS1652A:.*");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }
}
