httpserver/bugs/B6393710.java

0N/A/*
2362N/A * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved.
0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
0N/A *
0N/A * This code is free software; you can redistribute it and/or modify it
0N/A * under the terms of the GNU General Public License version 2 only, as
0N/A * published by the Free Software Foundation.
0N/A *
0N/A * This code is distributed in the hope that it will be useful, but WITHOUT
0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
0N/A * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
0N/A * version 2 for more details (a copy is included in the LICENSE file that
0N/A * accompanied this code).
0N/A *
0N/A * You should have received a copy of the GNU General Public License version
0N/A * 2 along with this work; if not, write to the Free Software Foundation,
0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
0N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
0N/A */
0N/A
0N/A/**
0N/A * @test
0N/A * @bug 6393710
0N/A * @summary  Non authenticated call followed by authenticated call never returns
0N/A */
0N/A
0N/Aimport com.sun.net.httpserver.*;
0N/A
0N/Aimport java.util.*;
0N/Aimport java.util.concurrent.*;
0N/Aimport java.io.*;
0N/Aimport java.net.*;
0N/A
0N/A/*
0N/A * Test checks for following bug(s) when a POST containing a request body
0N/A * needs to be authenticated
0N/A *
0N/A * 1) we were not reading the request body
0N/A *
0N/A * 2) we were not re-enabling the interestops for the socket channel
0N/A */
0N/A
0N/Apublic class B6393710 {
0N/A
0N/A    static String CRLF = "\r\n";
0N/A
0N/A    /* Two post requests containing data. The second one
0N/A     * has the expected authorization credentials
0N/A     */
0N/A    static String cmd =
0N/A        "POST /test/foo HTTP/1.1"+CRLF+
0N/A        "Content-Length: 22"+CRLF+
0N/A        "Pragma: no-cache"+CRLF+
0N/A        "Cache-Control: no-cache"+CRLF+ CRLF+
0N/A        "<item desc=\"excuse\" />"+
0N/A        "POST /test/foo HTTP/1.1"+CRLF+
0N/A        "Content-Length: 22"+CRLF+
0N/A        "Pragma: no-cache"+CRLF+
0N/A        "Authorization: Basic ZnJlZDpmcmVkcGFzc3dvcmQ="+CRLF+
0N/A        "Cache-Control: no-cache"+CRLF+ CRLF+
0N/A        "<item desc=\"excuse\" />";
0N/A
0N/A    public static void main (String[] args) throws Exception {
0N/A        Handler handler = new Handler();
0N/A        InetSocketAddress addr = new InetSocketAddress (0);
0N/A        HttpServer server = HttpServer.create (addr, 0);
0N/A        HttpContext ctx = server.createContext ("/test", handler);
0N/A        ctx.setAuthenticator (new BasicAuthenticator ("test") {
0N/A            public boolean checkCredentials (String user, String pass) {
0N/A                return user.equals ("fred") && pass.equals("fredpassword");
0N/A            }
0N/A        });
0N/A
0N/A        server.start ();
0N/A
0N/A        Socket s = new Socket ("localhost", server.getAddress().getPort());
0N/A        s.setSoTimeout (5000);
0N/A
0N/A        OutputStream os = s.getOutputStream();
0N/A        os.write (cmd.getBytes());
0N/A        InputStream is = s.getInputStream ();
0N/A        try {
0N/A            ok = readAndCheck (is, "401 Unauthorized") &&
0N/A                 readAndCheck (is, "200 OK");
0N/A        } catch (SocketTimeoutException e) {
0N/A            System.out.println ("Did not received expected data");
0N/A            ok = false;
0N/A        } finally {
0N/A            s.close();
0N/A            server.stop(2);
0N/A        }
0N/A
0N/A        if (requests != 1) {
0N/A            throw new RuntimeException ("server handler did not receive the request");
0N/A        }
0N/A        if (!ok) {
0N/A            throw new RuntimeException ("did not get 200 OK");
0N/A        }
0N/A        System.out.println ("OK");
0N/A    }
0N/A
0N/A    /* check for expected string and return true if found in stream */
0N/A
0N/A    static boolean readAndCheck (InputStream is, String expected) throws IOException {
0N/A        int c;
0N/A        int count = 0;
0N/A        int expLen = expected.length();
0N/A        expected = expected.toLowerCase();
0N/A
0N/A        while ((c=is.read()) != -1) {
0N/A            c = Character.toLowerCase (c);
0N/A            if (c == expected.charAt (count)) {
0N/A                count ++;
0N/A                if (count == expLen) {
0N/A                    return true;
0N/A                }
0N/A            } else {
0N/A                count = 0;
0N/A            }
0N/A        }
0N/A        return false;
0N/A    }
0N/A
0N/A    public static boolean ok = false;
0N/A    static int requests = 0;
0N/A
0N/A    static class Handler implements HttpHandler {
0N/A        int invocation = 1;
0N/A        public void handle (HttpExchange t)
0N/A            throws IOException
0N/A        {
0N/A            int count = 0;
0N/A            InputStream is = t.getRequestBody();
0N/A            Headers map = t.getRequestHeaders();
0N/A            Headers rmap = t.getResponseHeaders();
0N/A            while (is.read () != -1) {
0N/A                count ++;
0N/A            }
0N/A            if (count != 22) {
0N/A                System.out.println ("Handler expected 22. got " + count);
0N/A                ok = false;
0N/A            }
0N/A            is.close();
0N/A            t.sendResponseHeaders (200, -1);
0N/A            t.close();
0N/A            requests ++;
0N/A        }
0N/A    }
0N/A}