@Test
public void kerberosTicket() throws Exception {
setupRealmUser();
KerberosContainer kdc = startKdc();
configureSso(kdc, false);
jenkins.logout();
// Get TGT
String tokenCache = kdc.getClientTokenCache();
// Correctly negotiate in browser
FirefoxDriver negotiatingDriver = getNegotiatingFirefox(kdc, tokenCache);
negotiatingDriver.get(jenkins.url("/whoAmI").toExternalForm());
String out = negotiatingDriver.getPageSource();
assertThat(out, containsString(AUTHORIZED));
// The global driver is not configured to do so
jenkins.visit("/whoAmI"); // 401 Unauthorized
assertThat(driver.getPageSource(), not(containsString(AUTHORIZED)));
// Non-negotiating request should fail as well
assertUnauthenticatedRequestIsRejected(getBadassHttpClient());
}
