huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

#8 re-enable and expand NTLM tests.

This commit is contained in:
Chris R 2015-07-10 14:36:39 -07:00
parent 67bd48fab2
commit a7a1ea59bf
2 changed files with 81 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
test/ServerComparison.FunctionalTests/NtlmAuthentationTest.cs
View File

@ -19,9 +19,8 @@ namespace ServerComparison.FunctionalTests
{
[ConditionalTheory, Trait("ServerComparison.FunctionalTests", "ServerComparison.FunctionalTests")]
[OSSkipCondition(OperatingSystems.Linux | OperatingSystems.MacOSX)]
// TODO: Figure out why IISExpress failing
//[InlineData(ServerType.IISExpress, RuntimeFlavor.CoreClr, RuntimeArchitecture.x86, "http://localhost:5050/")]
//[InlineData(ServerType.IISExpress, RuntimeFlavor.Clr, RuntimeArchitecture.x64, "http://localhost:5051/")]
[InlineData(ServerType.IISExpress, RuntimeFlavor.CoreClr, RuntimeArchitecture.x86, "http://localhost:5050/")]
[InlineData(ServerType.IISExpress, RuntimeFlavor.Clr, RuntimeArchitecture.x64, "http://localhost:5051/")]
[InlineData(ServerType.WebListener, RuntimeFlavor.Clr, RuntimeArchitecture.x86, "http://localhost:5052/")]
[InlineData(ServerType.WebListener, RuntimeFlavor.CoreClr, RuntimeArchitecture.x64, "http://localhost:5052/")]
public async Task NtlmAuthentication(ServerType serverType, RuntimeFlavor runtimeFlavor, RuntimeArchitecture architecture, string applicationBaseUrl)
@ -61,14 +60,52 @@ namespace ServerComparison.FunctionalTests
Assert.Equal("Anonymous?True", responseText);
response = await httpClient.GetAsync("/Restricted");
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
Assert.Contains("NTLM", response.Headers.WwwAuthenticate.ToString());
Assert.Contains("Negotiate", response.Headers.WwwAuthenticate.ToString());
response = await httpClient.GetAsync("/RestrictedNTLM");
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
Assert.Contains("NTLM", response.Headers.WwwAuthenticate.ToString());
// Note IIS can't restrict a challenge to a specific auth type, the native auth modules always add themselves.
// However WebListener can.
if (serverType == ServerType.WebListener)
{
Assert.DoesNotContain("Negotiate", response.Headers.WwwAuthenticate.ToString());
}
else if (serverType == ServerType.IISExpress)
{
Assert.Contains("Negotiate", response.Headers.WwwAuthenticate.ToString());
}
response = await httpClient.GetAsync("/Forbidden");
Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode);
httpClientHandler = new HttpClientHandler() { UseDefaultCredentials = true };
httpClient = new HttpClient(httpClientHandler) { BaseAddress = new Uri(deploymentResult.ApplicationBaseUri) };
response = await httpClient.GetAsync("/AutoForbid");
Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode);
responseText = await httpClient.GetStringAsync("/Restricted");
Assert.Equal("NotAnonymous", responseText);
Assert.Equal("Negotiate", responseText);
responseText = await httpClient.GetStringAsync("/RestrictedNegotiate");
Assert.Equal("Negotiate", responseText);
if (serverType == ServerType.WebListener)
{
responseText = await httpClient.GetStringAsync("/RestrictedNTLM");
Assert.Equal("NTLM", responseText);
}
else if (serverType == ServerType.IISExpress)
{
response = await httpClient.GetAsync("/RestrictedNTLM");
// This isn't a Forbidden because we authenticate with Negotiate and challenge for NTLM.
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
// Note IIS can't restrict a challenge to a specific auth type, the native auth modules always add themselves,
// so both Negotiate and NTLM get sent again.
}
}
catch (XunitException)
{

43
test/ServerComparison.TestSites/StartupNtlmAuthentication.cs
View File

@ -53,21 +53,22 @@ namespace ServerComparison.TestSites
if ((app.Server as ServerInformation) != null)
{
var serverInformation = (ServerInformation)app.Server;
serverInformation.Listener.AuthenticationManager.AuthenticationSchemes = AuthenticationSchemes.NTLM | AuthenticationSchemes.AllowAnonymous;
serverInformation.Listener.AuthenticationManager.AuthenticationSchemes =
AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | AuthenticationSchemes.AllowAnonymous;
}
app.Use((context, next) =>
{
if (context.Request.Path.Equals(new PathString("/Anonymous")))
if (context.Request.Path.Equals("/Anonymous"))
{
return context.Response.WriteAsync("Anonymous?" + !context.User.Identity.IsAuthenticated);
}
if (context.Request.Path.Equals(new PathString("/Restricted")))
if (context.Request.Path.Equals("/Restricted"))
{
if (context.User.Identity.IsAuthenticated)
{
return context.Response.WriteAsync("NotAnonymous");
return context.Response.WriteAsync(context.User.Identity.AuthenticationType);
}
else
{
@ -75,6 +76,40 @@ namespace ServerComparison.TestSites
}
}
if (context.Request.Path.Equals("/Forbidden"))
{
return context.Authentication.ForbidAsync(string.Empty);
}
if (context.Request.Path.Equals("/AutoForbid"))
{
return context.Authentication.ChallengeAsync();
}
if (context.Request.Path.Equals("/RestrictedNegotiate"))
{
if (string.Equals("Negotiate", context.User.Identity.AuthenticationType, System.StringComparison.Ordinal))
{
return context.Response.WriteAsync("Negotiate");
}
else
{
return context.Authentication.ChallengeAsync("Negotiate");
}
}
if (context.Request.Path.Equals("/RestrictedNTLM"))
{
if (string.Equals("NTLM", context.User.Identity.AuthenticationType, System.StringComparison.Ordinal))
{
return context.Response.WriteAsync("NTLM");
}
else
{
return context.Authentication.ChallengeAsync("NTLM");
}
}
return context.Response.WriteAsync("Hello World");
});
}