/** * Expects that a ConfigurationException is thrown as the policy is not configured correctly. * * @throws Throwable */ @Test(expected = InvalidConfigurationException.class) @Configuration(EMPTY_CONFIG) @BackEndApi(RequiresAuthHeaderBackEndApi.class) public void testAuthenticatedRequestExceptionEmptyConfig() throws Throwable { // test data - session expires in 60s final Session originalSession = CommonTestUtil.insertTestSession(60, true); // send request with cookie final PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, RESOURCE); request.header(Constants.HEADER_COOKIE, CommonTestUtil.buildCookieHeader(originalSession)); send(request); fail(InvalidConfigurationException.class + " expected"); }
/** * Send the request and expect a 401 Unauthorized response, and for session data to remain * unchanged. * * @param request the service request * @param originalSession the Session state before the request is made * @throws Throwable */ private void sendAndExpect401(PolicyTestRequest request, Session originalSession) throws Throwable { try { send(request); fail(PolicyFailureError.class + " expected"); } catch (PolicyFailureError failure) { assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, failure.getFailure().getFailureCode()); assertEquals(PolicyFailureType.Authentication, failure.getFailure().getType()); // verify the session data in the shared state has not changed final Session updatedSession = CommonTestUtil.fetchSession(originalSession.getSessionId()); assertNotNull(updatedSession); assertEquals(originalSession.getSessionId(), updatedSession.getSessionId()); // verify expiry not updated assertEquals(originalSession.getExpires(), updatedSession.getExpires()); } }