UW Spring Security sample web application.

• Required authentication
• Lazy authentication
• Lazy with "ignorepreauth"

Test Cases

local-users

Start VM eith 'mvn clean install jetty:run', visit http://localhost:8080/.

1. Click 'Lazy authentication', expect "anonymousUser".
2. Visit http://localhost:8080/index.html. Click 'Lazy with "ignorepreauth"', expect "anonymousUser".
3. Visit http://localhost:8080/index.html. Click /required, expect login form. Enter credentials, submit, and expect JSON object representing current UWUserDetails.

preauth

Start VM with 'mvn clean install jetty:run -P preauth', visit http://localhost:8080/.

1. Click 'Lazy with "ignorepreauth"', expect "anonymousUser".
2. Visit http://localhost:8080/index.html. Click 'Lazy authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'. Since at least 1.6.0 this has been returning "anonymousUser" instead. Requires additional investigation to determine if there is a bug here.
3. Visit http://localhost:8080/index.html. Click 'Required authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'. Since at least 1.6.0 this has been failing with "Access denied". Requires additional investigation to determine if there is a bug here.

combined

Start VM eith 'mvn clean install jetty:run -P combined', visit http://localhost:8080/.

Note that with the 'combined' test here, we have nothing providing preauthentication attributes, so the app falls back to local-users forms. To see combined with something that provides preauthentication attributes, see the 'combined-simulate-netid' test.

1. Click 'Lazy authentication', expect "anonymousUser".
2. Visit http://localhost:8080/index.html. Click 'Lazy with "ignorepreauth"', expect "anonymousUser".
3. Visit http://localhost:8080/index.html. Click /required, expect login form. Enter credentials, submit, and expect JSON object representing current UWUserDetails.

combined-simulate-netid

Start VM with 'mvn clean install jetty:run -P combined-simulate-netid', visit http://localhost:8080/.

1. Click 'Lazy with "ignorepreauth"', expect "anonymousUser".
2. Visit http://localhost:8080/index.html. Click 'Lazy authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'. Confirm 'source' attribute is 'preauth'.
3. Visit http://localhost:8080/index.html. Click 'Required authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'. Confirm 'source' attribute is 'preauth'.

combined-simulate-federation

Start VM with 'mvn clean install jetty:run -P combined-simulate-federation', visit http://localhost:8080/.

1. Click 'Lazy with "ignorepreauth"', expect "anonymousUser".
2. Visit http://localhost:8080/index.html. Click 'Lazy authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'. Confirm 'source' attribute is 'edu.wisc.uwss.preauth.federation'.
3. Visit http://localhost:8080/index.html. Click 'Required authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'. Confirm 'source' attribute is 'edu.wisc.uwss.preauth.federation'.