[securityfilter-cvs] securityfilter/src/test/org/securityfilter/test/http/form NoAuthNoSessionTest.java,NONE,1.1 NoAuthSessionTest.java,1.1,NONE

[Max C. <max...@us...>]

Update of /cvsroot/securityfilter/securityfilter/src/test/org/securityfilter/test/http/form
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30618/src/test/org/securityfilter/test/http/form

Added Files:
	NoAuthNoSessionTest.java 
Removed Files:
	NoAuthSessionTest.java 
Log Message:
bug#1056920: renamed unit test class and method names, again

--- NEW FILE: NoAuthNoSessionTest.java ---
/*
 * $Header$
 * $Revision$
 * $Date$
 *
 * ====================================================================
 * The SecurityFilter Software License, Version 1.1
 *
 * (this license is derived and fully compatible with the Apache Software
 * License - see http://www.apache.org/LICENSE.txt)
 *
 * Copyright (c) 2002 SecurityFilter.org. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. The end-user documentation included with the redistribution,
 *    if any, must include the following acknowledgment:
 *       "This product includes software developed by
 *        SecurityFilter.org (http://www.securityfilter.org/)."
 *    Alternately, this acknowledgment may appear in the software itself,
 *    if and wherever such third-party acknowledgments normally appear.
 *
 * 4. The name "SecurityFilter" must not be used to endorse or promote
 *    products derived from this software without prior written permission.
 *    For written permission, please contact li...@se... .
 *
 * 5. Products derived from this software may not be called "SecurityFilter",
 *    nor may "SecurityFilter" appear in their name, without prior written
 *    permission of SecurityFilter.org.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL THE SECURITY FILTER PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * ====================================================================
 */

package org.securityfilter.test.http.form;

import org.securityfilter.test.http.TestBase;

import com.meterware.httpunit.GetMethodWebRequest;
import com.meterware.httpunit.WebRequest;

/**
 * NoAuthNoSessionTest - Ensure that SecurityFilter does not create a session when accessing unsecured pages.
 * 
 * Bug report:
 * http://sourceforge.net/tracker/index.php?func=detail&aid=1056920&group_id=59484&atid=491164
 *
 * @author Max Cooper (ma...@ma...)
 * @version $Revision$ $Date$
 */
public class NoAuthNoSessionTest extends TestBase {
   /**
    * Constructor
    *
    * @param name
    */
   public NoAuthNoSessionTest(String name) {
      super(name);
   }

   /**
    * Test for session cookie on index page. There should be no session cookie.
    * 
    * @throws Exception
    */
   public void testNoAuthNoSessionForUnsecured() throws Exception {
	   
      WebRequest request = new GetMethodWebRequest(baseUrl + "/index.jsp");
      session.getResponse(request);
      
      // Check that there is no session ID
      String sessionId = session.getCookieValue("JSESSIONID");
      assertNull("Got session for non-authenticated index page", sessionId);
   }

   /**
    * Test for session cookie on direct access of login page. There should be no session cookie.
    * 
    * @throws Exception
    */
   public void testNoAuthNoSessionForLoginPage() throws Exception {
      
      WebRequest request = new GetMethodWebRequest(baseUrl + "/loginForm.jsp");
      session.getResponse(request);
      
      // Check that there is no session ID
      String sessionId = session.getCookieValue("JSESSIONID");
      assertNull("Got session for non-authenticated login page", sessionId);
   }
}

--- NoAuthSessionTest.java DELETED ---